Dobrý den, stáhli se mi do počítače nějaké čínské programy a nejde je pomocí správy programů najít, ani odinstalovat. Prosím Vás o pomoc a předem děkuji za ochotu.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Ladislav (administrator) on LADISLAV-HP (06-04-2016 10:02:56)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE [362304 2016-03-31] (Tencent)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [tsiVideo] => C:\Windows\SysWOW64\rundll32.exe C:\Users\Ladislav\AppData\Local\Temp\mdi064.dll,quardin <===== ATTENTION
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2012-11-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3318193A-170E-4A79-8F72-B4BE5D9D3136}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FD5BDF0B-4A81-4AA4-BAD3-014C12403F4D}: [NameServer] 82.163.143.177,82.163.142.179
Internet Explorer:
==================
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {BF719C4E-2EA1-4CD7-97CC-4484DDC835E8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat [2016-03-31] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\npQMExtensionsMozilla.dll [2016-03-31] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM6Vd_PKcKo8wex1YCYCw
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Like) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmdfldoaocolmibeehmndgcmlbidppj [2016-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-21]
CHR Extension: (iLivid) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-04-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (电脑管家上网防护) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe [313936 2016-03-31] (Tencent)
U2 QQRepair155e; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair155e [136512 2016-04-06] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [136512 2016-04-06] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2793568 2011-02-25] (Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [415744 2011-07-12] (Huawei Technologies Co., Ltd.)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUdisk64.sys [184536 2016-03-02] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQSysMonX64.sys [152184 2016-03-31] (电脑管家)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\softaal64.sys [44664 2016-03-31] (Tencent)
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [168568 2016-04-06] ()
R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [101472 2016-03-15] (Tencent)
R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [147576 2016-03-31] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [97400 2016-03-31] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TS888x64.sys [38520 2016-04-06] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSDefenseBT64.sys [28984 2016-03-31] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [57976 2016-03-31] ()
R3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [54904 2016-03-16] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSSysKit64.sys [96888 2016-03-31] (电脑管家)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe
2016-04-06 10:02 - 2016-04-06 10:03 - 00019089 _____ C:\Users\Ladislav\Desktop\FRST.txt
2016-04-06 10:02 - 2016-04-06 10:02 - 00000000 ____D C:\FRST
2016-04-06 09:59 - 2016-04-06 09:59 - 02374144 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2016-04-05 15:33 - 2016-04-05 15:33 - 00688685 _____ C:\Users\Ladislav\Downloads\DPTX_2006_2_11210_ASZK10001_106609_0_27875 (1).pdf
2016-04-05 13:09 - 2016-04-05 13:09 - 00000414 _____ C:\Users\Ladislav\Downloads\priloha
2016-04-02 14:52 - 2016-04-02 14:52 - 00000256 _____ C:\Users\Ladislav\Downloads\_Certification_.htm
2016-04-01 14:06 - 2016-04-01 14:06 - 00019630 _____ C:\Users\Ladislav\Documents\cc_20160401_140605.reg
2016-04-01 14:06 - 2016-04-01 14:06 - 00004716 _____ C:\Users\Ladislav\Documents\cc_20160401_140621.reg
2016-04-01 14:05 - 2016-04-06 09:23 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-04-01 13:47 - 2016-04-06 09:23 - 00038520 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2016-03-31 19:20 - 2016-04-06 09:23 - 00000000 ____D C:\ProgramData\TXQMPC
2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:20 - 2016-03-31 19:20 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-03-31 19:20 - 2016-03-31 19:19 - 00147576 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2016-03-31 19:20 - 2016-03-15 17:28 - 00101472 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2016-03-31 19:19 - 2016-04-06 09:46 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent
2016-03-31 19:19 - 2016-04-01 14:00 - 00000000 ____D C:\ProgramData\Tencent
2016-03-31 19:19 - 2016-03-31 19:19 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-31 19:19 - 2016-03-16 12:57 - 00054904 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-31 19:17 - 2016-03-31 19:17 - 00000000 ____D C:\ProgramData\e7a5b829-6533-1
2016-03-31 19:17 - 2016-03-31 19:17 - 00000000 ____D C:\ProgramData\e7a5b829-49f7-0
2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen
2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip
2016-03-31 19:16 - 2016-03-31 19:16 - 00003644 _____ C:\Windows\System32\Tasks\Imperia Online W4
2016-03-31 19:16 - 2016-03-31 19:16 - 00003644 _____ C:\Windows\System32\Tasks\Imperia Online W3
2016-03-31 19:16 - 2016-03-31 19:16 - 00002274 _____ C:\Users\Ladislav\Desktop\Imperia Online.lnk
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-31 19:14 - 2016-03-31 19:14 - 05096956 _____ C:\Users\Ladislav\Downloads\Lego.Star.Wars.Iii.The.Clone.W.keygen.exe.zip
2016-03-26 16:18 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-03-26 16:17 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-03-26 16:17 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-03-26 16:17 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-03-26 16:17 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-26 16:17 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-03-26 16:17 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-03-26 16:17 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-03-26 16:17 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-03-26 16:17 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-03-26 16:17 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-03-26 16:17 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-03-26 16:17 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-03-26 12:04 - 2016-03-26 12:06 - 00000000 ____D C:\Users\Ladislav\Desktop\Movie
2016-03-26 11:59 - 2016-03-26 11:59 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Disc_Soft_Ltd
2016-03-26 11:55 - 2016-03-26 12:01 - 00000000 ____D C:\Users\Ladislav\Downloads\Deadpool.2016.HC.HDRip.XviD.AC3-EVO
2016-03-26 10:04 - 2016-03-26 10:04 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\.mono
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\ProgramData\.mono
2016-03-26 09:14 - 2016-03-26 11:54 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-03-25 11:27 - 2016-04-01 14:07 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:14 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:13 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-03-25 11:27 - 2016-03-25 11:27 - 00001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-03-25 11:17 - 2016-03-25 11:17 - 00690448 _____ (Disc Soft Ltd.) C:\Users\Ladislav\Downloads\DTLiteInstaller.exe
2016-03-25 11:08 - 2016-03-25 11:17 - 00000000 ____D C:\Users\Ladislav\Downloads\Focus.2015.480p.BDRip.XviD.DD5.1.CZ-HiDE
2016-03-22 19:22 - 2016-03-23 14:52 - 00000000 ____D C:\Users\Ladislav\Downloads\LEGO.Star.Wars.III.The.Clone.Wars-SKIDROW
2016-03-22 15:35 - 2016-03-22 15:40 - 978824184 _____ C:\Users\Ladislav\Downloads\Sbohem, baby.2007.avi
2016-03-22 11:29 - 2016-03-22 11:43 - 1700850782 _____ C:\Users\Ladislav\Downloads\Fair Play (2014)(CZ).avi
2016-03-22 11:29 - 2016-03-22 11:34 - 1132343703 _____ C:\Users\Ladislav\Downloads\Bad Hair Day.mkv
2016-03-20 09:25 - 2016-03-20 09:25 - 00248464 _____ C:\Users\Ladislav\Downloads\Plan_skolnich_projektu_11-12.pdf
2016-03-20 09:15 - 2016-03-20 09:15 - 00978750 _____ C:\Users\Ladislav\Downloads\Casopis_ABCD.pdf
2016-03-20 08:27 - 2016-03-20 08:27 - 00195725 _____ C:\Users\Ladislav\Downloads\36-zaver.pdf
2016-03-20 08:14 - 2016-03-20 08:14 - 00436866 _____ C:\Users\Ladislav\Downloads\35-lekce-10.pdf
2016-03-20 08:09 - 2016-03-20 08:09 - 00332965 _____ C:\Users\Ladislav\Downloads\34-lekce-9.pdf
2016-03-20 08:05 - 2016-03-20 08:05 - 00315648 _____ C:\Users\Ladislav\Downloads\33-lekce-8.pdf
2016-03-20 08:02 - 2016-03-20 08:02 - 00330612 _____ C:\Users\Ladislav\Downloads\32-lekce-7.pdf
2016-03-20 07:59 - 2016-03-20 07:59 - 00251825 _____ C:\Users\Ladislav\Downloads\31-lekce-6.pdf
2016-03-20 07:51 - 2016-03-20 07:51 - 00501229 _____ C:\Users\Ladislav\Downloads\24-kudy-v-mozku-doplnujici-text.pdf
2016-03-20 07:40 - 2016-03-20 07:40 - 00334741 _____ C:\Users\Ladislav\Downloads\30-lekce-5.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00498023 _____ C:\Users\Ladislav\Downloads\27-lekce-2.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00355373 _____ C:\Users\Ladislav\Downloads\28-lekce-3.pdf
2016-03-20 07:20 - 2016-03-20 07:20 - 00318687 _____ C:\Users\Ladislav\Downloads\37-informace-o-kurzu.pdf
2016-03-20 07:17 - 2016-03-20 07:17 - 00381262 _____ C:\Users\Ladislav\Downloads\26-lekce-1.pdf
2016-03-20 06:13 - 2016-03-20 06:13 - 00003836 _____ C:\Users\Ladislav\Downloads\smime.p7s
2016-03-13 20:35 - 2016-03-13 20:38 - 00000000 ____D C:\Users\Ladislav\Downloads\American.Ultra.2015.BRRip.XviD.CZ-PiRaTE
2016-03-11 11:17 - 2016-03-11 11:17 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Kastner software
2016-03-11 11:17 - 2016-03-11 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2016-03-11 11:17 - 2016-03-11 11:17 - 00000000 ____D C:\ProgramData\KASTNER software
2016-03-11 11:17 - 2016-03-11 11:17 - 00000000 ____D C:\Program Files (x86)\KASTNER software
2016-03-11 11:16 - 2016-03-11 11:16 - 00415928 _____ (Kastner software s.r.o. ) C:\Users\Ladislav\Downloads\FORMstudio-nb_06ZadOVydRP.exe
2016-03-11 11:16 - 2016-03-11 11:16 - 00415928 _____ (Kastner software s.r.o. ) C:\Users\Ladislav\Downloads\FORMstudio-nb_06ZadORidOpr.exe
2016-03-09 18:12 - 2016-03-09 18:12 - 00053637 _____ C:\Users\Ladislav\Downloads\Vypis_z_uctu-2000807874_20151001-20151031_cislo-4.pdf
2016-03-09 18:10 - 2016-03-09 18:10 - 00051550 _____ C:\Users\Ladislav\Downloads\Vypis_z_uctu-2000807874_20150901-20150930_cislo-3.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-06 09:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-06 09:32 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-06 09:32 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-06 09:28 - 2011-05-10 01:48 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-04-06 09:28 - 2011-05-10 01:48 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-04-06 09:28 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-06 09:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-06 09:23 - 2014-12-16 14:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-06 09:23 - 2011-05-09 16:24 - 00000000 ____D C:\ProgramData\PDFC
2016-04-06 09:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-05 22:02 - 2014-12-16 14:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-05 15:30 - 2016-01-16 14:32 - 00000000 ____D C:\Users\Ladislav\Desktop\Finále
2016-04-03 18:27 - 2016-01-03 10:13 - 00000000 ____D C:\Users\Ladislav\Desktop\BAKALÁŘKA
2016-04-03 09:16 - 2015-06-21 15:52 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-02 12:55 - 2012-04-17 23:01 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-01 14:07 - 2014-12-05 16:12 - 00000000 ____D C:\Users\Ladislav\AppData\Local\CrashDumps
2016-04-01 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Opera Software
2016-04-01 14:01 - 2015-06-21 15:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-01 14:01 - 2012-02-17 23:26 - 00001393 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 13:51 - 2011-05-09 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:47 - 2012-02-17 23:24 - 00109688 _____ C:\Users\Ladislav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-01 13:46 - 2009-07-14 06:45 - 00409920 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-31 15:19 - 2014-12-16 14:48 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 15:19 - 2014-12-16 14:48 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-29 11:58 - 2015-05-26 21:34 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Battle.net
2016-03-29 11:09 - 2015-05-26 21:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-27 14:26 - 2015-06-09 19:50 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-03-26 16:18 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-26 12:01 - 2016-02-29 15:05 - 00000000 ____D C:\Users\Ladislav\Desktop\kubca
2016-03-26 09:14 - 2015-06-21 15:52 - 00003964 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-03-26 09:13 - 2015-06-21 15:51 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-26 09:13 - 2015-06-21 15:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-25 11:20 - 2015-06-05 18:49 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-03-25 11:19 - 2015-06-13 22:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-03-13 17:10 - 2015-11-20 08:25 - 00000000 ____D C:\Users\Ladislav\Desktop\Odevzdané materiály
==================== Files in the root of some directories =======
2016-03-31 19:20 - 2016-03-31 19:20 - 0005120 _____ () C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2015-06-13 11:49 - 2015-06-13 11:49 - 0007637 _____ () C:\Users\Ladislav\AppData\Local\Resmon.ResmonCfg
2016-02-27 02:18 - 2016-02-27 02:18 - 0000000 _____ () C:\Users\Ladislav\AppData\Local\{1572A71C-E01C-4DEE-BB75-616336F64497}
Some files in TEMP:
====================
C:\Users\Ladislav\AppData\Local\Temp\qqpcmgr_v11.4.17347.218_123112050_Silence.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-31 17:55
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nežádoucí programy v PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nežádoucí programy v PC
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladislav at 2016-04-06 10:12:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 231 GB (50%) free of 461 GB
Total RAM: 3948 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:49, on 6.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladislav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ic-0.2128a7f97d71cc.exe -start] C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\Ladislav\AppData\Local\Temp\mdi064.dll,quardin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD5BDF0B-4A81-4AA4-BAD3-014C12403F4D}: NameServer = 82.163.143.177,82.163.142.179
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
O23 - Service: QQRepair155e - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepairFixSVC - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10842 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRtp.exe" -r
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2336
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /elevated /regrun
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {9BDB0AD0-3A3D-4B5B-BC5C-28E825632A71}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe" /regrun /elevated
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: Off
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1294301931</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Windows\system32\wuauclt.exe"
"c:\program files\windows defender\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob
\??\C:\Windows\system32\conhost.exe "9434351191942510159-2097830539574155565-2130617256888964090-9757560101795426991
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.110 --handshake-handle=0xd0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3812.0.1714814881\2133190591" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.1.1071416022\790331052" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.2.1878540523\1177804668" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.6.753661562\1056163260" /prefetch:1
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe" --parent-window=0 chrome-extension://ooebklgpfnbcnpokahmdidgbmlcdepkm/ < \\.\pipe\chrome.nativeMessaging.in.769d16616c29c751 > \\.\pipe\chrome.nativeMessaging.out.769d16616c29c751
\??\C:\Windows\system32\conhost.exe "51470204379892796-74864797212346506912116792277896447602-1310476173-1080615359
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.8.150911209\1378863476" /prefetch:1
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe" --parent-window=0 chrome-extension://ooebklgpfnbcnpokahmdidgbmlcdepkm/
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3812.11.308819799\461577141" --ppapi-flash-args --lang=cs --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.13.1405497296\241384079" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.18.1723067812\1143113561" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.20.204537310\260586734" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.21.1175763328\722006522" /prefetch:1
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.22.1438402268\1665423879" /prefetch:1
"C:\Users\Ladislav\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe -check pepperplugin
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat [2016-03-31 422592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-09 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 2480936]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-03-01 4290240]
"tsiVideo"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"ic-0.2128a7f97d71cc.exe -start"=C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start []
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE [2016-03-31 362304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-06 10:12:45 ----D---- C:\Program Files\trend micro
2016-04-06 10:12:44 ----D---- C:\rsit
2016-04-06 10:02:20 ----D---- C:\FRST
2016-04-01 13:47:16 ----A---- C:\Windows\SYSWOW64\drivers\TS888x64.sys
2016-03-31 19:20:43 ----A---- C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:20:34 ----A---- C:\Windows\system32\drivers\TAOKernel64.sys
2016-03-31 19:20:34 ----A---- C:\Windows\system32\drivers\TAOAccelerator64.sys
2016-03-31 19:20:20 ----D---- C:\Program Files\Common Files\Tencent
2016-03-31 19:20:15 ----D---- C:\ProgramData\TXQMPC
2016-03-31 19:19:46 ----A---- C:\Windows\system32\drivers\TSSKX64.sys
2016-03-31 19:19:26 ----A---- C:\Windows\system32\drivers\TFsFltX64.sys
2016-03-31 19:19:11 ----D---- C:\Program Files (x86)\Tencent
2016-03-31 19:19:04 ----D---- C:\Users\Ladislav\AppData\Roaming\Tencent
2016-03-31 19:19:03 ----D---- C:\ProgramData\Tencent
2016-03-31 19:18:23 ----D---- C:\ProgramData\Thunder Network
2016-03-31 19:17:31 ----D---- C:\ProgramData\e7a5b829-6533-1
2016-03-31 19:17:31 ----D---- C:\ProgramData\e7a5b829-49f7-0
2016-03-31 19:16:13 ----D---- C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-26 16:18:02 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-03-26 16:18:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-03-26 16:18:02 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-03-26 16:18:02 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-03-26 16:17:59 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-03-26 16:17:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-03-26 16:17:59 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-03-26 16:17:59 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-03-26 16:17:58 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-03-26 16:17:58 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-03-26 16:17:58 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-03-26 16:17:58 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-03-26 16:17:55 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-03-26 16:17:55 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-03-26 16:17:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-03-26 16:17:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-03-26 16:17:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-03-26 16:17:52 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-03-26 16:17:45 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-03-26 16:17:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-03-26 16:17:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-03-26 16:17:44 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-03-26 16:17:44 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-03-26 16:17:44 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-03-26 16:17:41 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-03-26 16:17:41 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-03-26 16:17:41 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-03-26 16:17:41 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-03-26 16:17:40 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-03-26 16:17:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-03-26 16:17:40 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-03-26 16:17:40 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-03-26 16:17:39 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-03-26 16:17:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-03-26 16:17:39 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-03-26 16:17:39 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-03-26 16:17:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-03-26 16:17:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-03-26 16:17:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-03-26 16:17:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-03-26 16:17:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-03-26 16:17:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-03-26 16:17:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-03-26 16:17:31 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-03-26 16:17:31 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-03-26 16:17:29 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-03-26 16:17:29 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-03-26 16:17:27 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-03-26 16:17:27 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\xinput1_3.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-03-26 16:17:23 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-03-26 16:17:23 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-03-26 16:17:23 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-03-26 16:17:23 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-03-26 16:17:22 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-03-26 16:17:22 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-03-26 16:17:22 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-03-26 16:17:22 ----A---- C:\Windows\system32\d3dx10.dll
2016-03-26 16:17:20 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-03-26 16:17:20 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-03-26 16:17:19 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-03-26 16:17:19 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-03-26 16:17:19 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-03-26 16:17:19 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\xinput1_2.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-03-26 16:17:16 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-03-26 16:17:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-03-26 16:17:15 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-03-26 16:17:15 ----A---- C:\Windows\system32\xinput1_1.dll
2016-03-26 16:17:14 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-03-26 16:17:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-03-26 16:17:10 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-03-26 16:17:10 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-03-26 16:17:09 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-03-26 16:17:08 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-03-26 16:17:08 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-03-26 16:17:08 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-03-26 16:17:08 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-03-26 16:17:07 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-03-26 16:17:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-03-26 16:17:07 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-03-26 16:17:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-03-26 16:17:06 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-03-26 16:17:06 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-03-26 16:17:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-03-26 16:17:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-03-26 09:35:11 ----D---- C:\Users\Ladislav\AppData\Roaming\.mono
2016-03-26 09:35:11 ----D---- C:\ProgramData\.mono
2016-03-26 09:14:46 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-03-25 11:27:16 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2016-03-25 11:27:13 ----D---- C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-03-25 11:27:08 ----D---- C:\Program Files\DAEMON Tools Lite
2016-03-25 11:27:05 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-03-11 11:17:28 ----D---- C:\Users\Ladislav\AppData\Roaming\Kastner software
2016-03-11 11:17:15 ----D---- C:\ProgramData\KASTNER software
2016-03-11 11:17:15 ----D---- C:\Program Files (x86)\KASTNER software
======List of files/folders modified in the last 1 month======
2016-04-06 10:12:45 ----RD---- C:\Program Files
2016-04-06 10:04:22 ----D---- C:\Windows\Prefetch
2016-04-06 10:04:22 ----D---- C:\Windows
2016-04-06 09:37:50 ----D---- C:\Windows\system32\config
2016-04-06 09:37:32 ----D---- C:\Windows\tracing
2016-04-06 09:28:51 ----D---- C:\Windows\System32
2016-04-06 09:28:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-06 09:28:50 ----D---- C:\Windows\inf
2016-04-06 09:25:19 ----A---- C:\Windows\SYSWOW64\log.txt
2016-04-06 09:24:29 ----D---- C:\Windows\Temp
2016-04-06 09:23:16 ----D---- C:\ProgramData\PDFC
2016-04-05 13:24:07 ----HD---- C:\ProgramData
2016-04-04 13:11:38 ----D---- C:\Windows\system32\Tasks
2016-04-02 12:55:14 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-01 14:23:27 ----D---- C:\Windows\system32\DriverStore
2016-04-01 14:23:27 ----D---- C:\Windows\system32\drivers
2016-04-01 14:21:44 ----D---- C:\Windows\system32\LogFiles
2016-04-01 14:07:45 ----D---- C:\Windows\Logs
2016-04-01 14:04:44 ----D---- C:\Windows\system32\NDF
2016-04-01 14:01:57 ----D---- C:\Program Files (x86)
2016-04-01 14:01:39 ----D---- C:\Program Files (x86)\Opera
2016-04-01 14:01:15 ----D---- C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 13:57:01 ----D---- C:\Windows\SysWOW64
2016-04-01 13:51:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:51:44 ----SHD---- C:\Windows\Installer
2016-04-01 13:51:23 ----D---- C:\Windows\system32\zh-TW
2016-04-01 13:51:23 ----D---- C:\Windows\system32\zh-CN
2016-04-01 13:51:23 ----D---- C:\Windows\system32\tr-TR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\sv-SE
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ru-RU
2016-04-01 13:51:23 ----D---- C:\Windows\system32\pt-PT
2016-04-01 13:51:23 ----D---- C:\Windows\system32\pl-PL
2016-04-01 13:51:23 ----D---- C:\Windows\system32\nl-NL
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ko-KR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ja-JP
2016-04-01 13:51:23 ----D---- C:\Windows\system32\it-IT
2016-04-01 13:51:23 ----D---- C:\Windows\system32\hu-HU
2016-04-01 13:51:23 ----D---- C:\Windows\system32\fr-FR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\fi-FI
2016-04-01 13:51:23 ----D---- C:\Windows\system32\es-ES
2016-04-01 13:51:23 ----D---- C:\Windows\system32\en-US
2016-04-01 13:51:23 ----D---- C:\Windows\system32\el-GR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\de-DE
2016-04-01 13:51:23 ----D---- C:\Windows\system32\da-DK
2016-04-01 13:51:23 ----D---- C:\Windows\system32\cs-CZ
2016-04-01 13:47:16 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-31 19:21:24 ----SHD---- C:\System Volume Information
2016-03-31 19:20:20 ----D---- C:\Program Files\Common Files
2016-03-31 19:19:46 ----RSD---- C:\Windows\Fonts
2016-03-31 19:19:25 ----D---- C:\Program Files (x86)\Common Files
2016-03-29 11:09:12 ----D---- C:\Program Files (x86)\Battle.net
2016-03-27 14:26:27 ----D---- C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-03-26 16:17:14 ----RSD---- C:\Windows\assembly
2016-03-26 16:17:12 ----D---- C:\Windows\Microsoft.NET
2016-03-26 09:14:14 ----D---- C:\Windows\Tasks
2016-03-26 09:13:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 11:20:09 ----D---- C:\Program Files (x86)\Heroes of the Storm
2016-03-25 11:19:25 ----D---- C:\Program Files (x86)\Hearthstone
2016-03-20 06:13:11 ----SD---- C:\Users\Ladislav\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUdisk64.sys [2016-03-02 184536]
R1 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\softaal64.sys [2016-03-31 44664]
R1 SRepairDrv;SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [2016-04-06 168568]
R1 TAOKernelDriver;Tencent Auto Optimize Platform.; \??\C:\Windows\system32\Drivers\TAOKernel64.sys [2016-03-31 147576]
R1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSDefenseBT64.sys [2016-03-31 28984]
R1 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSSysKit64.sys [2016-03-31 96888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQSysMonX64.sys [2016-03-31 152184]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [2016-03-31 57976]
R3 AR5416;Atheros Wireless Adapter Service; C:\Windows\system32\DRIVERS\athwx.sys [2011-02-25 2793568]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-02-09 31088]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-03-26 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-03-26 47672]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 86016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1402416]
R3 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\Windows\system32\Drivers\TAOAccelerator64.sys [2016-03-15 101472]
R3 TFsFlt;TFsFlt; C:\Windows\system32\Drivers\TFsFltX64.sys [2016-03-31 97400]
R3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TS888x64.sys [2016-04-06 38520]
R3 TSSKX64;TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [2016-03-16 54904]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-07-12 415744]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-07-12 220032]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 113792]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe [2016-03-31 313936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-03-01 1444544]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 QQRepair155e;QQRepair155e; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair155e [2016-04-06 136512]
S2 QQRepairFixSVC;QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [2016-04-06 136512]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-25 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladislav at 2016-04-06 10:12:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 231 GB (50%) free of 461 GB
Total RAM: 3948 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:49, on 6.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladislav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ic-0.2128a7f97d71cc.exe -start] C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\Ladislav\AppData\Local\Temp\mdi064.dll,quardin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD5BDF0B-4A81-4AA4-BAD3-014C12403F4D}: NameServer = 82.163.143.177,82.163.142.179
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
O23 - Service: QQRepair155e - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepairFixSVC - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10842 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRtp.exe" -r
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2336
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /elevated /regrun
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {9BDB0AD0-3A3D-4B5B-BC5C-28E825632A71}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe" /regrun /elevated
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: Off
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1294301931</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Windows\system32\wuauclt.exe"
"c:\program files\windows defender\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob
\??\C:\Windows\system32\conhost.exe "9434351191942510159-2097830539574155565-2130617256888964090-9757560101795426991
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.110 --handshake-handle=0xd0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3812.0.1714814881\2133190591" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.1.1071416022\790331052" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.2.1878540523\1177804668" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.6.753661562\1056163260" /prefetch:1
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe" --parent-window=0 chrome-extension://ooebklgpfnbcnpokahmdidgbmlcdepkm/ < \\.\pipe\chrome.nativeMessaging.in.769d16616c29c751 > \\.\pipe\chrome.nativeMessaging.out.769d16616c29c751
\??\C:\Windows\system32\conhost.exe "51470204379892796-74864797212346506912116792277896447602-1310476173-1080615359
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.8.150911209\1378863476" /prefetch:1
"C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMChExt.exe" --parent-window=0 chrome-extension://ooebklgpfnbcnpokahmdidgbmlcdepkm/
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3812.11.308819799\461577141" --ppapi-flash-args --lang=cs --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.13.1405497296\241384079" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.18.1723067812\1143113561" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.20.204537310\260586734" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.21.1175763328\722006522" /prefetch:1
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_30/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Disabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3812.22.1438402268\1665423879" /prefetch:1
"C:\Users\Ladislav\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe -check pepperplugin
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat [2016-03-31 422592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-09 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 2480936]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-03-01 4290240]
"tsiVideo"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"ic-0.2128a7f97d71cc.exe -start"=C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start []
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE [2016-03-31 362304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-06 10:12:45 ----D---- C:\Program Files\trend micro
2016-04-06 10:12:44 ----D---- C:\rsit
2016-04-06 10:02:20 ----D---- C:\FRST
2016-04-01 13:47:16 ----A---- C:\Windows\SYSWOW64\drivers\TS888x64.sys
2016-03-31 19:20:43 ----A---- C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:20:34 ----A---- C:\Windows\system32\drivers\TAOKernel64.sys
2016-03-31 19:20:34 ----A---- C:\Windows\system32\drivers\TAOAccelerator64.sys
2016-03-31 19:20:20 ----D---- C:\Program Files\Common Files\Tencent
2016-03-31 19:20:15 ----D---- C:\ProgramData\TXQMPC
2016-03-31 19:19:46 ----A---- C:\Windows\system32\drivers\TSSKX64.sys
2016-03-31 19:19:26 ----A---- C:\Windows\system32\drivers\TFsFltX64.sys
2016-03-31 19:19:11 ----D---- C:\Program Files (x86)\Tencent
2016-03-31 19:19:04 ----D---- C:\Users\Ladislav\AppData\Roaming\Tencent
2016-03-31 19:19:03 ----D---- C:\ProgramData\Tencent
2016-03-31 19:18:23 ----D---- C:\ProgramData\Thunder Network
2016-03-31 19:17:31 ----D---- C:\ProgramData\e7a5b829-6533-1
2016-03-31 19:17:31 ----D---- C:\ProgramData\e7a5b829-49f7-0
2016-03-31 19:16:13 ----D---- C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-26 16:18:02 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-03-26 16:18:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-03-26 16:18:02 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-03-26 16:18:02 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-03-26 16:18:01 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-03-26 16:18:00 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-03-26 16:17:59 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-03-26 16:17:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-03-26 16:17:59 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-03-26 16:17:59 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-03-26 16:17:58 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-03-26 16:17:58 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-03-26 16:17:58 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-03-26 16:17:58 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-03-26 16:17:55 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-03-26 16:17:55 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-03-26 16:17:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-03-26 16:17:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-03-26 16:17:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-03-26 16:17:52 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-03-26 16:17:49 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-03-26 16:17:46 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-03-26 16:17:45 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-03-26 16:17:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-03-26 16:17:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-03-26 16:17:44 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-03-26 16:17:44 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-03-26 16:17:44 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-03-26 16:17:43 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-03-26 16:17:42 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-03-26 16:17:41 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-03-26 16:17:41 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-03-26 16:17:41 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-03-26 16:17:41 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-03-26 16:17:40 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-03-26 16:17:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-03-26 16:17:40 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-03-26 16:17:40 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-03-26 16:17:39 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-03-26 16:17:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-03-26 16:17:39 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-03-26 16:17:39 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-03-26 16:17:38 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-03-26 16:17:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-03-26 16:17:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-03-26 16:17:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-03-26 16:17:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-03-26 16:17:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-03-26 16:17:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-03-26 16:17:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-03-26 16:17:35 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-03-26 16:17:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-03-26 16:17:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-03-26 16:17:31 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-03-26 16:17:31 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-03-26 16:17:30 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-03-26 16:17:29 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-03-26 16:17:29 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-03-26 16:17:28 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-03-26 16:17:27 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-03-26 16:17:27 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-03-26 16:17:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-03-26 16:17:25 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\xinput1_3.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-03-26 16:17:24 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-03-26 16:17:23 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-03-26 16:17:23 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-03-26 16:17:23 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-03-26 16:17:23 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-03-26 16:17:22 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-03-26 16:17:22 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-03-26 16:17:22 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-03-26 16:17:22 ----A---- C:\Windows\system32\d3dx10.dll
2016-03-26 16:17:20 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-03-26 16:17:20 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-03-26 16:17:19 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-03-26 16:17:19 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-03-26 16:17:19 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-03-26 16:17:19 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-03-26 16:17:18 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\xinput1_2.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-03-26 16:17:18 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-03-26 16:17:16 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-03-26 16:17:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-03-26 16:17:15 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-03-26 16:17:15 ----A---- C:\Windows\system32\xinput1_1.dll
2016-03-26 16:17:14 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-03-26 16:17:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-03-26 16:17:10 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-03-26 16:17:10 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-03-26 16:17:09 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-03-26 16:17:09 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-03-26 16:17:08 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-03-26 16:17:08 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-03-26 16:17:08 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-03-26 16:17:08 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-03-26 16:17:07 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-03-26 16:17:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-03-26 16:17:07 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-03-26 16:17:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-03-26 16:17:06 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-03-26 16:17:06 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-03-26 16:17:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-03-26 16:17:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-03-26 09:35:11 ----D---- C:\Users\Ladislav\AppData\Roaming\.mono
2016-03-26 09:35:11 ----D---- C:\ProgramData\.mono
2016-03-26 09:14:46 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-03-25 11:27:16 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2016-03-25 11:27:13 ----D---- C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-03-25 11:27:08 ----D---- C:\Program Files\DAEMON Tools Lite
2016-03-25 11:27:05 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-03-11 11:17:28 ----D---- C:\Users\Ladislav\AppData\Roaming\Kastner software
2016-03-11 11:17:15 ----D---- C:\ProgramData\KASTNER software
2016-03-11 11:17:15 ----D---- C:\Program Files (x86)\KASTNER software
======List of files/folders modified in the last 1 month======
2016-04-06 10:12:45 ----RD---- C:\Program Files
2016-04-06 10:04:22 ----D---- C:\Windows\Prefetch
2016-04-06 10:04:22 ----D---- C:\Windows
2016-04-06 09:37:50 ----D---- C:\Windows\system32\config
2016-04-06 09:37:32 ----D---- C:\Windows\tracing
2016-04-06 09:28:51 ----D---- C:\Windows\System32
2016-04-06 09:28:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-06 09:28:50 ----D---- C:\Windows\inf
2016-04-06 09:25:19 ----A---- C:\Windows\SYSWOW64\log.txt
2016-04-06 09:24:29 ----D---- C:\Windows\Temp
2016-04-06 09:23:16 ----D---- C:\ProgramData\PDFC
2016-04-05 13:24:07 ----HD---- C:\ProgramData
2016-04-04 13:11:38 ----D---- C:\Windows\system32\Tasks
2016-04-02 12:55:14 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-01 14:23:27 ----D---- C:\Windows\system32\DriverStore
2016-04-01 14:23:27 ----D---- C:\Windows\system32\drivers
2016-04-01 14:21:44 ----D---- C:\Windows\system32\LogFiles
2016-04-01 14:07:45 ----D---- C:\Windows\Logs
2016-04-01 14:04:44 ----D---- C:\Windows\system32\NDF
2016-04-01 14:01:57 ----D---- C:\Program Files (x86)
2016-04-01 14:01:39 ----D---- C:\Program Files (x86)\Opera
2016-04-01 14:01:15 ----D---- C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 13:57:01 ----D---- C:\Windows\SysWOW64
2016-04-01 13:51:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:51:44 ----SHD---- C:\Windows\Installer
2016-04-01 13:51:23 ----D---- C:\Windows\system32\zh-TW
2016-04-01 13:51:23 ----D---- C:\Windows\system32\zh-CN
2016-04-01 13:51:23 ----D---- C:\Windows\system32\tr-TR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\sv-SE
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ru-RU
2016-04-01 13:51:23 ----D---- C:\Windows\system32\pt-PT
2016-04-01 13:51:23 ----D---- C:\Windows\system32\pl-PL
2016-04-01 13:51:23 ----D---- C:\Windows\system32\nl-NL
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ko-KR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\ja-JP
2016-04-01 13:51:23 ----D---- C:\Windows\system32\it-IT
2016-04-01 13:51:23 ----D---- C:\Windows\system32\hu-HU
2016-04-01 13:51:23 ----D---- C:\Windows\system32\fr-FR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\fi-FI
2016-04-01 13:51:23 ----D---- C:\Windows\system32\es-ES
2016-04-01 13:51:23 ----D---- C:\Windows\system32\en-US
2016-04-01 13:51:23 ----D---- C:\Windows\system32\el-GR
2016-04-01 13:51:23 ----D---- C:\Windows\system32\de-DE
2016-04-01 13:51:23 ----D---- C:\Windows\system32\da-DK
2016-04-01 13:51:23 ----D---- C:\Windows\system32\cs-CZ
2016-04-01 13:47:16 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-31 19:21:24 ----SHD---- C:\System Volume Information
2016-03-31 19:20:20 ----D---- C:\Program Files\Common Files
2016-03-31 19:19:46 ----RSD---- C:\Windows\Fonts
2016-03-31 19:19:25 ----D---- C:\Program Files (x86)\Common Files
2016-03-29 11:09:12 ----D---- C:\Program Files (x86)\Battle.net
2016-03-27 14:26:27 ----D---- C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-03-26 16:17:14 ----RSD---- C:\Windows\assembly
2016-03-26 16:17:12 ----D---- C:\Windows\Microsoft.NET
2016-03-26 09:14:14 ----D---- C:\Windows\Tasks
2016-03-26 09:13:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 11:20:09 ----D---- C:\Program Files (x86)\Heroes of the Storm
2016-03-25 11:19:25 ----D---- C:\Program Files (x86)\Hearthstone
2016-03-20 06:13:11 ----SD---- C:\Users\Ladislav\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUdisk64.sys [2016-03-02 184536]
R1 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\softaal64.sys [2016-03-31 44664]
R1 SRepairDrv;SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [2016-04-06 168568]
R1 TAOKernelDriver;Tencent Auto Optimize Platform.; \??\C:\Windows\system32\Drivers\TAOKernel64.sys [2016-03-31 147576]
R1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSDefenseBT64.sys [2016-03-31 28984]
R1 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSSysKit64.sys [2016-03-31 96888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQSysMonX64.sys [2016-03-31 152184]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [2016-03-31 57976]
R3 AR5416;Atheros Wireless Adapter Service; C:\Windows\system32\DRIVERS\athwx.sys [2011-02-25 2793568]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-02-09 31088]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-03-26 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-03-26 47672]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 86016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1402416]
R3 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\Windows\system32\Drivers\TAOAccelerator64.sys [2016-03-15 101472]
R3 TFsFlt;TFsFlt; C:\Windows\system32\Drivers\TFsFltX64.sys [2016-03-31 97400]
R3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TS888x64.sys [2016-04-06 38520]
R3 TSSKX64;TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [2016-03-16 54904]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-07-12 415744]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-07-12 220032]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 113792]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe [2016-03-31 313936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-03-01 1444544]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 QQRepair155e;QQRepair155e; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair155e [2016-04-06 136512]
S2 QQRepairFixSVC;QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [2016-04-06 136512]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-25 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Re: Nežádoucí programy v PC
Krasny den Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
Chtel jste rict po tom, co jste se snazil cracknout hru? Co takhle si hru priste radeji koupit a podporit tak autory?Hook_1hp píše:stáhli se mi do počítače nějaké čínské programy
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
- spuste dvojklikem a extrahujte na plochu
- kliknete na Next
- aktualizujte virovou databazi klikem na Update a pokracujte na Next
- vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 20 minut)
- zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
- kliknete na Cleanup a souhlaste s restartem - Yes
- obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nežádoucí programy v PC
Zdravím, ano, máte pravdu, že jsem se snažil cracknout hru, a proto sem si zaviroval PC. Ještě jednou děkuji za pomoc
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.04.08.02
rootkit: v2016.04.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Ladislav :: LADISLAV-HP [administrator]
8.4.2016 10:21:11
mbar-log-2016-04-08 (10-21-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 351720
Time elapsed: 28 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{FD5BDF0B-4A81-4AA4-BAD3-014C12403F4D}|NameServer (Trojan.DNSChanger.ACMB2) -> Data: 82.163.143.177,82.163.142.179 -> Delete on reboot. [570b59530693e94d74fdf0ae956f38c8]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\Ladislav\AppData\Local\Temp\msupdate71 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
Files Detected: 10
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\dwm.exe (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libcurl-4.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libiconv-2.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libidn-11.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libintl-8.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libwinpthread-1.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\msupdate.7z (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\msvcrt.dll (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\proxy.conf (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\zlib1.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Rootkit BETA 1.9.3.1001www.malwarebytes.org
Database version:
main: v2016.04.08.02
rootkit: v2016.04.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Ladislav :: LADISLAV-HP [administrator]
8.4.2016 10:21:11
mbar-log-2016-04-08 (10-21-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 351720
Time elapsed: 28 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{FD5BDF0B-4A81-4AA4-BAD3-014C12403F4D}|NameServer (Trojan.DNSChanger.ACMB2) -> Data: 82.163.143.177,82.163.142.179 -> Delete on reboot. [570b59530693e94d74fdf0ae956f38c8]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\Ladislav\AppData\Local\Temp\msupdate71 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
Files Detected: 10
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\dwm.exe (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libcurl-4.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libiconv-2.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libidn-11.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libintl-8.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\libwinpthread-1.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\msupdate.7z (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\msvcrt.dll (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\proxy.conf (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
C:\Users\Ladislav\AppData\Local\Temp\msupdate71\zlib1.dl1 (Trojan.FakeAlert) -> Delete on reboot. [4919bbf1d2c70a2c941a3120f01407f9]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Re: Nežádoucí programy v PC
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nežádoucí programy v PC
# AdwCleaner v5.109 - Log soubor vytvořen 08/04/2016 o 12:57:05# Aktualizováno 04/04/2016 by Xplode
# Databáze : 2016-04-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (x64)
# Jméno uživatele : Ladislav - LADISLAV-HP
# Spuštěno z : C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
[-] Služba smazáno : QQPCRTP
[-] Služba smazáno : TAOAccelerator
[-] Služba smazáno : TSDefenseBt
[-] Služba smazáno : TSSysKit
[-] Služba smazáno : QMUdisk
[-] Služba smazáno : TS888x64
[-] Služba smazáno : QQSysMonX64
[-] Služba smazáno : TFsFlt
[-] Služba smazáno : TAOKernelDriver
[-] Služba smazáno : TSSKX64
[-] Služba smazáno : softaal
[!] Služba Ne smazáno : SRepairDrv
[-] Služba smazáno : tsnethlpx64
[-] Služba smazáno : QQRepairFixSVC
***** [ Složky ] *****
[#] Složka smazáno : C:\Program Files (x86)\tencent
[-] Složka smazáno : C:\Program Files (x86)\Common Files\tencent
[#] Složka smazáno : C:\Program Files\Common Files\tencent
[#] Složka smazáno : C:\ProgramData\tencent
[-] Složka smazáno : C:\ProgramData\TXQMPC
[-] Složka smazáno : C:\ProgramData\e7a5b829-49f7-0
[-] Složka smazáno : C:\ProgramData\e7a5b829-6533-1
[#] Složka smazáno : C:\ProgramData\Application Data\tencent
[#] Složka smazáno : C:\ProgramData\Application Data\TXQMPC
[#] Složka smazáno : C:\ProgramData\Application Data\e7a5b829-49f7-0
[#] Složka smazáno : C:\ProgramData\Application Data\e7a5b829-6533-1
[-] Složka smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazáno : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
[-] Složka smazáno : C:\Users\Ladislav\AppData\Local\Temp\tencent
[-] Složka smazáno : C:\Users\Ladislav\AppData\Local\VirtualStore\Program Files (x86)\tencent
[-] Složka smazáno : C:\Users\Ladislav\AppData\Roaming\Solvusoft
[#] Složka smazáno : C:\Users\Ladislav\AppData\Roaming\tencent
[-] Složka smazáno : C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] Soubor smazáno : C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\电脑管家.lnk
[#] Soubor smazáno : C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件\电脑管家\电脑管家.lnk
[-] Soubor smazáno : C:\Windows\SysNative\roboot64.exe
[-] Soubor smazáno : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
[-] Soubor smazáno : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] Soubor smazáno : C:\Windows\SysNative\drivers\TAOKernel64.sys
[#] Soubor smazáno : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] Soubor smazáno : C:\Windows\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Klávesa smazáno : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Klávesa smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Klávesa smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Klávesa smazáno : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Klávesa smazáno : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Klávesa smazáno : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Klávesa smazáno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.qq.qmchext
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\QMContextScan
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\QMContextScan.DLL
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\QMContextUninstall.DLL
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextScan
[-] Klávesa smazáno : HKLM\SOFTWARE\MozillaPlugins\@qq.com/npandroidassistant
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\metnsd
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qmbfile
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\QMContextScan.QMContextScanMenu
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\QMContextScan.QMContextScanMenu.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qpakfile
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qqapp
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\QQAppIEAgentEx.AgentForAndroid.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\QQPCMgr.qbox
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qqpro
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TencentAndroidAssistant
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{1E9BD312-7C8C-4422-906D-897F6D7714F2}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{7A30415C-ABEE-4674-B64B-4CA145EEB0CA}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{35627C7C-DB28-4772-9A6F-7607FFCBF9FF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{445E3964-15B0-472A-95F4-6242DD2EA066}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{573F9869-D92C-4B7E-A9C3-F042278D5078}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{593BE60A-1C6A-44F9-946D-A5EAB2D53511}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C049F583-D724-4BAB-8F47-F13BCA41B808}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Hodnota smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{63332668-8CE1-445D-A5EE-25929176714E}]
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{754DF2CE-51E8-4895-B53C-6381418B84AE}]
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{365ADADE-814B-400C-877C-95E9F684BBEB}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Klávesa smazáno : HKU\.DEFAULT\Software\AVG Secure Search
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{137A8F2B-3BBF-4CCF-A766-354F443F18A3}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4F273477-E81D-442D-8156-22A3934F1954}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{90829A85-3BE2-4137-B7D8-1BDDCD8987AA}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CDCCC69A-CFFA-4010-973B-3CADA575E67C}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AC3CA308-8F89-4944-B7F4-08D545E81EDC}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{77BBBC5A-D970-4005-B6CA-1C1C4D9862E2}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A01058AB-A62C-4FA8-9EC1-7D9E091447B6}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F19299F2-2F3F-46CF-9B13-0BDC4E4D669D}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4903EE46-6484-4BDF-ABB6-EA7A944A07D3}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B87602AD-27EE-4616-995A-584F160E4188}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{40490A25-D41A-46B0-B119-2696823C9E4A}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{72272047-0D0D-4AF9-A4E6-A0CE6FE64F55}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B42A55F8-7AEE-4F6A-AC18-1B9A41D35CDE}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{81EB5771-98A6-4AEE-89C1-1DB0F5836C03}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{518D7D8C-3693-42AC-97B3-C8F540678E40}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{68C2A316-0709-4366-AFD1-CB4BFF485D01}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E6803C6E-EA7C-40CC-A890-14E2633909EA}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B7C17282-2A49-469F-83C5-F69FCE93E5DF}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{222FF011-1ED6-4FA5-97ED-8D0E3633FEAC}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DC1436B4-57BE-4ACD-AD79-3E91C01FAE66}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7398CC39-DBDD-4BED-8EB2-480F27DD9D52}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EF6FFCBD-1EC5-4DE9-931A-4B7C6AC473C4}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F93DD283-9DF1-44F3-A5FB-570497587F1D}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F12B9051-6207-48A3-8137-73CDB95065D8}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{24CDB067-2409-43D0-9FD3-45E623988006}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E554C403-38A5-4487-A535-8F23A3646B3A}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0A6B5EC6-C154-4AE2-BB09-9B33B1C916AA}]
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Hodnota smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [tsiVideo]
[#] Hodnota smazáno : HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Windows\CurrentVersion\Run [tsiVideo]
***** [ Webové prohlížeče ] *****
[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : eu.ask.com
[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : isearch.avg.com
[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] smazáno : nafaimnnclfjfedmmabolbppcngeolgf
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [15674 bytes] - [08/04/2016 12:57:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [15594 bytes] - [08/04/2016 12:54:02]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15822 bytes] ##########
Re: Nežádoucí programy v PC
Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nežádoucí programy v PC
Zdravím,
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Ladislav (administrator) on LADISLAV-HP (15-04-2016 13:14:16)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(emc) C:\Users\Ladislav\AppData\Roaming\uTorrent\uninstall.exe
(BitTorrent, Inc.) C:\Users\Ladislav\AppData\Roaming\uTorrent\utorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gretech Corp.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [234656 2011-05-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2012-11-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{3318193A-170E-4A79-8F72-B4BE5D9D3136}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {BF719C4E-2EA1-4CD7-97CC-4484DDC835E8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM6Vd_PKcKo8wex1YCYCw
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Like) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmdfldoaocolmibeehmndgcmlbidppj [2016-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 QQRepair2317; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair2317" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2793568 2011-02-25] (Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [415744 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-15 11:58 - 2016-04-15 12:02 - 00000000 ____D C:\Users\Ladislav\Downloads\Gangster.Ka.African.2015.480p.WEB-DL.XviD.AC3.CZ
2016-04-15 11:57 - 2016-04-15 11:57 - 00014315 _____ C:\Users\Ladislav\Downloads\[SkT]Gangster_Ka-_African_(2015)(CZ)[WebRip]_=_CSFD_73%.torrent
2016-04-14 23:39 - 2016-04-14 23:44 - 1200333397 _____ C:\Users\Ladislav\Downloads\Connasse.Princesse.Des.Coeurs.2015.DVDRip.x264-RiSiNG.mkv
2016-04-14 23:38 - 2016-04-14 23:38 - 00012046 _____ C:\Users\Ladislav\Downloads\[SkT]Parizska_blbka_-_Connasse,_Princesse_des_coeurs_(2015)(CZ)_=_CSFD_63%.torrent
2016-04-14 23:35 - 2016-04-14 23:35 - 00011596 _____ C:\Users\Ladislav\Downloads\[SkT]Uz_je_tady_zas_-_Er_ist_wieder_da_(2015)_=_CSFD_81%.torrent
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (4).pdf
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (3).pdf
2016-04-09 14:55 - 2016-04-09 14:55 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (2).pdf
2016-04-09 14:54 - 2016-04-09 14:54 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (1).pdf
2016-04-09 14:40 - 2016-04-09 14:40 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz.pdf
2016-04-09 14:39 - 2016-04-09 14:39 - 00311787 _____ C:\Users\Ladislav\Downloads\6_Mezinárodní_klasifikace_funkčních_schopností,_disability_a_zdraví_(ICF).pdf
2016-04-08 13:10 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Tencent
2016-04-08 13:09 - 2016-04-08 13:09 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-08 12:53 - 2016-04-08 12:57 - 00000000 ____D C:\AdwCleaner
2016-04-08 12:48 - 2016-04-08 12:49 - 03119168 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe
2016-04-08 10:21 - 2016-04-08 10:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-08 10:20 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-08 10:20 - 2016-04-08 11:05 - 00000000 ____D C:\Users\Ladislav\Desktop\mbar
2016-04-08 10:20 - 2016-04-08 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 10:20 - 2016-04-08 10:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-08 10:14 - 2016-04-08 10:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe
2016-04-07 11:22 - 2016-04-07 11:22 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy (1).pdf
2016-04-07 11:20 - 2016-04-07 11:21 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy.pdf
2016-04-07 11:17 - 2016-04-07 11:17 - 01112511 _____ C:\Users\Ladislav\Downloads\c.2_-_celkovy_situacni_vykres.pdf
2016-04-07 11:12 - 2016-04-07 11:12 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1 (1).pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02900480 _____ C:\Users\Ladislav\Downloads\kontrolni_den_17.pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1.pdf
2016-04-07 11:08 - 2016-04-07 11:08 - 09912320 _____ C:\Users\Ladislav\Downloads\prezentace_zabovresky_umc_160309.ppt
2016-04-07 11:07 - 2016-04-07 11:07 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (2).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova.pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova (1).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (2).pdf
2016-04-07 11:06 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16.pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova.pdf
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\rsit
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\Program Files\trend micro
2016-04-06 10:04 - 2016-04-09 10:02 - 00028270 _____ C:\Users\Ladislav\Desktop\Addition.txt
2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe
2016-04-06 10:02 - 2016-04-15 13:15 - 00015977 _____ C:\Users\Ladislav\Desktop\FRST.txt
2016-04-06 10:02 - 2016-04-15 13:14 - 00000000 ____D C:\FRST
2016-04-06 09:59 - 2016-04-06 09:59 - 02374144 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2016-04-05 15:33 - 2016-04-05 15:33 - 00688685 _____ C:\Users\Ladislav\Downloads\DPTX_2006_2_11210_ASZK10001_106609_0_27875 (1).pdf
2016-04-05 13:09 - 2016-04-05 13:09 - 00000414 _____ C:\Users\Ladislav\Downloads\priloha
2016-04-02 14:52 - 2016-04-02 14:52 - 00000256 _____ C:\Users\Ladislav\Downloads\_Certification_.htm
2016-04-01 14:06 - 2016-04-01 14:06 - 00019630 _____ C:\Users\Ladislav\Documents\cc_20160401_140605.reg
2016-04-01 14:06 - 2016-04-01 14:06 - 00004716 _____ C:\Users\Ladislav\Documents\cc_20160401_140621.reg
2016-04-01 14:05 - 2016-04-14 23:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:19 - 2016-04-08 13:10 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent
2016-03-31 19:19 - 2016-03-31 19:19 - 00097400 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen
2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip
2016-03-31 19:16 - 2016-03-31 19:16 - 00002274 _____ C:\Users\Ladislav\Desktop\Imperia Online.lnk
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-31 19:14 - 2016-03-31 19:14 - 05096956 _____ C:\Users\Ladislav\Downloads\Lego.Star.Wars.Iii.The.Clone.W.keygen.exe.zip
2016-03-26 16:18 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-03-26 16:17 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-03-26 16:17 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-03-26 16:17 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-03-26 16:17 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-26 16:17 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-03-26 16:17 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-03-26 16:17 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-03-26 16:17 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-03-26 16:17 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-03-26 16:17 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-03-26 16:17 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-03-26 16:17 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-03-26 12:04 - 2016-03-26 12:06 - 00000000 ____D C:\Users\Ladislav\Desktop\Movie
2016-03-26 11:59 - 2016-03-26 11:59 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Disc_Soft_Ltd
2016-03-26 11:55 - 2016-03-26 12:01 - 00000000 ____D C:\Users\Ladislav\Downloads\Deadpool.2016.HC.HDRip.XviD.AC3-EVO
2016-03-26 10:04 - 2016-03-26 10:04 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\.mono
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\ProgramData\.mono
2016-03-26 09:14 - 2016-03-26 11:54 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-03-25 11:27 - 2016-04-01 14:07 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:14 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:13 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-03-25 11:27 - 2016-03-25 11:27 - 00001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-03-25 11:17 - 2016-03-25 11:17 - 00690448 _____ (Disc Soft Ltd.) C:\Users\Ladislav\Downloads\DTLiteInstaller.exe
2016-03-25 11:08 - 2016-03-25 11:17 - 00000000 ____D C:\Users\Ladislav\Downloads\Focus.2015.480p.BDRip.XviD.DD5.1.CZ-HiDE
2016-03-22 19:22 - 2016-03-23 14:52 - 00000000 ____D C:\Users\Ladislav\Downloads\LEGO.Star.Wars.III.The.Clone.Wars-SKIDROW
2016-03-22 15:35 - 2016-03-22 15:40 - 978824184 _____ C:\Users\Ladislav\Downloads\Sbohem, baby.2007.avi
2016-03-22 11:29 - 2016-03-22 11:43 - 1700850782 _____ C:\Users\Ladislav\Downloads\Fair Play (2014)(CZ).avi
2016-03-22 11:29 - 2016-03-22 11:34 - 1132343703 _____ C:\Users\Ladislav\Downloads\Bad Hair Day.mkv
2016-03-20 09:25 - 2016-03-20 09:25 - 00248464 _____ C:\Users\Ladislav\Downloads\Plan_skolnich_projektu_11-12.pdf
2016-03-20 09:15 - 2016-03-20 09:15 - 00978750 _____ C:\Users\Ladislav\Downloads\Casopis_ABCD.pdf
2016-03-20 08:27 - 2016-03-20 08:27 - 00195725 _____ C:\Users\Ladislav\Downloads\36-zaver.pdf
2016-03-20 08:14 - 2016-03-20 08:14 - 00436866 _____ C:\Users\Ladislav\Downloads\35-lekce-10.pdf
2016-03-20 08:09 - 2016-03-20 08:09 - 00332965 _____ C:\Users\Ladislav\Downloads\34-lekce-9.pdf
2016-03-20 08:05 - 2016-03-20 08:05 - 00315648 _____ C:\Users\Ladislav\Downloads\33-lekce-8.pdf
2016-03-20 08:02 - 2016-03-20 08:02 - 00330612 _____ C:\Users\Ladislav\Downloads\32-lekce-7.pdf
2016-03-20 07:59 - 2016-03-20 07:59 - 00251825 _____ C:\Users\Ladislav\Downloads\31-lekce-6.pdf
2016-03-20 07:51 - 2016-03-20 07:51 - 00501229 _____ C:\Users\Ladislav\Downloads\24-kudy-v-mozku-doplnujici-text.pdf
2016-03-20 07:40 - 2016-03-20 07:40 - 00334741 _____ C:\Users\Ladislav\Downloads\30-lekce-5.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00498023 _____ C:\Users\Ladislav\Downloads\27-lekce-2.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00355373 _____ C:\Users\Ladislav\Downloads\28-lekce-3.pdf
2016-03-20 07:20 - 2016-03-20 07:20 - 00318687 _____ C:\Users\Ladislav\Downloads\37-informace-o-kurzu.pdf
2016-03-20 07:17 - 2016-03-20 07:17 - 00381262 _____ C:\Users\Ladislav\Downloads\26-lekce-1.pdf
2016-03-20 06:13 - 2016-03-20 06:13 - 00003836 _____ C:\Users\Ladislav\Downloads\smime.p7s
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-15 13:15 - 2015-06-09 19:50 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-04-15 13:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 13:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 12:17 - 2014-12-16 14:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 11:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-14 23:25 - 2014-12-16 14:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-14 23:25 - 2011-05-09 16:24 - 00000000 ____D C:\ProgramData\PDFC
2016-04-14 23:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-13 14:38 - 2016-01-03 10:13 - 00000000 ____D C:\Users\Ladislav\Desktop\BAKALÁŘKA
2016-04-12 14:49 - 2014-12-05 16:12 - 00000000 ____D C:\Users\Ladislav\AppData\Local\CrashDumps
2016-04-12 07:07 - 2014-12-16 14:48 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 07:07 - 2014-12-16 14:48 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 17:35 - 2016-01-16 14:32 - 00000000 ____D C:\Users\Ladislav\Desktop\Finále
2016-04-10 12:16 - 2011-05-10 01:48 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-04-10 12:16 - 2011-05-10 01:48 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-04-10 12:16 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-10 12:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-10 09:28 - 2015-06-21 15:52 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-09 09:59 - 2012-04-17 23:01 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-01 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Opera Software
2016-04-01 14:01 - 2015-06-21 15:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-01 14:01 - 2012-02-17 23:26 - 00001393 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 13:51 - 2011-05-09 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:47 - 2012-02-17 23:24 - 00109688 _____ C:\Users\Ladislav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-01 13:46 - 2009-07-14 06:45 - 00409920 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 11:58 - 2015-05-26 21:34 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Battle.net
2016-03-29 11:09 - 2015-05-26 21:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-26 16:18 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-26 12:01 - 2016-02-29 15:05 - 00000000 ____D C:\Users\Ladislav\Desktop\kubca
2016-03-26 09:14 - 2015-06-21 15:52 - 00003964 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-03-26 09:13 - 2015-06-21 15:51 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-26 09:13 - 2015-06-21 15:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-25 11:20 - 2015-06-05 18:49 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-03-25 11:19 - 2015-06-13 22:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
==================== Files in the root of some directories =======
2016-03-31 19:20 - 2016-03-31 19:20 - 0005120 _____ () C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2015-06-13 11:49 - 2015-06-13 11:49 - 0007637 _____ () C:\Users\Ladislav\AppData\Local\Resmon.ResmonCfg
2016-02-27 02:18 - 2016-02-27 02:18 - 0000000 _____ () C:\Users\Ladislav\AppData\Local\{1572A71C-E01C-4DEE-BB75-616336F64497}
Some files in TEMP:
====================
C:\Users\Ladislav\AppData\Local\Temp\libeay32.dll
C:\Users\Ladislav\AppData\Local\Temp\msvcr120.dll
C:\Users\Ladislav\AppData\Local\Temp\qqpcmgr_v11.4.17347.218_123112050_Silence.exe
C:\Users\Ladislav\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-09 10:42
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01Ran by Ladislav (administrator) on LADISLAV-HP (15-04-2016 13:14:16)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(emc) C:\Users\Ladislav\AppData\Roaming\uTorrent\uninstall.exe
(BitTorrent, Inc.) C:\Users\Ladislav\AppData\Roaming\uTorrent\utorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gretech Corp.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [234656 2011-05-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2012-11-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{3318193A-170E-4A79-8F72-B4BE5D9D3136}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {BF719C4E-2EA1-4CD7-97CC-4484DDC835E8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-09] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-09] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM6Vd_PKcKo8wex1YCYCw
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Like) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmdfldoaocolmibeehmndgcmlbidppj [2016-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 QQRepair2317; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair2317" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2793568 2011-02-25] (Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [415744 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-15 11:58 - 2016-04-15 12:02 - 00000000 ____D C:\Users\Ladislav\Downloads\Gangster.Ka.African.2015.480p.WEB-DL.XviD.AC3.CZ
2016-04-15 11:57 - 2016-04-15 11:57 - 00014315 _____ C:\Users\Ladislav\Downloads\[SkT]Gangster_Ka-_African_(2015)(CZ)[WebRip]_=_CSFD_73%.torrent
2016-04-14 23:39 - 2016-04-14 23:44 - 1200333397 _____ C:\Users\Ladislav\Downloads\Connasse.Princesse.Des.Coeurs.2015.DVDRip.x264-RiSiNG.mkv
2016-04-14 23:38 - 2016-04-14 23:38 - 00012046 _____ C:\Users\Ladislav\Downloads\[SkT]Parizska_blbka_-_Connasse,_Princesse_des_coeurs_(2015)(CZ)_=_CSFD_63%.torrent
2016-04-14 23:35 - 2016-04-14 23:35 - 00011596 _____ C:\Users\Ladislav\Downloads\[SkT]Uz_je_tady_zas_-_Er_ist_wieder_da_(2015)_=_CSFD_81%.torrent
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (4).pdf
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (3).pdf
2016-04-09 14:55 - 2016-04-09 14:55 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (2).pdf
2016-04-09 14:54 - 2016-04-09 14:54 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (1).pdf
2016-04-09 14:40 - 2016-04-09 14:40 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz.pdf
2016-04-09 14:39 - 2016-04-09 14:39 - 00311787 _____ C:\Users\Ladislav\Downloads\6_Mezinárodní_klasifikace_funkčních_schopností,_disability_a_zdraví_(ICF).pdf
2016-04-08 13:10 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Tencent
2016-04-08 13:09 - 2016-04-08 13:09 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-08 12:53 - 2016-04-08 12:57 - 00000000 ____D C:\AdwCleaner
2016-04-08 12:48 - 2016-04-08 12:49 - 03119168 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe
2016-04-08 10:21 - 2016-04-08 10:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-08 10:20 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-08 10:20 - 2016-04-08 11:05 - 00000000 ____D C:\Users\Ladislav\Desktop\mbar
2016-04-08 10:20 - 2016-04-08 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 10:20 - 2016-04-08 10:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-08 10:14 - 2016-04-08 10:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe
2016-04-07 11:22 - 2016-04-07 11:22 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy (1).pdf
2016-04-07 11:20 - 2016-04-07 11:21 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy.pdf
2016-04-07 11:17 - 2016-04-07 11:17 - 01112511 _____ C:\Users\Ladislav\Downloads\c.2_-_celkovy_situacni_vykres.pdf
2016-04-07 11:12 - 2016-04-07 11:12 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1 (1).pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02900480 _____ C:\Users\Ladislav\Downloads\kontrolni_den_17.pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1.pdf
2016-04-07 11:08 - 2016-04-07 11:08 - 09912320 _____ C:\Users\Ladislav\Downloads\prezentace_zabovresky_umc_160309.ppt
2016-04-07 11:07 - 2016-04-07 11:07 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (2).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova.pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova (1).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (2).pdf
2016-04-07 11:06 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16.pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova.pdf
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\rsit
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\Program Files\trend micro
2016-04-06 10:04 - 2016-04-09 10:02 - 00028270 _____ C:\Users\Ladislav\Desktop\Addition.txt
2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe
2016-04-06 10:02 - 2016-04-15 13:15 - 00015977 _____ C:\Users\Ladislav\Desktop\FRST.txt
2016-04-06 10:02 - 2016-04-15 13:14 - 00000000 ____D C:\FRST
2016-04-06 09:59 - 2016-04-06 09:59 - 02374144 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2016-04-05 15:33 - 2016-04-05 15:33 - 00688685 _____ C:\Users\Ladislav\Downloads\DPTX_2006_2_11210_ASZK10001_106609_0_27875 (1).pdf
2016-04-05 13:09 - 2016-04-05 13:09 - 00000414 _____ C:\Users\Ladislav\Downloads\priloha
2016-04-02 14:52 - 2016-04-02 14:52 - 00000256 _____ C:\Users\Ladislav\Downloads\_Certification_.htm
2016-04-01 14:06 - 2016-04-01 14:06 - 00019630 _____ C:\Users\Ladislav\Documents\cc_20160401_140605.reg
2016-04-01 14:06 - 2016-04-01 14:06 - 00004716 _____ C:\Users\Ladislav\Documents\cc_20160401_140621.reg
2016-04-01 14:05 - 2016-04-14 23:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:19 - 2016-04-08 13:10 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent
2016-03-31 19:19 - 2016-03-31 19:19 - 00097400 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen
2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip
2016-03-31 19:16 - 2016-03-31 19:16 - 00002274 _____ C:\Users\Ladislav\Desktop\Imperia Online.lnk
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-31 19:14 - 2016-03-31 19:14 - 05096956 _____ C:\Users\Ladislav\Downloads\Lego.Star.Wars.Iii.The.Clone.W.keygen.exe.zip
2016-03-26 16:18 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-03-26 16:18 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-26 16:17 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-03-26 16:17 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-03-26 16:17 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-03-26 16:17 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-03-26 16:17 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-03-26 16:17 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-03-26 16:17 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-03-26 16:17 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-03-26 16:17 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-03-26 16:17 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-03-26 16:17 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-03-26 16:17 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-03-26 16:17 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-03-26 16:17 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-03-26 16:17 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-03-26 16:17 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-03-26 16:17 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-26 16:17 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-03-26 16:17 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-03-26 16:17 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-03-26 16:17 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-03-26 16:17 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-03-26 16:17 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-03-26 16:17 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-03-26 16:17 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-03-26 16:17 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-03-26 16:17 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-03-26 16:17 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-03-26 16:17 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-03-26 16:17 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-03-26 16:17 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-03-26 16:17 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-03-26 16:17 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-03-26 16:17 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-03-26 16:17 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-03-26 16:17 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-03-26 16:17 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-03-26 16:17 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-03-26 12:04 - 2016-03-26 12:06 - 00000000 ____D C:\Users\Ladislav\Desktop\Movie
2016-03-26 11:59 - 2016-03-26 11:59 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Disc_Soft_Ltd
2016-03-26 11:55 - 2016-03-26 12:01 - 00000000 ____D C:\Users\Ladislav\Downloads\Deadpool.2016.HC.HDRip.XviD.AC3-EVO
2016-03-26 10:04 - 2016-03-26 10:04 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\.mono
2016-03-26 09:35 - 2016-03-26 09:35 - 00000000 ____D C:\ProgramData\.mono
2016-03-26 09:14 - 2016-03-26 11:54 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-03-25 11:27 - 2016-04-01 14:07 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:14 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-26 09:13 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-03-25 11:27 - 2016-03-25 11:27 - 00001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-25 11:27 - 2016-03-25 11:27 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-03-25 11:17 - 2016-03-25 11:17 - 00690448 _____ (Disc Soft Ltd.) C:\Users\Ladislav\Downloads\DTLiteInstaller.exe
2016-03-25 11:08 - 2016-03-25 11:17 - 00000000 ____D C:\Users\Ladislav\Downloads\Focus.2015.480p.BDRip.XviD.DD5.1.CZ-HiDE
2016-03-22 19:22 - 2016-03-23 14:52 - 00000000 ____D C:\Users\Ladislav\Downloads\LEGO.Star.Wars.III.The.Clone.Wars-SKIDROW
2016-03-22 15:35 - 2016-03-22 15:40 - 978824184 _____ C:\Users\Ladislav\Downloads\Sbohem, baby.2007.avi
2016-03-22 11:29 - 2016-03-22 11:43 - 1700850782 _____ C:\Users\Ladislav\Downloads\Fair Play (2014)(CZ).avi
2016-03-22 11:29 - 2016-03-22 11:34 - 1132343703 _____ C:\Users\Ladislav\Downloads\Bad Hair Day.mkv
2016-03-20 09:25 - 2016-03-20 09:25 - 00248464 _____ C:\Users\Ladislav\Downloads\Plan_skolnich_projektu_11-12.pdf
2016-03-20 09:15 - 2016-03-20 09:15 - 00978750 _____ C:\Users\Ladislav\Downloads\Casopis_ABCD.pdf
2016-03-20 08:27 - 2016-03-20 08:27 - 00195725 _____ C:\Users\Ladislav\Downloads\36-zaver.pdf
2016-03-20 08:14 - 2016-03-20 08:14 - 00436866 _____ C:\Users\Ladislav\Downloads\35-lekce-10.pdf
2016-03-20 08:09 - 2016-03-20 08:09 - 00332965 _____ C:\Users\Ladislav\Downloads\34-lekce-9.pdf
2016-03-20 08:05 - 2016-03-20 08:05 - 00315648 _____ C:\Users\Ladislav\Downloads\33-lekce-8.pdf
2016-03-20 08:02 - 2016-03-20 08:02 - 00330612 _____ C:\Users\Ladislav\Downloads\32-lekce-7.pdf
2016-03-20 07:59 - 2016-03-20 07:59 - 00251825 _____ C:\Users\Ladislav\Downloads\31-lekce-6.pdf
2016-03-20 07:51 - 2016-03-20 07:51 - 00501229 _____ C:\Users\Ladislav\Downloads\24-kudy-v-mozku-doplnujici-text.pdf
2016-03-20 07:40 - 2016-03-20 07:40 - 00334741 _____ C:\Users\Ladislav\Downloads\30-lekce-5.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00498023 _____ C:\Users\Ladislav\Downloads\27-lekce-2.pdf
2016-03-20 07:21 - 2016-03-20 07:21 - 00355373 _____ C:\Users\Ladislav\Downloads\28-lekce-3.pdf
2016-03-20 07:20 - 2016-03-20 07:20 - 00318687 _____ C:\Users\Ladislav\Downloads\37-informace-o-kurzu.pdf
2016-03-20 07:17 - 2016-03-20 07:17 - 00381262 _____ C:\Users\Ladislav\Downloads\26-lekce-1.pdf
2016-03-20 06:13 - 2016-03-20 06:13 - 00003836 _____ C:\Users\Ladislav\Downloads\smime.p7s
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-15 13:15 - 2015-06-09 19:50 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-04-15 13:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 13:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 12:17 - 2014-12-16 14:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 11:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-14 23:25 - 2014-12-16 14:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-14 23:25 - 2011-05-09 16:24 - 00000000 ____D C:\ProgramData\PDFC
2016-04-14 23:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-13 14:38 - 2016-01-03 10:13 - 00000000 ____D C:\Users\Ladislav\Desktop\BAKALÁŘKA
2016-04-12 14:49 - 2014-12-05 16:12 - 00000000 ____D C:\Users\Ladislav\AppData\Local\CrashDumps
2016-04-12 07:07 - 2014-12-16 14:48 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 07:07 - 2014-12-16 14:48 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 17:35 - 2016-01-16 14:32 - 00000000 ____D C:\Users\Ladislav\Desktop\Finále
2016-04-10 12:16 - 2011-05-10 01:48 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-04-10 12:16 - 2011-05-10 01:48 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-04-10 12:16 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-10 12:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-10 09:28 - 2015-06-21 15:52 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-09 09:59 - 2012-04-17 23:01 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-01 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Opera Software
2016-04-01 14:01 - 2015-06-21 15:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-01 14:01 - 2012-02-17 23:26 - 00001393 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 13:51 - 2011-05-09 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:47 - 2012-02-17 23:24 - 00109688 _____ C:\Users\Ladislav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-01 13:46 - 2009-07-14 06:45 - 00409920 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 11:58 - 2015-05-26 21:34 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Battle.net
2016-03-29 11:09 - 2015-05-26 21:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-26 16:18 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-26 12:01 - 2016-02-29 15:05 - 00000000 ____D C:\Users\Ladislav\Desktop\kubca
2016-03-26 09:14 - 2015-06-21 15:52 - 00003964 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-03-26 09:13 - 2015-06-21 15:51 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-26 09:13 - 2015-06-21 15:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-25 11:20 - 2015-06-05 18:49 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-03-25 11:19 - 2015-06-13 22:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
==================== Files in the root of some directories =======
2016-03-31 19:20 - 2016-03-31 19:20 - 0005120 _____ () C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2015-06-13 11:49 - 2015-06-13 11:49 - 0007637 _____ () C:\Users\Ladislav\AppData\Local\Resmon.ResmonCfg
2016-02-27 02:18 - 2016-02-27 02:18 - 0000000 _____ () C:\Users\Ladislav\AppData\Local\{1572A71C-E01C-4DEE-BB75-616336F64497}
Some files in TEMP:
====================
C:\Users\Ladislav\AppData\Local\Temp\libeay32.dll
C:\Users\Ladislav\AppData\Local\Temp\msvcr120.dll
C:\Users\Ladislav\AppData\Local\Temp\qqpcmgr_v11.4.17347.218_123112050_Silence.exe
C:\Users\Ladislav\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-09 10:42
==================== End of FRST.txt ============================
Re: Nežádoucí programy v PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01Ran by Ladislav (2016-04-15 13:15:48)
Running from C:\Users\Ladislav\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-17 21:09:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-450129140-1224967779-4017086383-500 - Administrator - Disabled)
Guest (S-1-5-21-450129140-1224967779-4017086383-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-450129140-1224967779-4017086383-1003 - Limited - Enabled)
Ladislav (S-1-5-21-450129140-1224967779-4017086383-1000 - Administrator - Enabled) => C:\Users\Ladislav
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Essential Grammar in Use (HKLM-x32\...\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}) (Version: 1.00.0000 - Cambridge)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{B97E3520-C726-475E-BC0C-7561952633AB}) (Version: 1.2.1 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{A312ABBC-E4A0-4595-BB69-95AFF48A9838}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B962DFD6-45C1-49D8-AEBA-197BF6576D29}) (Version: 4.0.10.0 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000405-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.34 - PDF Complete, Inc)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.3 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00DA9B6C-E1E5-443B-ABA3-4974A1033D4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {1A1736AA-EB9A-4F35-9225-FB3BAE496C2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {2121B026-C622-4280-AA03-E9A1D2FA58E0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {3ED83D53-897B-492C-9DB3-9DB2BA2CC654} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe [2016-03-26] (Adobe Systems Incorporated)
Task: {747676AF-CC3E-4CFC-99FA-54E7E358C0E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9C8A2A77-CB99-4C83-BD5F-A1FC9AA99532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B88FC677-1CEC-4AE4-84F5-82EA4B7E8009} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {E452E8F5-C52E-4FC6-8FFE-437A04CE3835} - System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
Task: {E4AB5FE2-4C67-45C1-91AF-BCCCFB7E7955} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {E9163679-2AC7-413B-9E19-C570FE8C2ABE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {ED769179-EF6E-4AE7-B8A4-EA751C046D43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Ladislav\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2015-10-11 17:01 - 2014-10-30 14:06 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2010-12-17 02:37 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-12-10 20:02 - 2014-12-10 20:02 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-09-30 11:13 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-04-12 07:07 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 07:07 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2014-01-31 05:28 - 2014-01-31 05:28 - 00421520 _____ () C:\Program Files (x86)\GRETECH\GomPlayer\GomTVStrm.dll
2014-12-19 03:08 - 2014-12-19 03:08 - 01193984 _____ () C:\Program Files (x86)\GRETECH\GomPlayer\libass.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D8E3557B-ECA1-47D8-8B72-4D2A5BCB0F8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FCF131FD-945A-4422-AFED-AABC725B7229}] => (Allow) LPort=2869
FirewallRules: [{7E323A61-D177-4290-B8B3-531F7B823B0A}] => (Allow) LPort=1900
FirewallRules: [{24D2E456-8DE7-4399-8764-FB71F50AE69E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F8D5B5A4-0F0A-4972-83E6-264270F60426}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{360B8856-0721-4A2B-8ED3-E401438F3EF3}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{30F34964-B153-445B-841D-184BCAE95817}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{9FF2D02F-B731-4D59-AE6F-96A44ADD0B08}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EF7B01E4-85B9-4FE5-ACB2-ACA12E17B503}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EA0C32F1-1F0C-471D-9BB6-B36459A256C7}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DD7BE530-04A8-4ECF-88A4-89C49AABA563}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{4B2A05A6-0712-4778-925F-3B031086AB17}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E1F95D62-B184-4733-9681-AD64353B457D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9BCE8AB0-3ECE-48F5-BC11-D965948379A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{D32870E5-052A-4416-A54F-49AA30EB3942}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9EB4C59A-6249-4AF3-8038-73F0E1688028}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{869B4994-5547-425C-A595-4ED2E1534867}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{9A34193B-3B13-4B76-9E7B-DE11EFA6B056}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{2EEC3D38-DD75-40A3-8D07-50552FDBA2E3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2DFF0BE0-C53C-4F9C-9081-74EA7E36C96B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{4DEF5A5C-8419-463F-92BA-1CCB602EEFBB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{493D0E3C-1D87-4A3A-8B17-CFAD25A9E36D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{393E6FAF-B197-43A3-B01C-B8E4AC516DC0}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{66BC5086-B42E-4F67-AED6-33A3AB86272B}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{C9265191-1F48-4140-A650-FB312A056391}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-04-2016 11:56:26 Windows Update
08-04-2016 11:04:40 Malwarebytes Anti-Rootkit Restore Point
==================== Faulty Device Manager Devices =============
Name: TsDefenseBt
Description: TsDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SRepairDrv
Description: SRepairDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRepairDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2016 11:25:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 08:07:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/12/2016 02:49:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.17813, časové razítko: 0x554a15f3
Název chybujícího modulu: mshtml.dll, verze: 11.0.9600.17842, časové razítko: 0x5565d4c6
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000009296
ID chybujícího procesu: 0x12b8
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3
Error: (04/11/2016 03:15:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/08/2016 01:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/08/2016 11:08:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/08/2016 09:30:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/06/2016 09:24:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2016 02:23:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2016 02:21:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (04/14/2016 11:25:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TSDefenseBt
Error: (04/14/2016 11:25:24 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/14/2016 08:06:57 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/14/2016 08:06:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TSDefenseBt
Error: (04/11/2016 03:14:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TSDefenseBt
Error: (04/11/2016 03:14:56 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/08/2016 01:10:28 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/08/2016 12:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/08/2016 12:57:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/08/2016 12:57:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Úložná technologie Intel(R) Rapid byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 76%
Total physical RAM: 3947.86 MB
Available physical RAM: 929.69 MB
Total Virtual: 7893.93 MB
Available Virtual: 3072.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:449.9 GB) (Free:222.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.56 GB) (Free:1.92 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B0CEA89)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Nežádoucí programy v PC
Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Aktualni je 8U77. Verze Javy, ktere v PC mate nainstalovane:- Java(TM) 6 Update 22 (64-bit)
- Java(TM) 6 Update 22
Windows Defender na Win7 zastava pouze funkci antispywarovou - nainstalujte plnohodnotny antivir. Kouknete na srovnavaci testy a vyberte si http://forum.viry.cz/viewtopic.php?f=14 ... &start=165- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd) HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [234656 2011-05-09] (Adobe Systems, Inc.) HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM ... 8wex1YCYCw S2 QQRepair2317; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair2317" [X] S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X] S3 athr; system32\DRIVERS\athrx.sys [X] S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X] S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X] S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X] S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X] S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X] S3 BtFilter; system32\DRIVERS\btfilter.sys [X] S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X] S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X] 2016-04-08 13:10 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Tencent 2016-04-08 13:09 - 2016-04-08 13:09 - 00000000 ____D C:\ProgramData\TXQMPC 2016-04-08 12:53 - 2016-04-08 12:57 - 00000000 ____D C:\AdwCleaner 2016-04-08 12:48 - 2016-04-08 12:49 - 03119168 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe 2016-04-08 10:21 - 2016-04-08 10:21 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-08 10:20 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-04-08 10:20 - 2016-04-08 11:05 - 00000000 ____D C:\Users\Ladislav\Desktop\mbar 2016-04-08 10:20 - 2016-04-08 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-08 10:20 - 2016-04-08 10:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-08 10:14 - 2016-04-08 10:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe 2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\rsit 2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\Program Files\trend micro 2016-04-06 10:04 - 2016-04-09 10:02 - 00028270 _____ C:\Users\Ladislav\Desktop\Addition.txt 2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe 2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db 2016-03-31 19:19 - 2016-04-08 13:10 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent C:\Windows\system32\Drivers\TFsFltX64.sys 2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent 2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network 2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network 2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen 2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip Task: {E452E8F5-C52E-4FC6-8FFE-437A04CE3835} - System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ShortcutWithArgument: C:\Users\Ladislav\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768 AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133] Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nežádoucí programy v PC
Dobrý den,
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ladislav (2016-04-27 19:57:00) Run:1
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [234656 2011-05-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM ... 8wex1YCYCw
S2 QQRepair2317; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair2317" [X]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X]
2016-04-08 13:10 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Tencent
2016-04-08 13:09 - 2016-04-08 13:09 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-08 12:53 - 2016-04-08 12:57 - 00000000 ____D C:\AdwCleaner
2016-04-08 12:48 - 2016-04-08 12:49 - 03119168 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe
2016-04-08 10:21 - 2016-04-08 10:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-08 10:20 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-08 10:20 - 2016-04-08 11:05 - 00000000 ____D C:\Users\Ladislav\Desktop\mbar
2016-04-08 10:20 - 2016-04-08 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 10:20 - 2016-04-08 10:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-08 10:14 - 2016-04-08 10:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\rsit
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\Program Files\trend micro
2016-04-06 10:04 - 2016-04-09 10:02 - 00028270 _____ C:\Users\Ladislav\Desktop\Addition.txt
2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe
2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:19 - 2016-04-08 13:10 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen
2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip
Task: {E452E8F5-C52E-4FC6-8FFE-437A04CE3835} - System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
ShortcutWithArgument: C:\Users\Ladislav\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ic-0.2128a7f97d71cc.exe -start => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => value not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14055874-f322-11e5-852f-101f745a7fa2}" => key removed successfully
HKCR\CLSID\{14055874-f322-11e5-852f-101f745a7fa2} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f51d7cf-606e-11e1-a355-001e101f36d9}" => key removed successfully
HKCR\CLSID\{8f51d7cf-606e-11e1-a355-001e101f36d9} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4d558cf-7b74-11e1-a6b7-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{d4d558cf-7b74-11e1-a6b7-806e6f6e6963} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcf78283-5996-11e1-86ed-74de2b2f5d55}" => key removed successfully
HKCR\CLSID\{dcf78283-5996-11e1-86ed-74de2b2f5d55} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcf7828b-5996-11e1-86ed-74de2b2f5d55}" => key removed successfully
HKCR\CLSID\{dcf7828b-5996-11e1-86ed-74de2b2f5d55} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found.
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Chrome HomePage => removed successfully
QQRepair2317 => service removed successfully
AthBTPort => service removed successfully
athr => service removed successfully
BTATH_A2DP => service removed successfully
BTATH_BUS => service removed successfully
BTATH_HCRP => service removed successfully
BTATH_LWFLT => service removed successfully
BTATH_RCP => service removed successfully
BtFilter => service removed successfully
SRepairDrv => service removed successfully
TSDefenseBt => service removed successfully
C:\ProgramData\Tencent => moved successfully
C:\ProgramData\TXQMPC => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => moved successfully
C:\Users\Ladislav\Desktop\mbar => moved successfully
C:\Windows\system32\Drivers\MBAMSwissArmy.sys => moved successfully
C:\Windows\system32\Drivers\mbamchameleon.sys => moved successfully
C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Ladislav\Desktop\Addition.txt => moved successfully
C:\Users\Ladislav\Desktop\RSITx64.exe => moved successfully
C:\Users\Ladislav\AppData\Roaming\GiftBag.db => moved successfully
C:\Users\Ladislav\AppData\Roaming\Tencent => moved successfully
C:\Windows\system32\Drivers\TFsFltX64.sys => moved successfully
C:\Program Files (x86)\Tencent => moved successfully
C:\Users\Public\Thunder Network => moved successfully
C:\ProgramData\Thunder Network => moved successfully
C:\Users\Ladislav\Downloads\keygen => moved successfully
C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E452E8F5-C52E-4FC6-8FFE-437A04CE3835}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E452E8F5-C52E-4FC6-8FFE-437A04CE3835}" => key removed successfully
C:\Windows\System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Ladislav\Desktop\Imperia Online.lnk => not found.
C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk => Shortcut argument removed successfully.
C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk => Shortcut argument removed successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 749.3 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:59:29 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01Ran by Ladislav (2016-04-27 19:57:00) Run:1
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [ic-0.2128a7f97d71cc.exe -start] => C:\Users\Ladislav\AppData\Local\Temp\15376488\ic-0.2128a7f97d71cc.exe -start <===== ATTENTION
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [234656 2011-05-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {14055874-f322-11e5-852f-101f745a7fa2} - H:\Setup.exe
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {8f51d7cf-606e-11e1-a355-001e101f36d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {d4d558cf-7b74-11e1-a6b7-806e6f6e6963} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78283-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf7828b-5996-11e1-86ed-74de2b2f5d55} - F:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
Toolbar: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM ... 8wex1YCYCw
S2 QQRepair2317; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair2317" [X]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X]
2016-04-08 13:10 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Tencent
2016-04-08 13:09 - 2016-04-08 13:09 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-08 12:53 - 2016-04-08 12:57 - 00000000 ____D C:\AdwCleaner
2016-04-08 12:48 - 2016-04-08 12:49 - 03119168 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe
2016-04-08 10:21 - 2016-04-08 10:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-08 10:20 - 2016-04-08 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-08 10:20 - 2016-04-08 11:05 - 00000000 ____D C:\Users\Ladislav\Desktop\mbar
2016-04-08 10:20 - 2016-04-08 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-08 10:20 - 2016-04-08 10:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-08 10:14 - 2016-04-08 10:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\rsit
2016-04-06 10:12 - 2016-04-06 10:12 - 00000000 ____D C:\Program Files\trend micro
2016-04-06 10:04 - 2016-04-09 10:02 - 00028270 _____ C:\Users\Ladislav\Desktop\Addition.txt
2016-04-06 10:03 - 2016-04-06 10:03 - 01222144 _____ C:\Users\Ladislav\Desktop\RSITx64.exe
2016-03-31 19:20 - 2016-03-31 19:20 - 00005120 _____ C:\Users\Ladislav\AppData\Roaming\GiftBag.db
2016-03-31 19:19 - 2016-04-08 13:10 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-31 19:19 - 2016-03-31 19:19 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-31 19:18 - 2016-03-31 19:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-31 19:16 - 2016-03-31 19:16 - 01611944 _____ (Secure Download Ltd. ) C:\Users\Ladislav\Downloads\keygen
2016-03-31 19:16 - 2016-03-31 19:16 - 00088969 _____ C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip
Task: {E452E8F5-C52E-4FC6-8FFE-437A04CE3835} - System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
ShortcutWithArgument: C:\Users\Ladislav\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ic-0.2128a7f97d71cc.exe -start => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => value not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14055874-f322-11e5-852f-101f745a7fa2}" => key removed successfully
HKCR\CLSID\{14055874-f322-11e5-852f-101f745a7fa2} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f51d7cf-606e-11e1-a355-001e101f36d9}" => key removed successfully
HKCR\CLSID\{8f51d7cf-606e-11e1-a355-001e101f36d9} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4d558cf-7b74-11e1-a6b7-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{d4d558cf-7b74-11e1-a6b7-806e6f6e6963} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcf78283-5996-11e1-86ed-74de2b2f5d55}" => key removed successfully
HKCR\CLSID\{dcf78283-5996-11e1-86ed-74de2b2f5d55} => key not found.
"HKU\S-1-5-21-450129140-1224967779-4017086383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcf7828b-5996-11e1-86ed-74de2b2f5d55}" => key removed successfully
HKCR\CLSID\{dcf7828b-5996-11e1-86ed-74de2b2f5d55} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found.
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Chrome HomePage => removed successfully
QQRepair2317 => service removed successfully
AthBTPort => service removed successfully
athr => service removed successfully
BTATH_A2DP => service removed successfully
BTATH_BUS => service removed successfully
BTATH_HCRP => service removed successfully
BTATH_LWFLT => service removed successfully
BTATH_RCP => service removed successfully
BtFilter => service removed successfully
SRepairDrv => service removed successfully
TSDefenseBt => service removed successfully
C:\ProgramData\Tencent => moved successfully
C:\ProgramData\TXQMPC => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Ladislav\Desktop\adwcleaner_5.109.exe => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => moved successfully
C:\Users\Ladislav\Desktop\mbar => moved successfully
C:\Windows\system32\Drivers\MBAMSwissArmy.sys => moved successfully
C:\Windows\system32\Drivers\mbamchameleon.sys => moved successfully
C:\Users\Ladislav\Desktop\mbar-1.09.3.1001.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Ladislav\Desktop\Addition.txt => moved successfully
C:\Users\Ladislav\Desktop\RSITx64.exe => moved successfully
C:\Users\Ladislav\AppData\Roaming\GiftBag.db => moved successfully
C:\Users\Ladislav\AppData\Roaming\Tencent => moved successfully
C:\Windows\system32\Drivers\TFsFltX64.sys => moved successfully
C:\Program Files (x86)\Tencent => moved successfully
C:\Users\Public\Thunder Network => moved successfully
C:\ProgramData\Thunder Network => moved successfully
C:\Users\Ladislav\Downloads\keygen => moved successfully
C:\Users\Ladislav\Downloads\The Clone Wars Activator Cheat.zip => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E452E8F5-C52E-4FC6-8FFE-437A04CE3835}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E452E8F5-C52E-4FC6-8FFE-437A04CE3835}" => key removed successfully
C:\Windows\System32\Tasks\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8157F0E8-4718-40B7-BBF5-3DB33FC3B6BD}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Ladislav\Desktop\Imperia Online.lnk => not found.
C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk => Shortcut argument removed successfully.
C:\Users\Ladislav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk => Shortcut argument removed successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 749.3 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:59:29 ====
Re: Nežádoucí programy v PC
Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nežádoucí programy v PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01Ran by Ladislav (administrator) on LADISLAV-HP (28-04-2016 10:17:20)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\...\MountPoints2: {dcf78152-5996-11e1-86ed-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2012-11-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-04-15]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{3318193A-170E-4A79-8F72-B4BE5D9D3136}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {BF719C4E-2EA1-4CD7-97CC-4484DDC835E8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-450129140-1224967779-4017086383-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=8kM6Vd_PKcKo8wex1YCYCw
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Like) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmdfldoaocolmibeehmndgcmlbidppj [2016-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2793568 2011-02-25] (Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [415744 2011-07-12] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-27 19:57 - 2016-04-27 19:59 - 00011715 _____ C:\Users\Ladislav\Desktop\Fixlog.txt
2016-04-26 12:37 - 2016-04-26 12:37 - 00000000 ____D C:\Users\Ladislav\AppData\Local\ESET
2016-04-26 10:46 - 2016-04-26 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-26 10:46 - 2016-04-26 10:46 - 00000000 ____D C:\ProgramData\ESET
2016-04-26 10:46 - 2016-04-26 10:46 - 00000000 ____D C:\Program Files\ESET
2016-04-26 10:39 - 2016-04-26 10:39 - 03013792 _____ (ESET) C:\Users\Ladislav\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-04-26 10:39 - 2016-04-26 10:39 - 03013792 _____ (ESET) C:\Users\Ladislav\Downloads\eset_nod32_antivirus_live_installer_ (1).exe
2016-04-26 10:35 - 2016-04-26 10:35 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-26 10:35 - 2016-04-26 10:35 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Sun
2016-04-26 10:35 - 2016-04-26 10:35 - 00000000 ____D C:\Users\Ladislav\.oracle_jre_usage
2016-04-26 10:35 - 2016-04-26 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-26 10:34 - 2016-04-26 10:34 - 00000000 ____D C:\ProgramData\Oracle
2016-04-26 10:34 - 2016-04-26 10:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-26 10:32 - 2016-04-26 10:32 - 00738368 _____ (Oracle Corporation) C:\Users\Ladislav\Downloads\chromeinstall-8u91.exe
2016-04-26 10:32 - 2016-04-26 10:32 - 00000000 ____D C:\Users\Ladislav\AppData\LocalLow\Oracle
2016-04-25 20:09 - 2016-04-25 20:13 - 00000000 ____D C:\Users\Ladislav\Downloads\Fifty.Shades.of.Black.2016.BRRip.XviD.AC3-RARBG
2016-04-25 20:08 - 2016-04-25 21:27 - 3034135490 _____ C:\Users\Ladislav\Downloads\LOTR TROTK extended.avi
2016-04-25 20:08 - 2016-04-25 20:08 - 00011852 _____ C:\Users\Ladislav\Downloads\[SkT]Padesat_odstinu_cerne_-_Fifty_Shades_of_Black_(2016)_=_CSFD_44%.torrent
2016-04-25 20:07 - 2016-04-25 20:21 - 00000000 ____D C:\Users\Ladislav\Downloads\PÁN PRSTENŮ - TRILOGIE (DVDrip CZ)
2016-04-25 20:07 - 2016-04-25 20:07 - 00021845 _____ C:\Users\Ladislav\Downloads\[SkT]Pan_prstenov_1,2,3_-_Pan_prstenu_1,2,3_-_Lord_of_the_Rings_1,2,3_(2001-2003)(CZ)_=_CSFD_90%.torrent
2016-04-25 20:05 - 2016-04-25 20:05 - 00014957 _____ C:\Users\Ladislav\Downloads\[SkT]Pan_prstenu-_Navrat_krale_-__Lord_of_the_Rings-_The_Return_of_the_King__(Extended_Edition)(2003)(CZ)_=_CSFD_90%.torrent
2016-04-24 16:14 - 2016-04-24 19:09 - 00001091 _____ C:\Users\Ladislav\Desktop\Nový textový dokument.txt
2016-04-17 22:38 - 2016-04-22 07:23 - 29891172 _____ C:\Users\Ladislav\Desktop\mat. z knihovny.pdf
2016-04-15 20:46 - 2016-04-16 17:10 - 00000000 ____D C:\Users\Ladislav\Desktop\nova slozka
2016-04-15 14:47 - 2016-04-15 14:47 - 20355776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-15 14:47 - 2016-04-15 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2016-04-15 14:47 - 2016-04-15 14:47 - 00000000 ____D C:\Program Files (x86)\ffdshow
2016-04-15 14:47 - 2014-07-17 19:31 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-04-15 14:46 - 2016-04-15 14:46 - 00000000 ____D C:\ProgramData\GRETECH
2016-04-15 14:33 - 2016-04-15 14:33 - 00003996 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2016-04-15 14:32 - 2016-04-26 10:54 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-04-15 14:32 - 2016-04-15 14:32 - 00001823 _____ C:\Users\Ladislav\Desktop\MyPC Backup.lnk
2016-04-15 14:32 - 2016-04-15 14:32 - 00001169 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2016-04-15 14:32 - 2016-04-15 14:32 - 00001145 _____ C:\Users\Public\Desktop\GOM Player.lnk
2016-04-15 14:32 - 2016-04-15 14:32 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\GRETECH
2016-04-15 14:32 - 2016-04-15 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2016-04-15 14:19 - 2016-04-28 09:47 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 14:19 - 2016-04-15 14:47 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-15 11:58 - 2016-04-15 12:02 - 00000000 ____D C:\Users\Ladislav\Downloads\Gangster.Ka.African.2015.480p.WEB-DL.XviD.AC3.CZ
2016-04-15 11:57 - 2016-04-15 11:57 - 00014315 _____ C:\Users\Ladislav\Downloads\[SkT]Gangster_Ka-_African_(2015)(CZ)[WebRip]_=_CSFD_73%.torrent
2016-04-14 23:39 - 2016-04-14 23:44 - 1200333397 _____ C:\Users\Ladislav\Downloads\Connasse.Princesse.Des.Coeurs.2015.DVDRip.x264-RiSiNG.mkv
2016-04-14 23:38 - 2016-04-14 23:38 - 00012046 _____ C:\Users\Ladislav\Downloads\[SkT]Parizska_blbka_-_Connasse,_Princesse_des_coeurs_(2015)(CZ)_=_CSFD_63%.torrent
2016-04-14 23:35 - 2016-04-14 23:35 - 00011596 _____ C:\Users\Ladislav\Downloads\[SkT]Uz_je_tady_zas_-_Er_ist_wieder_da_(2015)_=_CSFD_81%.torrent
2016-04-14 15:09 - 2016-04-14 15:09 - 00264552 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00186784 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00170792 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (4).pdf
2016-04-09 15:15 - 2016-04-09 15:15 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (3).pdf
2016-04-09 14:55 - 2016-04-09 14:55 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (2).pdf
2016-04-09 14:54 - 2016-04-09 14:54 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz (1).pdf
2016-04-09 14:40 - 2016-04-09 14:40 - 01053965 _____ C:\Users\Ladislav\Downloads\mkf_cz.pdf
2016-04-09 14:39 - 2016-04-09 14:39 - 00311787 _____ C:\Users\Ladislav\Downloads\6_Mezinárodní_klasifikace_funkčních_schopností,_disability_a_zdraví_(ICF).pdf
2016-04-07 11:22 - 2016-04-07 11:22 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy (1).pdf
2016-04-07 11:20 - 2016-04-07 11:21 - 03595032 _____ C:\Users\Ladislav\Downloads\organizace_dopravy.pdf
2016-04-07 11:17 - 2016-04-07 11:17 - 01112511 _____ C:\Users\Ladislav\Downloads\c.2_-_celkovy_situacni_vykres.pdf
2016-04-07 11:12 - 2016-04-07 11:12 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1 (1).pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02900480 _____ C:\Users\Ladislav\Downloads\kontrolni_den_17.pdf
2016-04-07 11:09 - 2016-04-07 11:09 - 02639440 _____ C:\Users\Ladislav\Downloads\c.3a-koordinacni1.pdf
2016-04-07 11:08 - 2016-04-07 11:08 - 09912320 _____ C:\Users\Ladislav\Downloads\prezentace_zabovresky_umc_160309.ppt
2016-04-07 11:07 - 2016-04-07 11:07 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (2).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova.pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00054466 _____ C:\Users\Ladislav\Downloads\odpoved_na_dopis_k_dopravni_obsluznosti_tabor-meznikova-kralova (1).pdf
2016-04-07 11:07 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (2).pdf
2016-04-07 11:06 - 2016-04-07 11:07 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16.pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00106809 _____ C:\Users\Ladislav\Downloads\reakce_na_pripis_namestka_primatora_-_1-16 (1).pdf
2016-04-07 11:06 - 2016-04-07 11:06 - 00036537 _____ C:\Users\Ladislav\Downloads\vyjadreni_nam._primatora_k_zastvace_kralova.pdf
2016-04-06 10:02 - 2016-04-28 10:17 - 00014149 _____ C:\Users\Ladislav\Desktop\FRST.txt
2016-04-06 10:02 - 2016-04-28 10:17 - 00000000 ____D C:\FRST
2016-04-06 09:59 - 2016-04-06 09:59 - 02374144 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2016-04-05 15:33 - 2016-04-05 15:33 - 00688685 _____ C:\Users\Ladislav\Downloads\DPTX_2006_2_11210_ASZK10001_106609_0_27875 (1).pdf
2016-04-05 13:09 - 2016-04-05 13:09 - 00000414 _____ C:\Users\Ladislav\Downloads\priloha
2016-04-02 14:52 - 2016-04-02 14:52 - 00000256 _____ C:\Users\Ladislav\Downloads\_Certification_.htm
2016-04-01 14:06 - 2016-04-01 14:06 - 00019630 _____ C:\Users\Ladislav\Documents\cc_20160401_140605.reg
2016-04-01 14:06 - 2016-04-01 14:06 - 00004716 _____ C:\Users\Ladislav\Documents\cc_20160401_140621.reg
2016-04-01 14:05 - 2016-04-27 20:01 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-31 19:16 - 2016-04-27 19:58 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-03-31 19:16 - 2016-03-31 19:16 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\ImperiaOnline
2016-03-31 19:14 - 2016-03-31 19:14 - 05096956 _____ C:\Users\Ladislav\Downloads\Lego.Star.Wars.Iii.The.Clone.W.keygen.exe.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-28 09:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-28 03:24 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 03:24 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-27 20:01 - 2011-05-09 16:24 - 00000000 ____D C:\ProgramData\PDFC
2016-04-27 20:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-27 19:41 - 2015-06-09 19:50 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\uTorrent
2016-04-26 10:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-26 10:35 - 2012-02-17 23:09 - 00000000 ____D C:\Users\Ladislav
2016-04-24 12:59 - 2015-11-20 08:25 - 00000000 ____D C:\Users\Ladislav\Desktop\Odevzdané materiály
2016-04-23 14:34 - 2015-06-21 15:52 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-23 14:05 - 2012-04-17 23:01 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2016-04-18 23:16 - 2016-01-16 14:32 - 00000000 ____D C:\Users\Ladislav\Desktop\Finále
2016-04-17 22:34 - 2016-01-03 10:13 - 00000000 ____D C:\Users\Ladislav\Desktop\BAKALÁŘKA
2016-04-17 22:33 - 2011-05-10 01:48 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-04-17 22:33 - 2011-05-10 01:48 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-04-17 22:33 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-15 20:50 - 2016-03-26 12:04 - 00000000 ____D C:\Users\Ladislav\Desktop\Movie
2016-04-15 14:47 - 2015-06-21 15:52 - 00003964 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-15 14:47 - 2015-06-21 15:51 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-15 14:47 - 2015-06-21 15:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-15 14:31 - 2015-06-09 20:41 - 00000000 ____D C:\Program Files (x86)\GRETECH
2016-04-12 14:49 - 2014-12-05 16:12 - 00000000 ____D C:\Users\Ladislav\AppData\Local\CrashDumps
2016-04-12 07:07 - 2014-12-16 14:48 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 07:07 - 2014-12-16 14:48 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-01 14:07 - 2016-03-25 11:27 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\DAEMON Tools Lite
2016-04-01 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Opera Software
2016-04-01 14:01 - 2015-06-21 15:42 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Opera Software
2016-04-01 14:01 - 2015-06-21 15:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-01 14:01 - 2012-02-17 23:26 - 00001393 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 13:51 - 2011-05-09 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 13:47 - 2012-02-17 23:24 - 00109688 _____ C:\Users\Ladislav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-01 13:46 - 2009-07-14 06:45 - 00409920 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 11:58 - 2015-05-26 21:34 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Battle.net
2016-03-29 11:09 - 2015-05-26 21:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
==================== Files in the root of some directories =======
2015-06-13 11:49 - 2015-06-13 11:49 - 0007637 _____ () C:\Users\Ladislav\AppData\Local\Resmon.ResmonCfg
2016-02-27 02:18 - 2016-02-27 02:18 - 0000000 _____ () C:\Users\Ladislav\AppData\Local\{1572A71C-E01C-4DEE-BB75-616336F64497}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-28 03:16
==================== End of FRST.txt ============================
Re: Nežádoucí programy v PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01Ran by Ladislav (2016-04-28 10:18:11)
Running from C:\Users\Ladislav\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-17 21:09:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-450129140-1224967779-4017086383-500 - Administrator - Disabled)
Guest (S-1-5-21-450129140-1224967779-4017086383-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-450129140-1224967779-4017086383-1003 - Limited - Enabled)
Ladislav (S-1-5-21-450129140-1224967779-4017086383-1000 - Administrator - Enabled) => C:\Users\Ladislav
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 9.0.376.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.376.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{A14277DC-AB21-499B-832B-A3AF51D5DBF6}) (Version: 9.0.376.1 - ESET, spol. s r.o.)
Essential Grammar in Use (HKLM-x32\...\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}) (Version: 1.00.0000 - Cambridge)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.0.5248 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{B97E3520-C726-475E-BC0C-7561952633AB}) (Version: 1.2.1 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{A312ABBC-E4A0-4595-BB69-95AFF48A9838}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B962DFD6-45C1-49D8-AEBA-197BF6576D29}) (Version: 4.0.10.0 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000405-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\OLBPre) (Version: - MyPC Backup) <==== ATTENTION
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.34 - PDF Complete, Inc)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.3 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00DA9B6C-E1E5-443B-ABA3-4974A1033D4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {1A1736AA-EB9A-4F35-9225-FB3BAE496C2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {2121B026-C622-4280-AA03-E9A1D2FA58E0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {3DBFBAAF-815F-4C4B-83C8-167FC10EDF12} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {3ED83D53-897B-492C-9DB3-9DB2BA2CC654} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-15] (Adobe Systems Incorporated)
Task: {747676AF-CC3E-4CFC-99FA-54E7E358C0E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9C8A2A77-CB99-4C83-BD5F-A1FC9AA99532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B88FC677-1CEC-4AE4-84F5-82EA4B7E8009} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {E4AB5FE2-4C67-45C1-91AF-BCCCFB7E7955} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {E6BC507F-9E43-495F-8337-A1017EA17052} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-15] (Adobe Systems Incorporated)
Task: {E9163679-2AC7-413B-9E19-C570FE8C2ABE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {ED769179-EF6E-4AE7-B8A4-EA751C046D43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-11 17:01 - 2014-10-30 14:06 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2010-12-17 02:37 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-12-10 20:02 - 2014-12-10 20:02 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-09-30 11:13 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-04-12 07:07 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 07:07 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-04-27 19:58 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-450129140-1224967779-4017086383-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D8E3557B-ECA1-47D8-8B72-4D2A5BCB0F8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FCF131FD-945A-4422-AFED-AABC725B7229}] => (Allow) LPort=2869
FirewallRules: [{7E323A61-D177-4290-B8B3-531F7B823B0A}] => (Allow) LPort=1900
FirewallRules: [{24D2E456-8DE7-4399-8764-FB71F50AE69E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F8D5B5A4-0F0A-4972-83E6-264270F60426}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{360B8856-0721-4A2B-8ED3-E401438F3EF3}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{30F34964-B153-445B-841D-184BCAE95817}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{9FF2D02F-B731-4D59-AE6F-96A44ADD0B08}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EF7B01E4-85B9-4FE5-ACB2-ACA12E17B503}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EA0C32F1-1F0C-471D-9BB6-B36459A256C7}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DD7BE530-04A8-4ECF-88A4-89C49AABA563}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{4B2A05A6-0712-4778-925F-3B031086AB17}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E1F95D62-B184-4733-9681-AD64353B457D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9BCE8AB0-3ECE-48F5-BC11-D965948379A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{D32870E5-052A-4416-A54F-49AA30EB3942}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9EB4C59A-6249-4AF3-8038-73F0E1688028}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{869B4994-5547-425C-A595-4ED2E1534867}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{9A34193B-3B13-4B76-9E7B-DE11EFA6B056}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{2EEC3D38-DD75-40A3-8D07-50552FDBA2E3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2DFF0BE0-C53C-4F9C-9081-74EA7E36C96B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{4DEF5A5C-8419-463F-92BA-1CCB602EEFBB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{493D0E3C-1D87-4A3A-8B17-CFAD25A9E36D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{393E6FAF-B197-43A3-B01C-B8E4AC516DC0}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{66BC5086-B42E-4F67-AED6-33A3AB86272B}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{C9265191-1F48-4140-A650-FB312A056391}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-04-2016 11:56:26 Windows Update
08-04-2016 11:04:40 Malwarebytes Anti-Rootkit Restore Point
15-04-2016 17:29:05 Naplánovaný kontrolní bod
16-04-2016 01:21:01 HPSF Restore Point
26-04-2016 10:29:19 Removed Java(TM) 6 Update 22
26-04-2016 10:30:48 Removed Java(TM) 6 Update 22 (64-bit)
27-04-2016 19:57:10 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2016 08:01:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2016 09:52:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2016 08:04:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2016 01:13:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2016 04:00:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2016 09:37:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2016 12:30:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2016 09:23:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/20/2016 07:41:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/19/2016 10:44:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/27/2016 08:00:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/27/2016 07:58:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (04/27/2016 07:58:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (04/27/2016 07:58:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/27/2016 07:58:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Úložná technologie Intel(R) Rapid byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/27/2016 07:58:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/27/2016 07:58:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/27/2016 07:58:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/27/2016 07:58:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Wireless Assistant Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/27/2016 07:58:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 57%
Total physical RAM: 3947.86 MB
Available physical RAM: 1660.33 MB
Total Virtual: 7893.93 MB
Available Virtual: 4885.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:449.9 GB) (Free:218.04 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.56 GB) (Free:1.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (iTutor) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B0CEA89)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Nežádoucí programy v PC
Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
- spuste dvojklikem a extrahujte na plochu
- kliknete na Next
- aktualizujte virovou databazi klikem na Update a pokracujte na Next
- vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 20 minut)
- zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
- kliknete na Cleanup a souhlaste s restartem - Yes
- obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?