vyskakujúce čínske okná

Zpráva

frenky · #1 Příspěvek od **frenky** » 28 dub 2016 21:38

prosím o pomoc pri vyriešení tohto problému , díky

trvá to asi 3 dni, nainštaloval som už aj eset a nič nepomohlo

+Logfile of random's system information tool 1.10 (written by random/random)
Run by Frenky at 2016-04-28 22:22:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 132 GB (36%) free of 365 GB
Total RAM: 3952 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:22:50, on 28.04.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\ProgramData\smp2.exe
C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Frenky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=93018773_hao_pg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=93018773_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - (no file)
R3 - URLSearchHook: (no name) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} - C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - (no file)
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component

\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology

\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management

Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
O23 - Service: QQRepair9f4 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepairFixSVC - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Search Module Update (SMUpd) - Search Module Ltd. - C:\Program Files\Common Files\Doobzo\GSUpdate\smu.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Transoft Solutions License Server V1.7 - Unknown owner - C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine

Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12139 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRtp.exe" -r
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\hasplms.exe -run
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Doobzo\GSUpdate\smu.exe" /service
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"taskhost.exe"
taskeng.exe {364C96BC-B756-452C-B0BC-67B49FF69DA6}
"C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
taskeng.exe {45567071-1ACC-4762-A33C-9BDAA77382AD}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
WLIDSvcM.exe 788
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
rundll32 "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgHooks.dll",Proc32_HooksLoop
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /elevated /regrun
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Toshiba\FlashCards\TCrdMain.exe"
"C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe"
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe" /SPEAKER
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\ProgramData\smp2.exe install1 "http://www%2dsearching.com/?prd=set_epf&s=g4qzamobl3687bn,38bd5f72-7114-4d1c-944b-eb8529c31789," Search
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\TOSHIBA\TECO\TECO.exe" /B
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search"

"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe /c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www%2dsearching.com/?prd=set_epf&s=g4qzamobl3687bn,38bd5f72-7114-4d1c-944b-eb8529c31789,
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Frenky\AppData\Local\Google

\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --

annotation=ver=49.0.2623.112 --handshake-handle=0xdc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4756 --on-initialized-event-handle=340 --parent-handle=344 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6000.0.1354228123\1558262994" --supports-dual-gpus=false --gpu-driver-bug-

workarounds=3,11,25,54,64 --gpu-vendor-id=0x10de --gpu-device-id=0x0a2b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer "

/prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-

features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --

lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-

gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigSe

rvice/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforc

e/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Preve

ntUWYTDefaultForNonURLInputsStable_Control/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPoss

iblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLComm

onNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequenc

y/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-Uniformity-

Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-

Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-

PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-

scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-

target=3553 --channel="6000.2.51235848\670913408" /prefetch:1
C:\windows\system32\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-

features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --

lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-

gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigSe

rvice/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforc

e/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Preve

ntUWYTDefaultForNonURLInputsStable_Control/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPoss

iblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLComm

onNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequen

cy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-Uniformity-

Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-

Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-

PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-

texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6000.4.1601438068\1785698411"

/prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-

features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --

lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-

gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigSe

rvice/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforc

e/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Preve

ntUWYTDefaultForNonURLInputsStable_Control/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPos

siblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCom

monNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFreque

ncy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-

Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-

Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-

LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --

num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --

channel="6000.7.1661305579\955964628" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-

features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --

lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-

gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigSe

rvice/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforc

e/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Preve

ntUWYTDefaultForNonURLInputsStable_Control/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPo

ssiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCo

mmonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequ

ency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-

Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-

Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-

LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --

device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-

texture-target=3553 --channel="6000.8.1416807169\1006784490" /prefetch:1

"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Frenky\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job - C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe /c

=========Mozilla firefox=========

ProfilePath - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "{ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {930f1200-f5f1-4870-bac6-

e233ec8e7023}:3.1.0.12, toolbar@ask.com:3.11.3.15590, {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 1098640&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant]
"Description"=QQPhoneManager Onekey-Install plug-in for Android Phones
"Path"=C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll

C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\extensions\
arthurj8283@gmail.com

C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\searchplugins\
icqplugin.gif
icqplugin.src
YAC Safe Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat [2016-04-26 423104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}]
Ó¦ÓĂ±¦Ň»Ľü°˛×°˛ĺĽţ - C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30 140344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{930f1200-f5f1-4870-bac6-e233ec8e7023}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-09 10103840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-15 1870120]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-11-10 910136]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2010-07-21 1037728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\Frenky\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2015-01-27 1310088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-09-27 1279120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2016-03-03 5565088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe /md I []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free PDF Print Dispatcher]
C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Color LaserJet CM2320 MFP Series Fax]
C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [2009-09-22 3700736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.4\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-08-31 452272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Seven]
C:\Program Files\PDFSeven\PDF.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-28 1482592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-12-01 34648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-11-05 709976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-11-10 707416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-11-21 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^KYESCAN.lnk]
C:\PROGRA~2\ScannerU\Kyescan.exe [2007-04-30 184320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.266\SSSCHE~1.EXE [2015-12-02 330456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe [2016-04-26 362304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-04-28 22:22:26 ----D---- C:\Program Files\trend micro
2016-04-28 22:22:20 ----D---- C:\rsit
2016-04-28 21:28:07 ----A---- C:\windows\ntbtlog.txt
2016-04-28 20:11:37 ----SD---- C:\windows\SYSWOW64\GWX
2016-04-28 20:11:37 ----SD---- C:\windows\system32\GWX
2016-04-28 19:39:33 ----A---- C:\windows\SYSWOW64\infocardapi.dll
2016-04-28 19:39:32 ----A---- C:\windows\system32\infocardapi.dll
2016-04-28 19:39:31 ----A---- C:\windows\SYSWOW64\icardagt.exe
2016-04-28 19:39:31 ----A---- C:\windows\system32\icardagt.exe
2016-04-28 19:39:29 ----A---- C:\windows\SYSWOW64\icardres.dll
2016-04-28 19:39:29 ----A---- C:\windows\system32\icardres.dll
2016-04-28 19:38:44 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2016-04-28 19:38:44 ----A---- C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16:31 ----A---- C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16:30 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2016-04-28 16:16:25 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-04-28 16:16:25 ----A---- C:\windows\system32\tzres.dll
2016-04-28 04:43:58 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-04-28 04:43:58 ----A---- C:\windows\system32\win32k.sys
2016-04-28 04:43:58 ----A---- C:\windows\system32\atmfd.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\lpk.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\fontsub.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\dciman32.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\atmlib.dll
2016-04-28 04:43:56 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-04-28 04:43:54 ----A---- C:\windows\SYSWOW64\charmap.exe
2016-04-28 04:43:54 ----A---- C:\windows\system32\charmap.exe
2016-04-28 04:43:53 ----A---- C:\windows\SYSWOW64\rastls.dll
2016-04-28 04:43:53 ----A---- C:\windows\system32\rastls.dll
2016-04-28 04:43:52 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\EncDump.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\audiosrv.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\AudioEng.dll
2016-04-28 04:43:51 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2016-04-28 04:43:51 ----A---- C:\windows\system32\AudioSes.dll
2016-04-28 04:43:50 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2016-04-28 04:43:49 ----A---- C:\windows\system32\msxml3.dll
2016-04-28 04:43:48 ----A---- C:\windows\SYSWOW64\msxml6.dll
2016-04-28 04:43:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-04-28 04:43:48 ----A---- C:\windows\system32\msxml6.dll
2016-04-28 04:43:47 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2016-04-28 04:43:47 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-04-28 04:43:47 ----A---- C:\windows\system32\msxml6r.dll
2016-04-28 04:43:47 ----A---- C:\windows\system32\msxml3r.dll
2016-04-28 04:43:42 ----A---- C:\windows\system32\rdpcorets.dll
2016-04-28 04:43:23 ----A---- C:\windows\system32\ole32.dll
2016-04-28 04:43:21 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-04-28 04:42:51 ----A---- C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42:51 ----A---- C:\windows\system32\ntdll.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\rpcrt4.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\lsasrv.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\EncDec.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\CPFilters.dll
2016-04-28 04:42:49 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-04-28 04:42:49 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\EncDec.dll
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2016-04-28 04:42:48 ----A---- C:\windows\system32\schannel.dll
2016-04-28 04:42:48 ----A---- C:\windows\system32\kerberos.dll
2016-04-28 04:42:47 ----A---- C:\windows\system32\advapi32.dll
2016-04-28 04:42:46 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-04-28 04:42:43 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-04-28 04:42:43 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\msv1_0.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\KernelBase.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\kernel32.dll
2016-04-28 04:42:42 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-04-28 04:42:42 ----A---- C:\windows\system32\ncrypt.dll
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\cng.sys
2016-04-28 04:42:41 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-04-28 04:42:41 ----A---- C:\windows\system32\adtschema.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\wow64win.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\wow64.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\mtxoci.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-04-28 04:42:39 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-04-28 04:42:39 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\winsrv.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\wdigest.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\TSpkg.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-04-28 04:42:38 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-04-28 04:42:38 ----A---- C:\windows\system32\srcore.dll
2016-04-28 04:42:38 ----A---- C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-04-28 04:42:37 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-04-28 04:42:37 ----A---- C:\windows\system32\conhost.exe
2016-04-28 04:42:35 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\sspicli.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\smss.exe
2016-04-28 04:42:35 ----A---- C:\windows\system32\ntvdm64.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\lsass.exe
2016-04-28 04:42:35 ----A---- C:\windows\system32\csrsrv.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\cryptbase.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\sspisrv.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\secur32.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\rstrui.exe
2016-04-28 04:42:33 ----A---- C:\windows\system32\msaudite.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\auditpol.exe
2016-04-28 04:42:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42:32 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-04-28 04:42:32 ----A---- C:\windows\system32\wow64cpu.dll
2016-04-28 04:42:32 ----A---- C:\windows\system32\srclient.dll
2016-04-28 04:42:32 ----A---- C:\windows\system32\credssp.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42:27 ----A---- C:\windows\SYSWOW64\user.exe
2016-04-28 04:42:27 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-04-28 04:42:27 ----A---- C:\windows\system32\apisetschema.dll
2016-04-28 04:42:26 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-04-28 04:42:26 ----A---- C:\windows\system32\msobjs.dll
2016-04-28 04:42:03 ----A---- C:\windows\SYSWOW64\msctf.dll
2016-04-28 04:42:03 ----A---- C:\windows\system32\msctf.dll
2016-04-28 04:41:59 ----A---- C:\windows\system32\WsmSvc.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WsmAuto.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41:57 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-04-28 04:41:57 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2016-04-28 04:41:50 ----A---- C:\windows\system32\shell32.dll
2016-04-28 04:41:49 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-04-28 04:41:48 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41:48 ----A---- C:\windows\explorer.exe
2016-04-28 04:41:47 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-04-28 04:41:47 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-04-28 04:41:47 ----A---- C:\windows\system32\authui.dll
2016-04-28 04:41:46 ----A---- C:\windows\SYSWOW64\authui.dll
2016-04-28 04:41:23 ----A---- C:\windows\system32\wmp.dll
2016-04-28 04:41:22 ----A---- C:\windows\SYSWOW64\wmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\SYSWOW64\spwmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2016-04-28 04:41:21 ----A---- C:\windows\system32\spwmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\system32\dxmasf.dll
2016-04-28 04:41:20 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2016-04-28 04:41:20 ----A---- C:\windows\system32\wmploc.DLL
2016-04-28 04:12:06 ----A---- C:\windows\system32\drivers\ndis.sys
2016-04-28 04:11:44 ----A---- C:\windows\SYSWOW64\packager.dll
2016-04-28 04:11:44 ----A---- C:\windows\system32\packager.dll
2016-04-28 04:11:37 ----A---- C:\windows\system32\winsta.dll
2016-04-28 04:11:37 ----A---- C:\windows\system32\termsrv.dll
2016-04-28 04:11:36 ----A---- C:\windows\SYSWOW64\winsta.dll
2016-04-28 04:11:36 ----A---- C:\windows\system32\winlogon.exe
2016-04-28 04:11:36 ----A---- C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11:36 ----A---- C:\windows\system32\drivers\rdpwd.sys
2016-04-28 04:11:34 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2016-04-28 04:10:36 ----A---- C:\windows\SYSWOW64\gdi32.dll
2016-04-28 04:10:36 ----A---- C:\windows\system32\gdi32.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-04-28 04:10:30 ----A---- C:\windows\system32\iernonce.dll
2016-04-28 04:10:29 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-04-28 04:10:29 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-04-28 04:10:29 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10:29 ----A---- C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\occache.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\inseng.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\ie4uinit.exe
2016-04-28 04:10:27 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-04-28 04:10:27 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\urlmon.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\occache.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\iedkcs32.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-04-28 04:10:25 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10:25 ----A---- C:\windows\system32\msfeeds.dll
2016-04-28 04:10:25 ----A---- C:\windows\system32\dxtrans.dll
2016-04-28 04:10:24 ----A---- C:\windows\system32\iesetup.dll
2016-04-28 04:10:24 ----A---- C:\windows\system32\ieapfltr.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-04-28 04:10:23 ----A---- C:\windows\system32\iertutil.dll
2016-04-28 04:10:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-04-28 04:10:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-04-28 04:10:21 ----A---- C:\windows\system32\vbscript.dll
2016-04-28 04:10:21 ----A---- C:\windows\system32\jsproxy.dll
2016-04-28 04:10:20 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-04-28 04:10:20 ----A---- C:\windows\system32\dxtmsft.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\mshtmled.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\ieui.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\ieframe.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\webcheck.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript9diag.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript9.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\ieUnatt.exe
2016-04-28 04:10:17 ----A---- C:\windows\system32\wininet.dll
2016-04-28 04:10:17 ----A---- C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10:16 ----A---- C:\windows\system32\msrating.dll
2016-04-28 04:10:16 ----A---- C:\windows\system32\mshtml.dll
2016-04-28 04:09:42 ----A---- C:\windows\SYSWOW64\scesrv.dll
2016-04-28 04:09:42 ----A---- C:\windows\system32\scesrv.dll
2016-04-28 04:09:40 ----A---- C:\windows\SYSWOW64\els.dll
2016-04-28 04:09:40 ----A---- C:\windows\system32\els.dll
2016-04-28 04:09:09 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2016-04-28 04:09:09 ----A---- C:\windows\system32\clfsw32.dll
2016-04-28 04:09:09 ----A---- C:\windows\system32\clfs.sys
2016-04-28 04:07:29 ----A---- C:\windows\system32\WMPhoto.dll
2016-04-28 04:07:28 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wups2.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wucltux.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wuauclt.exe
2016-04-27 23:23:47 ----A---- C:\windows\system32\wuaueng.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wups.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wups.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wudriver.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wuapi.dll
2016-04-27 23:20:29 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-04-27 23:20:29 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-04-27 23:20:29 ----A---- C:\windows\system32\wuwebv.dll
2016-04-27 23:20:29 ----A---- C:\windows\system32\wuapp.exe
2016-04-27 17:02:16 ----D---- C:\ProgramData\ESET
2016-04-27 17:02:11 ----D---- C:\Program Files\ESET
2016-04-27 16:54:57 ----A---- C:\windows\SYSWOW64\drivers\TS888x64.sys
2016-04-27 16:21:36 ----D---- C:\ProgramData\SearchModule
2016-04-27 09:53:17 ----A---- C:\windows\system32\bi2.exe
2016-04-26 22:10:57 ----D---- C:\ProgramData\TXQMPC
2016-04-26 21:11:42 ----A---- C:\windows\system32\drivers\TAOKernel64.sys
2016-04-26 21:11:42 ----A---- C:\windows\system32\drivers\TAOAccelerator64.sys
2016-04-26 21:11:37 ----D---- C:\Program Files\Common Files\Tencent
2016-04-26 21:10:58 ----A---- C:\windows\system32\drivers\TSSKX64.sys
2016-04-26 21:10:30 ----A---- C:\windows\system32\drivers\TFsFltX64.sys
2016-04-26 21:09:04 ----D---- C:\Program Files (x86)\Tencent
2016-04-26 21:08:56 ----D---- C:\ProgramData\Tencent
2016-04-26 21:07:37 ----D---- C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:05:40 ----D---- C:\Users\Frenky\AppData\Roaming\vnlgp
2016-04-26 21:05:36 ----D---- C:\Program Files\Common Files\Doobzo
2016-04-26 21:05:16 ----A---- C:\ProgramData\smp2.exe
2016-04-24 21:55:28 ----D---- C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55:20 ----D---- C:\Program Files (x86)\Autodesk
2016-04-24 19:42:30 ----D---- C:\Civil 3D Projects
2016-04-24 19:42:30 ----D---- C:\Civil 3D Project Templates
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\epfwwfpr.sys
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\ehdrv.sys
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2016-04-28 22:22:52 ----D---- C:\windows\Temp
2016-04-28 22:22:26 ----RD---- C:\Program Files
2016-04-28 21:46:09 ----D---- C:\windows\inf
2016-04-28 21:46:09 ----AD---- C:\windows\System32
2016-04-28 21:46:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-04-28 21:39:05 ----A---- C:\servicetest.txt
2016-04-28 21:38:32 ----A---- C:\windows\SYSWOW64\log.txt
2016-04-28 21:28:07 ----AD---- C:\Windows
2016-04-28 21:28:03 ----RD---- C:\Program Files (x86)
2016-04-28 20:38:47 ----D---- C:\windows\Microsoft.NET
2016-04-28 20:38:46 ----RSD---- C:\windows\assembly
2016-04-28 20:23:48 ----D---- C:\windows\system32\config
2016-04-28 20:20:20 ----D---- C:\windows\tracing
2016-04-28 20:20:02 ----D---- C:\windows\winsxs
2016-04-28 20:19:59 ----D---- C:\windows\Logs
2016-04-28 20:12:10 ----D---- C:\windows\SysWOW64
2016-04-28 20:12:04 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-04-28 20:12:02 ----D---- C:\windows\system32\cs-CZ
2016-04-28 20:11:59 ----D---- C:\windows\system32\drivers
2016-04-28 20:11:59 ----D---- C:\windows\AppPatch
2016-04-28 20:11:56 ----D---- C:\windows\cs-CZ
2016-04-28 20:11:55 ----D---- C:\Program Files (x86)\Windows Media Player
2016-04-28 20:11:54 ----D---- C:\Program Files\Windows Media Player
2016-04-28 20:11:50 ----D---- C:\windows\system32\migration
2016-04-28 20:11:48 ----D---- C:\Program Files\Internet Explorer
2016-04-28 20:11:47 ----D---- C:\windows\SYSWOW64\en-US
2016-04-28 20:11:45 ----D---- C:\windows\PolicyDefinitions
2016-04-28 20:11:44 ----D---- C:\windows\system32\en-US
2016-04-28 20:11:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-28 20:10:06 ----SHD---- C:\windows\Installer
2016-04-28 20:10:05 ----HD---- C:\Config.Msi
2016-04-28 20:09:56 ----D---- C:\ProgramData\Microsoft Help
2016-04-28 20:01:55 ----D---- C:\windows\system32\catroot
2016-04-28 20:01:54 ----D---- C:\windows\system32\catroot2
2016-04-28 19:35:52 ----SHD---- C:\System Volume Information
2016-04-27 20:01:36 ----D---- C:\windows\Prefetch
2016-04-27 19:22:56 ----D---- C:\windows\system32\Tasks
2016-04-27 17:04:05 ----SD---- C:\windows\system32\Microsoft
2016-04-27 17:03:31 ----D---- C:\windows\system32\DriverStore
2016-04-27 17:02:16 ----HD---- C:\ProgramData
2016-04-27 16:54:57 ----D---- C:\windows\SYSWOW64\drivers
2016-04-27 16:26:43 ----D---- C:\windows\Tasks
2016-04-26 21:11:37 ----D---- C:\Program Files\Common Files
2016-04-26 21:10:53 ----RSD---- C:\windows\Fonts
2016-04-26 21:10:23 ----D---- C:\Program Files (x86)\Common Files
2016-04-26 21:10:22 ----D---- C:\Users\Frenky\AppData\Roaming\vlc
2016-04-24 22:05:38 ----D---- C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45:55 ----D---- C:\Program Files\Autodesk
2016-04-24 21:35:31 ----D---- C:\Autodesk
2016-04-24 21:23:33 ----D---- C:\windows\system32\wfp
2016-04-24 21:23:04 ----D---- C:\windows\system32\wbem
2016-04-24 21:23:04 ----D---- C:\windows\registration
2016-04-24 21:22:36 ----D---- C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:09:35 ----D---- C:\ProgramData\Autodesk
2016-04-24 20:59:13 ----D---- C:\Program Files (x86)\Opera
2016-04-24 20:50:01 ----D---- C:\Program Files (x86)\RoadPAC
2016-04-10 15:55:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2014-03-02 381440]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2016-04-14 264552]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2016-04-14 186784]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-05-14 260856]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-08-03 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-08-03 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-08-03 103904]
R1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [2016-04-18 184952]
R1 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [2016-04-26 44664]
R1 SRepairDrv;SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [2016-04-28 172664]
R1 TAOKernelDriver;Tencent Auto Optimize Platform.; \??\C:\windows\system32\Drivers\TAOKernel64.sys [2016-04-26 147576]
R1 TFsFlt;TFsFlt; C:\windows\system32\Drivers\TFsFltX64.sys [2016-04-26 97400]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSDefenseBT64.sys [2016-04-26 28984]
R1 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [2016-04-26 96888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-05-21 100504]
R2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-05-21 170864]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2016-04-14 170792]
R2 Hardlock;Hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-05-21 340336]
R2 qqsysmonx64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [2016-04-26 154744]
R2 regi;regi; C:\windows\system32\drivers\regi.sys [2007-04-16 14112]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-07-28 81408]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [2016-04-26 57976]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-03-09 2287392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1225832]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-15 307760]
R3 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\windows\system32\Drivers\TAOAccelerator64.sys [2016-04-26 99480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
R3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TS888x64.sys [2016-04-28 38520]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\windows\System32\Drivers\ANGELNT.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-05-21 69208]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-05-21 72664]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-05-21 312344]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2013-11-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-11-23 27760]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [2015-08-03 55056]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SMUpdd;Search Module UpdateD; \??\C:\Program Files\Common Files\Doobzo\GSUpdate\smw.sys []
S3 toshidpt;Bluetooth HID Port; C:\windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 TSSKX64;TSSKX64; C:\windows\System32\drivers\tsskx64.sys [2016-04-26 54904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-03-03 2520928]
R2 hasplms;Sentinel LDK License Manager; C:\windows\system32\hasplms.exe [2015-05-21 4630352]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-

30 262144]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [2016-04-26 313936]
R2 SMUpd;Search Module Update; C:\Program Files\Common Files\Doobzo\GSUpdate\smu.exe [2016-04-27 2471424]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
R2 Transoft Solutions License Server V1.7;Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [2012-05-01

446464]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30

2314240]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-08-03 118048]
S2 QQRepair9f4;QQRepair9f4; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4 [2016-04-28 140608]
S2 QQRepairFixSVC;QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [2016-04-28 140608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-02-29

1369856]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-14 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
S4 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

[2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

[2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

[2013-09-11 139856]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 29 dub 2016 11:15

ahoj,
1. vycisti PC a ADWCleanerom - vsetko najde zmazat - restart
2. vycisti PC s MBAM - vsetko najde zmazat - restart
3. vloz log FRST

frenky · #3 Příspěvek od **frenky** » 29 dub 2016 14:49

Dal som ADW vycistil, vypytalo restart a po restarte mam komp v nudzovom rezime. Pisem z mobilu, lebo v nudzovom rezime sa neviem pripojit na net.
Co teraz?

frenky · #4 Příspěvek od **frenky** » 29 dub 2016 18:21

Cez druhy komp som si stiahol linky a v nudzovom rezime to prebehol. Tu je log

Logfile of random's system information tool 1.10 (written by random/random)
Run by Frenky at 2016-04-29 19:17:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 132 GB (36%) free of 365 GB
Total RAM: 3952 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:04, on 29.04.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Safe mode

Running processes:
C:\Program Files\trend micro\Frenky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=93018773_hao_pg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=93018773_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
O4 - HKLM\..\RunOnce: [DeleteOnReboot] C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: QQRepair238d - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepair9f4 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepairFixSVC - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Transoft Solutions License Server V1.7 - Unknown owner - C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10878 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\Explorer.EXE
ctfmon.exe
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\windows\System32\svchost.exe -k secsvcs
"C:\windows\system32\NOTEPAD.EXE" C:\Users\Frenky\Desktop\log.txt
C:\windows\system32\wbem\wmiprvse.exe
"E:\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job - C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe /c

=========Mozilla firefox=========

ProfilePath - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-09 10103840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-15 1870120]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-11-10 910136]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2010-07-21 1037728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\Frenky\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2015-01-27 1310088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-09-27 1279120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2016-03-03 5565088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free PDF Print Dispatcher]
C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Frenky\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Color LaserJet CM2320 MFP Series Fax]
C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [2009-09-22 3700736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.4\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-08-31 452272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Seven]
C:\Program Files\PDFSeven\PDF.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-28 1482592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-12-01 34648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-11-05 709976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-11-10 707416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-11-21 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^KYESCAN.lnk]
C:\PROGRA~2\ScannerU\Kyescan.exe [2007-04-30 184320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.266\SSSCHE~1.EXE [2015-12-02 330456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe /regrun []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteOnReboot"=C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat [2016-04-28 1091]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2016-03-10 55264]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-04-28 23:17:46 ----D---- C:\ProgramData\TXQMPC
2016-04-28 23:00:35 ----D---- C:\AdwCleaner
2016-04-28 22:22:26 ----D---- C:\Program Files\trend micro
2016-04-28 22:22:20 ----D---- C:\rsit
2016-04-28 21:28:07 ----A---- C:\windows\ntbtlog.txt
2016-04-28 20:11:37 ----SD---- C:\windows\SYSWOW64\GWX
2016-04-28 20:11:37 ----SD---- C:\windows\system32\GWX
2016-04-28 19:39:33 ----A---- C:\windows\SYSWOW64\infocardapi.dll
2016-04-28 19:39:32 ----A---- C:\windows\system32\infocardapi.dll
2016-04-28 19:39:31 ----A---- C:\windows\SYSWOW64\icardagt.exe
2016-04-28 19:39:31 ----A---- C:\windows\system32\icardagt.exe
2016-04-28 19:39:29 ----A---- C:\windows\SYSWOW64\icardres.dll
2016-04-28 19:39:29 ----A---- C:\windows\system32\icardres.dll
2016-04-28 19:38:44 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2016-04-28 19:38:44 ----A---- C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16:31 ----A---- C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16:30 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2016-04-28 16:16:25 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-04-28 16:16:25 ----A---- C:\windows\system32\tzres.dll
2016-04-28 04:43:58 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-04-28 04:43:58 ----A---- C:\windows\system32\win32k.sys
2016-04-28 04:43:58 ----A---- C:\windows\system32\atmfd.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-04-28 04:43:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\lpk.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\fontsub.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\dciman32.dll
2016-04-28 04:43:57 ----A---- C:\windows\system32\atmlib.dll
2016-04-28 04:43:56 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-04-28 04:43:54 ----A---- C:\windows\SYSWOW64\charmap.exe
2016-04-28 04:43:54 ----A---- C:\windows\system32\charmap.exe
2016-04-28 04:43:53 ----A---- C:\windows\SYSWOW64\rastls.dll
2016-04-28 04:43:53 ----A---- C:\windows\system32\rastls.dll
2016-04-28 04:43:52 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\EncDump.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\audiosrv.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43:52 ----A---- C:\windows\system32\AudioEng.dll
2016-04-28 04:43:51 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2016-04-28 04:43:51 ----A---- C:\windows\system32\AudioSes.dll
2016-04-28 04:43:50 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2016-04-28 04:43:49 ----A---- C:\windows\system32\msxml3.dll
2016-04-28 04:43:48 ----A---- C:\windows\SYSWOW64\msxml6.dll
2016-04-28 04:43:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-04-28 04:43:48 ----A---- C:\windows\system32\msxml6.dll
2016-04-28 04:43:47 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2016-04-28 04:43:47 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-04-28 04:43:47 ----A---- C:\windows\system32\msxml6r.dll
2016-04-28 04:43:47 ----A---- C:\windows\system32\msxml3r.dll
2016-04-28 04:43:42 ----A---- C:\windows\system32\rdpcorets.dll
2016-04-28 04:43:23 ----A---- C:\windows\system32\ole32.dll
2016-04-28 04:43:21 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-04-28 04:42:51 ----A---- C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42:51 ----A---- C:\windows\system32\ntdll.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\rpcrt4.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\lsasrv.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\EncDec.dll
2016-04-28 04:42:50 ----A---- C:\windows\system32\CPFilters.dll
2016-04-28 04:42:49 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-04-28 04:42:49 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\EncDec.dll
2016-04-28 04:42:48 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2016-04-28 04:42:48 ----A---- C:\windows\system32\schannel.dll
2016-04-28 04:42:48 ----A---- C:\windows\system32\kerberos.dll
2016-04-28 04:42:47 ----A---- C:\windows\system32\advapi32.dll
2016-04-28 04:42:46 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-04-28 04:42:43 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-04-28 04:42:43 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\msv1_0.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\KernelBase.dll
2016-04-28 04:42:43 ----A---- C:\windows\system32\kernel32.dll
2016-04-28 04:42:42 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-04-28 04:42:42 ----A---- C:\windows\system32\ncrypt.dll
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-04-28 04:42:42 ----A---- C:\windows\system32\drivers\cng.sys
2016-04-28 04:42:41 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-04-28 04:42:41 ----A---- C:\windows\system32\adtschema.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-04-28 04:42:40 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\wow64win.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\wow64.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\mtxoci.dll
2016-04-28 04:42:40 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-04-28 04:42:39 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-04-28 04:42:39 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\winsrv.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\wdigest.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\TSpkg.dll
2016-04-28 04:42:39 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-04-28 04:42:38 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-04-28 04:42:38 ----A---- C:\windows\system32\srcore.dll
2016-04-28 04:42:38 ----A---- C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-04-28 04:42:37 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-04-28 04:42:37 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-04-28 04:42:37 ----A---- C:\windows\system32\conhost.exe
2016-04-28 04:42:35 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\sspicli.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\smss.exe
2016-04-28 04:42:35 ----A---- C:\windows\system32\ntvdm64.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\lsass.exe
2016-04-28 04:42:35 ----A---- C:\windows\system32\csrsrv.dll
2016-04-28 04:42:35 ----A---- C:\windows\system32\cryptbase.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-04-28 04:42:33 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\sspisrv.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\secur32.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\rstrui.exe
2016-04-28 04:42:33 ----A---- C:\windows\system32\msaudite.dll
2016-04-28 04:42:33 ----A---- C:\windows\system32\auditpol.exe
2016-04-28 04:42:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42:32 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-04-28 04:42:32 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-04-28 04:42:32 ----A---- C:\windows\system32\wow64cpu.dll
2016-04-28 04:42:32 ----A---- C:\windows\system32\srclient.dll
2016-04-28 04:42:32 ----A---- C:\windows\system32\credssp.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42:31 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42:30 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42:29 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42:28 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42:27 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42:27 ----A---- C:\windows\SYSWOW64\user.exe
2016-04-28 04:42:27 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-04-28 04:42:27 ----A---- C:\windows\system32\apisetschema.dll
2016-04-28 04:42:26 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-04-28 04:42:26 ----A---- C:\windows\system32\msobjs.dll
2016-04-28 04:42:03 ----A---- C:\windows\SYSWOW64\msctf.dll
2016-04-28 04:42:03 ----A---- C:\windows\system32\msctf.dll
2016-04-28 04:41:59 ----A---- C:\windows\system32\WsmSvc.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-04-28 04:41:58 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WsmAuto.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41:58 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41:57 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-04-28 04:41:57 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2016-04-28 04:41:50 ----A---- C:\windows\system32\shell32.dll
2016-04-28 04:41:49 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-04-28 04:41:48 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41:48 ----A---- C:\windows\explorer.exe
2016-04-28 04:41:47 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-04-28 04:41:47 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-04-28 04:41:47 ----A---- C:\windows\system32\authui.dll
2016-04-28 04:41:46 ----A---- C:\windows\SYSWOW64\authui.dll
2016-04-28 04:41:23 ----A---- C:\windows\system32\wmp.dll
2016-04-28 04:41:22 ----A---- C:\windows\SYSWOW64\wmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\SYSWOW64\spwmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2016-04-28 04:41:21 ----A---- C:\windows\system32\spwmp.dll
2016-04-28 04:41:21 ----A---- C:\windows\system32\dxmasf.dll
2016-04-28 04:41:20 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2016-04-28 04:41:20 ----A---- C:\windows\system32\wmploc.DLL
2016-04-28 04:12:06 ----A---- C:\windows\system32\drivers\ndis.sys
2016-04-28 04:11:44 ----A---- C:\windows\SYSWOW64\packager.dll
2016-04-28 04:11:44 ----A---- C:\windows\system32\packager.dll
2016-04-28 04:11:37 ----A---- C:\windows\system32\winsta.dll
2016-04-28 04:11:37 ----A---- C:\windows\system32\termsrv.dll
2016-04-28 04:11:36 ----A---- C:\windows\SYSWOW64\winsta.dll
2016-04-28 04:11:36 ----A---- C:\windows\system32\winlogon.exe
2016-04-28 04:11:36 ----A---- C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11:36 ----A---- C:\windows\system32\drivers\rdpwd.sys
2016-04-28 04:11:34 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2016-04-28 04:10:36 ----A---- C:\windows\SYSWOW64\gdi32.dll
2016-04-28 04:10:36 ----A---- C:\windows\system32\gdi32.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-04-28 04:10:30 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-04-28 04:10:30 ----A---- C:\windows\system32\iernonce.dll
2016-04-28 04:10:29 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-04-28 04:10:29 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-04-28 04:10:29 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10:29 ----A---- C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\occache.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-04-28 04:10:28 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\inseng.dll
2016-04-28 04:10:28 ----A---- C:\windows\system32\ie4uinit.exe
2016-04-28 04:10:27 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-04-28 04:10:27 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-04-28 04:10:26 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\urlmon.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\occache.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10:26 ----A---- C:\windows\system32\iedkcs32.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-04-28 04:10:25 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-04-28 04:10:25 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10:25 ----A---- C:\windows\system32\msfeeds.dll
2016-04-28 04:10:25 ----A---- C:\windows\system32\dxtrans.dll
2016-04-28 04:10:24 ----A---- C:\windows\system32\iesetup.dll
2016-04-28 04:10:24 ----A---- C:\windows\system32\ieapfltr.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-04-28 04:10:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-04-28 04:10:23 ----A---- C:\windows\system32\iertutil.dll
2016-04-28 04:10:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-04-28 04:10:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-04-28 04:10:21 ----A---- C:\windows\system32\vbscript.dll
2016-04-28 04:10:21 ----A---- C:\windows\system32\jsproxy.dll
2016-04-28 04:10:20 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-04-28 04:10:20 ----A---- C:\windows\system32\dxtmsft.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\mshtmled.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\ieui.dll
2016-04-28 04:10:19 ----A---- C:\windows\system32\ieframe.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\webcheck.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript9diag.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript9.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\jscript.dll
2016-04-28 04:10:18 ----A---- C:\windows\system32\ieUnatt.exe
2016-04-28 04:10:17 ----A---- C:\windows\system32\wininet.dll
2016-04-28 04:10:17 ----A---- C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10:16 ----A---- C:\windows\system32\msrating.dll
2016-04-28 04:10:16 ----A---- C:\windows\system32\mshtml.dll
2016-04-28 04:09:42 ----A---- C:\windows\SYSWOW64\scesrv.dll
2016-04-28 04:09:42 ----A---- C:\windows\system32\scesrv.dll
2016-04-28 04:09:40 ----A---- C:\windows\SYSWOW64\els.dll
2016-04-28 04:09:40 ----A---- C:\windows\system32\els.dll
2016-04-28 04:09:09 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2016-04-28 04:09:09 ----A---- C:\windows\system32\clfsw32.dll
2016-04-28 04:09:09 ----A---- C:\windows\system32\clfs.sys
2016-04-28 04:07:29 ----A---- C:\windows\system32\WMPhoto.dll
2016-04-28 04:07:28 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wups2.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wucltux.dll
2016-04-27 23:23:48 ----A---- C:\windows\system32\wuauclt.exe
2016-04-27 23:23:47 ----A---- C:\windows\system32\wuaueng.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wups.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-04-27 23:22:56 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wups.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wudriver.dll
2016-04-27 23:22:56 ----A---- C:\windows\system32\wuapi.dll
2016-04-27 23:20:29 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-04-27 23:20:29 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-04-27 23:20:29 ----A---- C:\windows\system32\wuwebv.dll
2016-04-27 23:20:29 ----A---- C:\windows\system32\wuapp.exe
2016-04-27 17:02:16 ----D---- C:\ProgramData\ESET
2016-04-27 17:02:11 ----D---- C:\Program Files\ESET
2016-04-27 09:53:17 ----A---- C:\windows\system32\bi2.exe
2016-04-26 21:10:30 ----N---- C:\windows\system32\drivers\TFsFltX64.sys
2016-04-26 21:09:04 ----D---- C:\Program Files (x86)\Tencent
2016-04-26 21:07:37 ----D---- C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:05:36 ----D---- C:\Program Files\Common Files\Doobzo
2016-04-26 21:05:16 ----A---- C:\ProgramData\smp2.exe
2016-04-24 21:55:28 ----D---- C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55:20 ----D---- C:\Program Files (x86)\Autodesk
2016-04-24 19:42:30 ----D---- C:\Civil 3D Projects
2016-04-24 19:42:30 ----D---- C:\Civil 3D Project Templates
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\epfwwfpr.sys
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\ehdrv.sys
2016-04-14 15:09:52 ----A---- C:\windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2016-04-29 19:17:59 ----D---- C:\windows\Temp
2016-04-29 19:14:07 ----D---- C:\windows\inf
2016-04-29 19:14:07 ----AD---- C:\windows\System32
2016-04-29 19:14:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-04-29 18:50:30 ----D---- C:\windows\system32\drivers
2016-04-29 18:49:39 ----HD---- C:\windows\msdownld.tmp
2016-04-29 18:21:14 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-28 23:19:24 ----HD---- C:\ProgramData
2016-04-28 23:19:01 ----D---- C:\Program Files\Common Files
2016-04-28 23:18:10 ----D---- C:\windows\tracing
2016-04-28 23:18:10 ----D---- C:\windows\system32\config
2016-04-28 23:17:53 ----A---- C:\windows\SYSWOW64\log.txt
2016-04-28 23:12:48 ----D---- C:\windows\system32\Tasks
2016-04-28 23:12:34 ----D---- C:\windows\system32\log
2016-04-28 23:12:28 ----D---- C:\windows\SYSWOW64\drivers
2016-04-28 23:11:19 ----D---- C:\Program Files (x86)\Common Files
2016-04-28 23:09:59 ----RD---- C:\Program Files (x86)
2016-04-28 22:52:37 ----D---- C:\windows\pss
2016-04-28 22:22:26 ----RD---- C:\Program Files
2016-04-28 21:39:05 ----A---- C:\servicetest.txt
2016-04-28 21:28:07 ----AD---- C:\Windows
2016-04-28 20:38:47 ----D---- C:\windows\Microsoft.NET
2016-04-28 20:38:46 ----RSD---- C:\windows\assembly
2016-04-28 20:20:02 ----D---- C:\windows\winsxs
2016-04-28 20:19:59 ----D---- C:\windows\Logs
2016-04-28 20:12:10 ----D---- C:\windows\SysWOW64
2016-04-28 20:12:04 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-04-28 20:12:02 ----D---- C:\windows\system32\cs-CZ
2016-04-28 20:11:59 ----D---- C:\windows\AppPatch
2016-04-28 20:11:56 ----D---- C:\windows\cs-CZ
2016-04-28 20:11:55 ----D---- C:\Program Files (x86)\Windows Media Player
2016-04-28 20:11:54 ----D---- C:\Program Files\Windows Media Player
2016-04-28 20:11:50 ----D---- C:\windows\system32\migration
2016-04-28 20:11:48 ----D---- C:\Program Files\Internet Explorer
2016-04-28 20:11:47 ----D---- C:\windows\SYSWOW64\en-US
2016-04-28 20:11:45 ----D---- C:\windows\PolicyDefinitions
2016-04-28 20:11:44 ----D---- C:\windows\system32\en-US
2016-04-28 20:11:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-28 20:10:06 ----SHD---- C:\windows\Installer
2016-04-28 20:10:05 ----HD---- C:\Config.Msi
2016-04-28 20:09:56 ----D---- C:\ProgramData\Microsoft Help
2016-04-28 20:01:55 ----D---- C:\windows\system32\catroot
2016-04-28 20:01:54 ----D---- C:\windows\system32\catroot2
2016-04-28 19:35:52 ----SHD---- C:\System Volume Information
2016-04-27 20:01:36 ----D---- C:\windows\Prefetch
2016-04-27 17:04:05 ----SD---- C:\windows\system32\Microsoft
2016-04-27 17:03:31 ----D---- C:\windows\system32\DriverStore
2016-04-27 16:26:43 ----D---- C:\windows\Tasks
2016-04-26 21:10:53 ----RSD---- C:\windows\Fonts
2016-04-26 21:10:22 ----D---- C:\Users\Frenky\AppData\Roaming\vlc
2016-04-24 22:05:38 ----D---- C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45:55 ----D---- C:\Program Files\Autodesk
2016-04-24 21:35:31 ----D---- C:\Autodesk
2016-04-24 21:23:33 ----D---- C:\windows\system32\wfp
2016-04-24 21:23:04 ----D---- C:\windows\system32\wbem
2016-04-24 21:23:04 ----D---- C:\windows\registration
2016-04-24 21:22:36 ----D---- C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:09:35 ----D---- C:\ProgramData\Autodesk
2016-04-24 20:59:13 ----D---- C:\Program Files (x86)\Opera
2016-04-24 20:50:01 ----D---- C:\Program Files (x86)\RoadPAC
2016-04-10 15:55:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2014-03-02 381440]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-07-28 81408]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-15 307760]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
S1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2016-04-14 264552]
S1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2016-04-14 186784]
S1 SRepairDrv;SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [2016-04-28 172664]
S1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
S1 TSDefenseBt;TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys []
S1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-05-21 100504]
S2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-05-21 170864]
S2 Angelnt;Angelnt; C:\windows\System32\Drivers\ANGELNT.SYS []
S2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2016-04-14 170792]
S2 Hardlock;Hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-05-21 340336]
S2 regi;regi; C:\windows\system32\drivers\regi.sys [2007-04-16 14112]
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-05-21 69208]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-05-21 72664]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-05-21 312344]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2013-11-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-11-23 27760]
S3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-03-09 2287392]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1225832]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\drivers\serscan.sys [2009-07-14 12288]
S3 toshidpt;Bluetooth HID Port; C:\windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
S3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
S2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-03-03 2520928]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 hasplms;Sentinel LDK License Manager; C:\windows\system32\hasplms.exe [2015-05-21 4630352]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-08-30 920864]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 QQRepair238d;QQRepair238d; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d [2016-04-28 140608]
S2 QQRepair9f4;QQRepair9f4; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4 []
S2 QQRepairFixSVC;QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [2016-04-28 140608]
S2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-28 140632]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2009-11-05 489312]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
S2 Transoft Solutions License Server V1.7;Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [2012-05-01 446464]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-02-29 1369856]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-14 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-10-23 1255736]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
S4 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

-----------------EOF-----------------

#5 Příspěvek od **JaRon** » 29 dub 2016 19:00

Vloz log FRST, nie RSIT

frenky · #6 Příspěvek od **frenky** » 29 dub 2016 19:51

sorry

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Frenky (administrator) on FRENKY-TOTH (29-04-2016 20:47:34)
Running from E:\
Loaded Profiles: Frenky (Available Profiles: Frenky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10103840 2010-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1870120 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat [1091 2016-04-28] () <===== ATTENTION
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {152aeec0-de50-11e0-bcc3-806e6f6e6963} - E:\cdstart.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {249f124e-53b0-11e3-a26e-002258c50d05} - F:\Startme.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {3b77c823-a9ac-11e1-b456-002258c50d05} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {7c0b5ac0-dd08-11df-a938-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {970f4721-030f-11e3-9a90-002258c50d05} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {b6cfc72b-1912-11e1-b7a7-002258c50d05} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554DF99E-CA5D-498E-9468-31E0B544FE5B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{73F3A328-537D-4191-96CE-4EA077D137E4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C48A2676-C00C-4AC1-9548-F42C76A9C108}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 - (No Name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {1CF10534-AAAA-4187-B063-1F8AAC0003D6} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {42293AE4-C47D-4394-6191-60EBC31DC559} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {662F2179-B80F-481B-9EAE-CBF16A14131B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {7FD08847-D78E-4FA9-8830-027AB428D5C1} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default
FF NewTab: about:blank
FF DefaultSearchEngine: YAC Safe Search
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/O1DPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\user.js [2011-12-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: No Name - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=toshibaxmk6465gsx_407ib0n0bxx407ib0n0b&ts=1461768683
CHR DefaultSearchKeyword: Default -> yac safe search
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 QQRepair238d; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d [140608 2016-04-28] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [140608 2016-04-28] ()
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S2 Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [446464 2012-05-01] () [File not signed]
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
S2 QQRepair9f4; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
S2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
S2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [670208 2004-11-05] (Aladdin Knowledge Systems Ltd.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-02] (Duplex Secure Ltd.)
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [172664 2016-04-28] ()
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [File not signed]
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-29 20:46 - 2016-04-29 20:47 - 00000000 ____D C:\FRST
2016-04-29 18:21 - 2016-04-29 18:21 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-28 23:17 - 2016-04-28 23:17 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-28 23:00 - 2016-04-28 23:07 - 00000000 ____D C:\AdwCleaner
2016-04-28 22:58 - 2016-04-28 22:59 - 03581504 _____ C:\Users\Frenky\Downloads\adwcleaner_5.114.exe
2016-04-28 22:22 - 2016-04-29 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-04-28 22:22 - 2016-04-28 22:23 - 00000000 ____D C:\rsit
2016-04-28 22:21 - 2016-04-28 22:22 - 01222144 _____ C:\Users\Frenky\Downloads\RSITx64.exe
2016-04-28 21:28 - 2016-04-28 21:36 - 00279416 _____ C:\windows\ntbtlog.txt
2016-04-28 21:09 - 2016-04-28 21:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Frenky\Downloads\SpyHunter-Installer.exe
2016-04-28 20:11 - 2016-04-28 20:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-28 20:11 - 2016-04-28 20:11 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-04-28 19:39 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-04-28 19:39 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-04-28 19:39 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-04-28 19:39 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-04-28 19:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-04-28 19:38 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-28 16:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-28 16:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-04-28 04:43 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-28 04:43 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-04-28 04:43 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-28 04:43 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-04-28 04:43 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-28 04:43 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-04-28 04:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-04-28 04:43 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-04-28 04:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-04-28 04:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-04-28 04:43 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-04-28 04:42 - 2016-01-22 08:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-28 04:42 - 2016-01-22 08:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-28 04:42 - 2016-01-22 08:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-28 04:42 - 2016-01-22 06:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-28 04:42 - 2016-01-22 06:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-28 04:42 - 2016-01-22 06:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 06:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-28 04:42 - 2016-01-22 06:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2015-09-23 15:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-28 04:42 - 2015-09-23 15:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42 - 2015-09-23 15:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-04-28 04:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-04-28 04:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-04-28 04:41 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-04-28 04:41 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-04-28 04:41 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-04-28 04:41 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-28 04:41 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-28 04:41 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-04-28 04:12 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-04-28 04:11 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-04-28 04:11 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-04-28 04:11 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-04-28 04:11 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-04-28 04:11 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-04-28 04:10 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-28 04:10 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-28 04:10 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-28 04:10 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-28 04:10 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-28 04:10 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-28 04:10 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-28 04:10 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-28 04:10 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-28 04:10 - 2015-12-08 23:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-04-28 04:10 - 2015-12-08 21:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-04-28 04:09 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-04-28 04:09 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-04-28 04:09 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-04-28 04:09 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-04-28 04:09 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-04-28 04:09 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-04-28 04:09 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-04-28 04:07 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-04-28 04:07 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-04-27 23:23 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-04-27 23:23 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-04-27 23:22 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-04-27 23:22 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-04-27 23:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-04-27 20:35 - 2016-04-27 20:35 - 00187674 _____ C:\Users\Frenky\Downloads\B48E.tmp
2016-04-27 19:22 - 2016-04-27 19:22 - 00003106 _____ C:\windows\System32\Tasks\{9AD7C23E-673D-4474-B258-902EE5DB636F}
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\Program Files\ESET
2016-04-27 16:57 - 2016-04-27 16:57 - 03013792 _____ (ESET) C:\Users\Frenky\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-04-27 09:53 - 2016-04-27 09:53 - 00460288 _____ C:\windows\system32\bi2.exe
2016-04-26 21:39 - 2016-04-26 21:39 - 02870984 _____ (ESET) C:\Users\Frenky\Downloads\esetsmartinstaller_sky (1).exe
2016-04-26 21:10 - 2016-04-26 21:09 - 00097400 ____N (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2016-04-26 21:09 - 2016-04-26 21:09 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:05 - 2016-04-27 16:21 - 00004164 _____ C:\windows\System32\Tasks\SMW_P
2016-04-26 21:05 - 2016-04-26 21:05 - 00356864 _____ C:\ProgramData\smp2.exe
2016-04-26 21:05 - 2016-04-26 21:05 - 00000000 ____D C:\Program Files\Common Files\Doobzo
2016-04-26 21:02 - 2016-04-26 21:02 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 978165.crdownload
2016-04-26 20:59 - 2016-04-26 20:59 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 438925.crdownload
2016-04-25 00:59 - 2016-04-25 01:14 - 00000000 ____D C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit
2016-04-25 00:29 - 2016-04-25 00:54 - 1216220336 _____ C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit.exe
2016-04-24 23:43 - 2016-04-24 23:43 - 01027735 _____ C:\Users\Frenky\Downloads\Autocad_2013_crack_rar.zip
2016-04-24 22:20 - 2016-04-24 22:20 - 00002357 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština britské (Czech Imperial).lnk
2016-04-24 22:20 - 2016-04-24 22:20 - 00002353 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština metrické (Czech Metric).lnk
2016-04-24 22:19 - 2016-04-24 22:19 - 00002141 _____ C:\Users\Public\Desktop\AutoCAD Civil 3D as AutoCAD 2013.lnk
2016-04-24 21:55 - 2016-04-24 21:56 - 00000000 ____D C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55 - 2016-04-24 21:55 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-24 21:48 - 2016-04-24 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-24 21:42 - 2013-02-14 14:16 - 00000029 _____ C:\Users\Frenky\Desktop\serial.txt
2016-04-24 21:33 - 2016-04-24 21:35 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka (2)
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Projects
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Project Templates
2016-04-24 18:58 - 2016-04-24 18:58 - 00206816 _____ C:\Users\Frenky\Downloads\SITUACIA.dwg
2016-04-24 15:29 - 2016-04-24 17:29 - 00829123 _____ C:\Users\Frenky\Desktop\rez_vjazdu-chodnika.dwg
2016-04-24 09:48 - 2016-04-24 19:05 - 00053867 _____ C:\Users\Frenky\Desktop\HOJDACKA.dwg
2016-04-24 09:48 - 2016-04-24 15:05 - 00053547 _____ C:\Users\Frenky\Desktop\HOJDACKA.bak
2016-04-14 20:46 - 2016-04-24 19:05 - 00050889 _____ C:\Users\Frenky\Desktop\šachta.dwg
2016-04-14 15:09 - 2016-04-14 15:09 - 00264552 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00186784 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00170792 _____ (ESET) C:\windows\system32\Drivers\epfwwfpr.sys
2016-04-12 22:16 - 2016-04-12 22:16 - 00338280 _____ (Autodesk Inc.) C:\Users\Frenky\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-04-04 21:00 - 2016-04-04 21:00 - 00877269 _____ C:\Users\Frenky\Desktop\Nová složka.rar
2016-04-04 20:57 - 2016-04-04 20:59 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka
2016-04-03 18:07 - 2016-04-03 18:09 - 00000000 ____D C:\Users\Frenky\Desktop\FOTAK_3.4.2016

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-29 20:47 - 2009-07-14 17:18 - 00663716 _____ C:\windows\system32\perfh005.dat
2016-04-29 20:47 - 2009-07-14 17:18 - 00142306 _____ C:\windows\system32\perfc005.dat
2016-04-29 20:47 - 2009-07-14 07:13 - 01592614 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-29 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-29 18:54 - 2014-12-27 16:46 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-29 18:50 - 2009-12-13 19:41 - 00000000 ___HD C:\windows\msdownld.tmp
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-29 15:38 - 2011-01-08 13:09 - 00000000 ____D C:\Users\Frenky\AppData\Local\ElevatedDiagnostics
2016-04-28 23:18 - 2011-03-02 14:37 - 00327680 _____ C:\windows\system32\Ikeext.etl
2016-04-28 23:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2016-04-28 23:12 - 2014-08-11 22:36 - 00000000 ____D C:\windows\system32\log
2016-04-28 23:12 - 2012-01-09 21:26 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-28 23:07 - 2014-07-29 20:02 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job
2016-04-28 22:58 - 2015-05-26 18:10 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-28 22:58 - 2015-05-26 18:10 - 00002393 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 22:58 - 2010-10-21 13:03 - 00001600 _____ C:\Users\Frenky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-28 22:55 - 2014-12-21 23:34 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-28 22:52 - 2011-04-30 14:51 - 00000000 ____D C:\windows\pss
2016-04-28 22:43 - 2010-10-21 14:31 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:44 - 2010-11-06 20:19 - 07177728 ___SH C:\Users\Frenky\Desktop\Thumbs.db
2016-04-28 21:44 - 2010-10-21 13:05 - 00003986 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{6857A334-B6AF-490C-8D5A-62E70274DC70}
2016-04-28 21:42 - 2010-10-21 14:31 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 21:39 - 2013-10-26 20:30 - 00000286 _____ C:\servicetest.txt
2016-04-28 21:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-28 21:00 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-04-28 20:16 - 2009-07-14 06:45 - 05148368 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-28 20:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-04-28 03:28 - 2012-01-11 12:54 - 00000000 ____D C:\Users\Frenky\Downloads\programy
2016-04-26 21:13 - 2010-10-21 12:54 - 00170936 _____ C:\Users\Frenky\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-26 21:10 - 2010-11-20 19:14 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\vlc
2016-04-25 00:09 - 2010-10-22 00:04 - 00000000 ____D C:\Users\Frenky\Documents\TEXT
2016-04-24 22:05 - 2010-10-26 22:21 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45 - 2012-09-16 08:38 - 00000000 ____D C:\Program Files\Autodesk
2016-04-24 21:35 - 2012-09-15 19:19 - 00000000 ____D C:\Autodesk
2016-04-24 21:29 - 2013-10-26 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoTURN 8
2016-04-24 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Local\Autodesk
2016-04-24 21:09 - 2010-10-21 22:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-24 21:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-24 20:59 - 2014-04-13 21:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-24 20:50 - 2015-06-15 21:19 - 00000000 ____D C:\Program Files (x86)\RoadPAC
2016-04-24 20:25 - 2010-10-21 12:50 - 00000000 ____D C:\Users\Frenky
2016-04-24 19:18 - 2014-01-08 20:26 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-24 09:38 - 2015-05-21 22:32 - 00000892 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-10 15:55 - 2015-05-21 22:32 - 00003894 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-10 15:55 - 2014-12-21 23:34 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-10 15:55 - 2014-07-06 21:37 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-10 15:55 - 2011-11-20 21:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-10-28 22:37 - 2013-08-27 22:51 - 0047104 _____ () C:\Users\Frenky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-24 22:42 - 2012-10-24 22:45 - 0007607 _____ () C:\Users\Frenky\AppData\Local\resmon.resmoncfg
2012-03-03 22:01 - 2012-03-03 22:01 - 0000928 _____ () C:\Users\Frenky\AppData\Local\SRDownloader.nast
2016-02-29 21:00 - 2016-02-29 21:00 - 0000000 _____ () C:\ProgramData\AdApplicationManager-installer.init.lock
2012-06-25 16:14 - 2012-06-25 16:35 - 0000845 _____ () C:\ProgramData\hpzinstall.log
2016-04-26 21:05 - 2016-04-26 21:05 - 0356864 _____ () C:\ProgramData\smp2.exe

Files to move or delete:
====================
C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat
C:\ProgramData\smp2.exe

Some files in TEMP:
====================
C:\Users\Frenky\AppData\Local\Temp\AcDeltree.exe
C:\Users\Frenky\AppData\Local\Temp\GURB9B6.exe
C:\Users\Frenky\AppData\Local\Temp\GURF77E.exe
C:\Users\Frenky\AppData\Local\Temp\libeay32.dll
C:\Users\Frenky\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Frenky\AppData\Local\Temp\msvcr120.dll
C:\Users\Frenky\AppData\Local\Temp\sqlite3.dll
C:\Users\Frenky\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-08 21:46

==================== End of FRST.txt ============================

frenky · #7 Příspěvek od **frenky** » 29 dub 2016 19:51

sorry

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Frenky (administrator) on FRENKY-TOTH (29-04-2016 20:47:34)
Running from E:\
Loaded Profiles: Frenky (Available Profiles: Frenky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10103840 2010-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1870120 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat [1091 2016-04-28] () <===== ATTENTION
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {152aeec0-de50-11e0-bcc3-806e6f6e6963} - E:\cdstart.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {249f124e-53b0-11e3-a26e-002258c50d05} - F:\Startme.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {3b77c823-a9ac-11e1-b456-002258c50d05} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {7c0b5ac0-dd08-11df-a938-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {970f4721-030f-11e3-9a90-002258c50d05} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {b6cfc72b-1912-11e1-b7a7-002258c50d05} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554DF99E-CA5D-498E-9468-31E0B544FE5B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{73F3A328-537D-4191-96CE-4EA077D137E4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C48A2676-C00C-4AC1-9548-F42C76A9C108}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 - (No Name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {1CF10534-AAAA-4187-B063-1F8AAC0003D6} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {42293AE4-C47D-4394-6191-60EBC31DC559} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {662F2179-B80F-481B-9EAE-CBF16A14131B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {7FD08847-D78E-4FA9-8830-027AB428D5C1} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default
FF NewTab: about:blank
FF DefaultSearchEngine: YAC Safe Search
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/O1DPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\user.js [2011-12-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: No Name - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=toshibaxmk6465gsx_407ib0n0bxx407ib0n0b&ts=1461768683
CHR DefaultSearchKeyword: Default -> yac safe search
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 QQRepair238d; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d [140608 2016-04-28] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [140608 2016-04-28] ()
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S2 Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [446464 2012-05-01] () [File not signed]
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
S2 QQRepair9f4; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
S2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
S2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [670208 2004-11-05] (Aladdin Knowledge Systems Ltd.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-02] (Duplex Secure Ltd.)
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [172664 2016-04-28] ()
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [File not signed]
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-29 20:46 - 2016-04-29 20:47 - 00000000 ____D C:\FRST
2016-04-29 18:21 - 2016-04-29 18:21 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-28 23:17 - 2016-04-28 23:17 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-28 23:00 - 2016-04-28 23:07 - 00000000 ____D C:\AdwCleaner
2016-04-28 22:58 - 2016-04-28 22:59 - 03581504 _____ C:\Users\Frenky\Downloads\adwcleaner_5.114.exe
2016-04-28 22:22 - 2016-04-29 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-04-28 22:22 - 2016-04-28 22:23 - 00000000 ____D C:\rsit
2016-04-28 22:21 - 2016-04-28 22:22 - 01222144 _____ C:\Users\Frenky\Downloads\RSITx64.exe
2016-04-28 21:28 - 2016-04-28 21:36 - 00279416 _____ C:\windows\ntbtlog.txt
2016-04-28 21:09 - 2016-04-28 21:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Frenky\Downloads\SpyHunter-Installer.exe
2016-04-28 20:11 - 2016-04-28 20:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-28 20:11 - 2016-04-28 20:11 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-04-28 19:39 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-04-28 19:39 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-04-28 19:39 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-04-28 19:39 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-04-28 19:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-04-28 19:38 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-28 16:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-28 16:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-04-28 04:43 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-28 04:43 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-04-28 04:43 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-28 04:43 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-04-28 04:43 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-28 04:43 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-04-28 04:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-04-28 04:43 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-04-28 04:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-04-28 04:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-04-28 04:43 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-04-28 04:42 - 2016-01-22 08:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-28 04:42 - 2016-01-22 08:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-28 04:42 - 2016-01-22 08:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-28 04:42 - 2016-01-22 06:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-28 04:42 - 2016-01-22 06:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-28 04:42 - 2016-01-22 06:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 06:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-28 04:42 - 2016-01-22 06:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2015-09-23 15:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-28 04:42 - 2015-09-23 15:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42 - 2015-09-23 15:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-04-28 04:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-04-28 04:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-04-28 04:41 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-04-28 04:41 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-04-28 04:41 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-04-28 04:41 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-28 04:41 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-28 04:41 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-04-28 04:12 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-04-28 04:11 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-04-28 04:11 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-04-28 04:11 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-04-28 04:11 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-04-28 04:11 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-04-28 04:10 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-28 04:10 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-28 04:10 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-28 04:10 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-28 04:10 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-28 04:10 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-28 04:10 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-28 04:10 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-28 04:10 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-28 04:10 - 2015-12-08 23:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-04-28 04:10 - 2015-12-08 21:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-04-28 04:09 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-04-28 04:09 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-04-28 04:09 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-04-28 04:09 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-04-28 04:09 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-04-28 04:09 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-04-28 04:09 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-04-28 04:07 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-04-28 04:07 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-04-27 23:23 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-04-27 23:23 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-04-27 23:22 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-04-27 23:22 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-04-27 23:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-04-27 20:35 - 2016-04-27 20:35 - 00187674 _____ C:\Users\Frenky\Downloads\B48E.tmp
2016-04-27 19:22 - 2016-04-27 19:22 - 00003106 _____ C:\windows\System32\Tasks\{9AD7C23E-673D-4474-B258-902EE5DB636F}
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\Program Files\ESET
2016-04-27 16:57 - 2016-04-27 16:57 - 03013792 _____ (ESET) C:\Users\Frenky\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-04-27 09:53 - 2016-04-27 09:53 - 00460288 _____ C:\windows\system32\bi2.exe
2016-04-26 21:39 - 2016-04-26 21:39 - 02870984 _____ (ESET) C:\Users\Frenky\Downloads\esetsmartinstaller_sky (1).exe
2016-04-26 21:10 - 2016-04-26 21:09 - 00097400 ____N (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2016-04-26 21:09 - 2016-04-26 21:09 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:05 - 2016-04-27 16:21 - 00004164 _____ C:\windows\System32\Tasks\SMW_P
2016-04-26 21:05 - 2016-04-26 21:05 - 00356864 _____ C:\ProgramData\smp2.exe
2016-04-26 21:05 - 2016-04-26 21:05 - 00000000 ____D C:\Program Files\Common Files\Doobzo
2016-04-26 21:02 - 2016-04-26 21:02 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 978165.crdownload
2016-04-26 20:59 - 2016-04-26 20:59 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 438925.crdownload
2016-04-25 00:59 - 2016-04-25 01:14 - 00000000 ____D C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit
2016-04-25 00:29 - 2016-04-25 00:54 - 1216220336 _____ C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit.exe
2016-04-24 23:43 - 2016-04-24 23:43 - 01027735 _____ C:\Users\Frenky\Downloads\Autocad_2013_crack_rar.zip
2016-04-24 22:20 - 2016-04-24 22:20 - 00002357 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština britské (Czech Imperial).lnk
2016-04-24 22:20 - 2016-04-24 22:20 - 00002353 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština metrické (Czech Metric).lnk
2016-04-24 22:19 - 2016-04-24 22:19 - 00002141 _____ C:\Users\Public\Desktop\AutoCAD Civil 3D as AutoCAD 2013.lnk
2016-04-24 21:55 - 2016-04-24 21:56 - 00000000 ____D C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55 - 2016-04-24 21:55 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-24 21:48 - 2016-04-24 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-24 21:42 - 2013-02-14 14:16 - 00000029 _____ C:\Users\Frenky\Desktop\serial.txt
2016-04-24 21:33 - 2016-04-24 21:35 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka (2)
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Projects
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Project Templates
2016-04-24 18:58 - 2016-04-24 18:58 - 00206816 _____ C:\Users\Frenky\Downloads\SITUACIA.dwg
2016-04-24 15:29 - 2016-04-24 17:29 - 00829123 _____ C:\Users\Frenky\Desktop\rez_vjazdu-chodnika.dwg
2016-04-24 09:48 - 2016-04-24 19:05 - 00053867 _____ C:\Users\Frenky\Desktop\HOJDACKA.dwg
2016-04-24 09:48 - 2016-04-24 15:05 - 00053547 _____ C:\Users\Frenky\Desktop\HOJDACKA.bak
2016-04-14 20:46 - 2016-04-24 19:05 - 00050889 _____ C:\Users\Frenky\Desktop\šachta.dwg
2016-04-14 15:09 - 2016-04-14 15:09 - 00264552 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00186784 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00170792 _____ (ESET) C:\windows\system32\Drivers\epfwwfpr.sys
2016-04-12 22:16 - 2016-04-12 22:16 - 00338280 _____ (Autodesk Inc.) C:\Users\Frenky\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-04-04 21:00 - 2016-04-04 21:00 - 00877269 _____ C:\Users\Frenky\Desktop\Nová složka.rar
2016-04-04 20:57 - 2016-04-04 20:59 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka
2016-04-03 18:07 - 2016-04-03 18:09 - 00000000 ____D C:\Users\Frenky\Desktop\FOTAK_3.4.2016

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-29 20:47 - 2009-07-14 17:18 - 00663716 _____ C:\windows\system32\perfh005.dat
2016-04-29 20:47 - 2009-07-14 17:18 - 00142306 _____ C:\windows\system32\perfc005.dat
2016-04-29 20:47 - 2009-07-14 07:13 - 01592614 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-29 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-29 18:54 - 2014-12-27 16:46 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-29 18:50 - 2009-12-13 19:41 - 00000000 ___HD C:\windows\msdownld.tmp
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-29 15:38 - 2011-01-08 13:09 - 00000000 ____D C:\Users\Frenky\AppData\Local\ElevatedDiagnostics
2016-04-28 23:18 - 2011-03-02 14:37 - 00327680 _____ C:\windows\system32\Ikeext.etl
2016-04-28 23:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2016-04-28 23:12 - 2014-08-11 22:36 - 00000000 ____D C:\windows\system32\log
2016-04-28 23:12 - 2012-01-09 21:26 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-28 23:07 - 2014-07-29 20:02 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job
2016-04-28 22:58 - 2015-05-26 18:10 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-28 22:58 - 2015-05-26 18:10 - 00002393 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 22:58 - 2010-10-21 13:03 - 00001600 _____ C:\Users\Frenky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-28 22:55 - 2014-12-21 23:34 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-28 22:52 - 2011-04-30 14:51 - 00000000 ____D C:\windows\pss
2016-04-28 22:43 - 2010-10-21 14:31 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:44 - 2010-11-06 20:19 - 07177728 ___SH C:\Users\Frenky\Desktop\Thumbs.db
2016-04-28 21:44 - 2010-10-21 13:05 - 00003986 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{6857A334-B6AF-490C-8D5A-62E70274DC70}
2016-04-28 21:42 - 2010-10-21 14:31 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 21:39 - 2013-10-26 20:30 - 00000286 _____ C:\servicetest.txt
2016-04-28 21:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-28 21:00 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-04-28 20:16 - 2009-07-14 06:45 - 05148368 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-28 20:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-04-28 03:28 - 2012-01-11 12:54 - 00000000 ____D C:\Users\Frenky\Downloads\programy
2016-04-26 21:13 - 2010-10-21 12:54 - 00170936 _____ C:\Users\Frenky\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-26 21:10 - 2010-11-20 19:14 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\vlc
2016-04-25 00:09 - 2010-10-22 00:04 - 00000000 ____D C:\Users\Frenky\Documents\TEXT
2016-04-24 22:05 - 2010-10-26 22:21 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45 - 2012-09-16 08:38 - 00000000 ____D C:\Program Files\Autodesk
2016-04-24 21:35 - 2012-09-15 19:19 - 00000000 ____D C:\Autodesk
2016-04-24 21:29 - 2013-10-26 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoTURN 8
2016-04-24 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Local\Autodesk
2016-04-24 21:09 - 2010-10-21 22:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-24 21:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-24 20:59 - 2014-04-13 21:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-24 20:50 - 2015-06-15 21:19 - 00000000 ____D C:\Program Files (x86)\RoadPAC
2016-04-24 20:25 - 2010-10-21 12:50 - 00000000 ____D C:\Users\Frenky
2016-04-24 19:18 - 2014-01-08 20:26 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-24 09:38 - 2015-05-21 22:32 - 00000892 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-10 15:55 - 2015-05-21 22:32 - 00003894 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-10 15:55 - 2014-12-21 23:34 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-10 15:55 - 2014-07-06 21:37 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-10 15:55 - 2011-11-20 21:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-10-28 22:37 - 2013-08-27 22:51 - 0047104 _____ () C:\Users\Frenky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-24 22:42 - 2012-10-24 22:45 - 0007607 _____ () C:\Users\Frenky\AppData\Local\resmon.resmoncfg
2012-03-03 22:01 - 2012-03-03 22:01 - 0000928 _____ () C:\Users\Frenky\AppData\Local\SRDownloader.nast
2016-02-29 21:00 - 2016-02-29 21:00 - 0000000 _____ () C:\ProgramData\AdApplicationManager-installer.init.lock
2012-06-25 16:14 - 2012-06-25 16:35 - 0000845 _____ () C:\ProgramData\hpzinstall.log
2016-04-26 21:05 - 2016-04-26 21:05 - 0356864 _____ () C:\ProgramData\smp2.exe

Files to move or delete:
====================
C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat
C:\ProgramData\smp2.exe

Some files in TEMP:
====================
C:\Users\Frenky\AppData\Local\Temp\AcDeltree.exe
C:\Users\Frenky\AppData\Local\Temp\GURB9B6.exe
C:\Users\Frenky\AppData\Local\Temp\GURF77E.exe
C:\Users\Frenky\AppData\Local\Temp\libeay32.dll
C:\Users\Frenky\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Frenky\AppData\Local\Temp\msvcr120.dll
C:\Users\Frenky\AppData\Local\Temp\sqlite3.dll
C:\Users\Frenky\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-08 21:46

==================== End of FRST.txt ============================

#8 Příspěvek od **JaRon** » 30 dub 2016 10:00

Pouzi fixlist z 10.20 http://forum.viry.cz/viewtopic.php?f=13 ... t#p1445203
Potom vloz novy log FRST, ked budem mat trochu casu
Napisem novy fixlist na docistenie

frenky · #9 Příspěvek od **frenky** » 30 dub 2016 11:14

tu je log
stále som v núdzovom režime

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Frenky (administrator) on FRENKY-TOTH (30-04-2016 12:09:12)
Running from C:\Users\Frenky\Desktop
Loaded Profiles: Frenky (Available Profiles: Frenky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10103840 2010-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1870120 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat <===== ATTENTION
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {152aeec0-de50-11e0-bcc3-806e6f6e6963} - E:\cdstart.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {249f124e-53b0-11e3-a26e-002258c50d05} - F:\Startme.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {3b77c823-a9ac-11e1-b456-002258c50d05} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {7c0b5ac0-dd08-11df-a938-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {970f4721-030f-11e3-9a90-002258c50d05} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {b6cfc72b-1912-11e1-b7a7-002258c50d05} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554DF99E-CA5D-498E-9468-31E0B544FE5B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{73F3A328-537D-4191-96CE-4EA077D137E4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C48A2676-C00C-4AC1-9548-F42C76A9C108}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 - (No Name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {1CF10534-AAAA-4187-B063-1F8AAC0003D6} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {42293AE4-C47D-4394-6191-60EBC31DC559} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {662F2179-B80F-481B-9EAE-CBF16A14131B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {7FD08847-D78E-4FA9-8830-027AB428D5C1} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default
FF NewTab: about:blank
FF DefaultSearchEngine: YAC Safe Search
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/O1DPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\user.js [2011-12-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: No Name - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=toshibaxmk6465gsx_407ib0n0bxx407ib0n0b&ts=1461768683
CHR DefaultSearchKeyword: Default -> yac safe search
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S2 Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [446464 2012-05-01] () [File not signed]
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
S2 QQRepair238d; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d" [X]
S2 QQRepair9f4; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4" [X]
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
S2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
S2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [670208 2004-11-05] (Aladdin Knowledge Systems Ltd.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-02] (Duplex Secure Ltd.)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [File not signed]
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-30 12:09 - 2016-04-30 12:09 - 00019466 _____ C:\Users\Frenky\Desktop\FRST.txt
2016-04-30 12:03 - 2016-04-30 12:04 - 00003177 _____ C:\Users\Frenky\Desktop\Fixlog.txt
2016-04-30 12:03 - 2016-04-29 20:33 - 02376704 _____ (Farbar) C:\Users\Frenky\Desktop\FRST64.exe
2016-04-29 20:46 - 2016-04-30 12:09 - 00000000 ____D C:\FRST
2016-04-29 18:21 - 2016-04-29 18:21 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-28 23:17 - 2016-04-28 23:17 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-28 23:00 - 2016-04-28 23:07 - 00000000 ____D C:\AdwCleaner
2016-04-28 22:58 - 2016-04-28 22:59 - 03581504 _____ C:\Users\Frenky\Downloads\adwcleaner_5.114.exe
2016-04-28 22:22 - 2016-04-29 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-04-28 22:22 - 2016-04-28 22:23 - 00000000 ____D C:\rsit
2016-04-28 22:21 - 2016-04-28 22:22 - 01222144 _____ C:\Users\Frenky\Downloads\RSITx64.exe
2016-04-28 21:28 - 2016-04-28 21:36 - 00279416 _____ C:\windows\ntbtlog.txt
2016-04-28 21:09 - 2016-04-28 21:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Frenky\Downloads\SpyHunter-Installer.exe
2016-04-28 20:11 - 2016-04-28 20:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-28 20:11 - 2016-04-28 20:11 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-04-28 19:39 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-04-28 19:39 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-04-28 19:39 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-04-28 19:39 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-04-28 19:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-04-28 19:38 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-28 16:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-28 16:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-04-28 04:43 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-28 04:43 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-04-28 04:43 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-28 04:43 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-04-28 04:43 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-28 04:43 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-04-28 04:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-04-28 04:43 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-04-28 04:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-04-28 04:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-04-28 04:43 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-04-28 04:42 - 2016-01-22 08:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-28 04:42 - 2016-01-22 08:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-28 04:42 - 2016-01-22 08:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-28 04:42 - 2016-01-22 06:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-28 04:42 - 2016-01-22 06:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-28 04:42 - 2016-01-22 06:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 06:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-28 04:42 - 2016-01-22 06:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2015-09-23 15:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-28 04:42 - 2015-09-23 15:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42 - 2015-09-23 15:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-04-28 04:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-04-28 04:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-04-28 04:41 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-04-28 04:41 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-04-28 04:41 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-04-28 04:41 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-28 04:41 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-28 04:41 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-04-28 04:12 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-04-28 04:11 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-04-28 04:11 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-04-28 04:11 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-04-28 04:11 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-04-28 04:11 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-04-28 04:10 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-28 04:10 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-28 04:10 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-28 04:10 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-28 04:10 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-28 04:10 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-28 04:10 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-28 04:10 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-28 04:10 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-28 04:10 - 2015-12-08 23:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-04-28 04:10 - 2015-12-08 21:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-04-28 04:09 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-04-28 04:09 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-04-28 04:09 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-04-28 04:09 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-04-28 04:09 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-04-28 04:09 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-04-28 04:09 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-04-28 04:07 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-04-28 04:07 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-04-27 23:23 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-04-27 23:23 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-04-27 23:22 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-04-27 23:22 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-04-27 23:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-04-27 20:35 - 2016-04-27 20:35 - 00187674 _____ C:\Users\Frenky\Downloads\B48E.tmp
2016-04-27 19:22 - 2016-04-27 19:22 - 00003106 _____ C:\windows\System32\Tasks\{9AD7C23E-673D-4474-B258-902EE5DB636F}
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\Program Files\ESET
2016-04-27 16:57 - 2016-04-27 16:57 - 03013792 _____ (ESET) C:\Users\Frenky\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-04-27 09:53 - 2016-04-27 09:53 - 00460288 _____ C:\windows\system32\bi2.exe
2016-04-26 21:39 - 2016-04-26 21:39 - 02870984 _____ (ESET) C:\Users\Frenky\Downloads\esetsmartinstaller_sky (1).exe
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:05 - 2016-04-27 16:21 - 00004164 _____ C:\windows\System32\Tasks\SMW_P
2016-04-26 21:05 - 2016-04-26 21:05 - 00356864 _____ C:\ProgramData\smp2.exe
2016-04-26 21:05 - 2016-04-26 21:05 - 00000000 ____D C:\Program Files\Common Files\Doobzo
2016-04-26 21:02 - 2016-04-26 21:02 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 978165.crdownload
2016-04-26 20:59 - 2016-04-26 20:59 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 438925.crdownload
2016-04-25 00:59 - 2016-04-25 01:14 - 00000000 ____D C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit
2016-04-25 00:29 - 2016-04-25 00:54 - 1216220336 _____ C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit.exe
2016-04-24 23:43 - 2016-04-24 23:43 - 01027735 _____ C:\Users\Frenky\Downloads\Autocad_2013_crack_rar.zip
2016-04-24 22:20 - 2016-04-24 22:20 - 00002357 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština britské (Czech Imperial).lnk
2016-04-24 22:20 - 2016-04-24 22:20 - 00002353 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština metrické (Czech Metric).lnk
2016-04-24 22:19 - 2016-04-24 22:19 - 00002141 _____ C:\Users\Public\Desktop\AutoCAD Civil 3D as AutoCAD 2013.lnk
2016-04-24 21:55 - 2016-04-24 21:56 - 00000000 ____D C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55 - 2016-04-24 21:55 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-24 21:48 - 2016-04-24 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-24 21:42 - 2013-02-14 14:16 - 00000029 _____ C:\Users\Frenky\Desktop\serial.txt
2016-04-24 21:33 - 2016-04-24 21:35 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka (2)
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Projects
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Project Templates
2016-04-24 18:58 - 2016-04-24 18:58 - 00206816 _____ C:\Users\Frenky\Downloads\SITUACIA.dwg
2016-04-24 15:29 - 2016-04-24 17:29 - 00829123 _____ C:\Users\Frenky\Desktop\rez_vjazdu-chodnika.dwg
2016-04-24 09:48 - 2016-04-24 19:05 - 00053867 _____ C:\Users\Frenky\Desktop\HOJDACKA.dwg
2016-04-24 09:48 - 2016-04-24 15:05 - 00053547 _____ C:\Users\Frenky\Desktop\HOJDACKA.bak
2016-04-14 20:46 - 2016-04-24 19:05 - 00050889 _____ C:\Users\Frenky\Desktop\šachta.dwg
2016-04-14 15:09 - 2016-04-14 15:09 - 00264552 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00186784 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00170792 _____ (ESET) C:\windows\system32\Drivers\epfwwfpr.sys
2016-04-12 22:16 - 2016-04-12 22:16 - 00338280 _____ (Autodesk Inc.) C:\Users\Frenky\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-04-04 21:00 - 2016-04-04 21:00 - 00877269 _____ C:\Users\Frenky\Desktop\Nová složka.rar
2016-04-04 20:57 - 2016-04-04 20:59 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka
2016-04-03 18:07 - 2016-04-03 18:09 - 00000000 ____D C:\Users\Frenky\Desktop\FOTAK_3.4.2016

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-30 12:08 - 2010-11-06 20:19 - 07177728 ___SH C:\Users\Frenky\Desktop\Thumbs.db
2016-04-30 12:03 - 2010-10-26 20:31 - 00000000 ____D C:\Users\Frenky\AppData\LocalLow\Temp
2016-04-30 12:02 - 2009-07-14 17:18 - 00663716 _____ C:\windows\system32\perfh005.dat
2016-04-30 12:02 - 2009-07-14 17:18 - 00142306 _____ C:\windows\system32\perfc005.dat
2016-04-30 12:02 - 2009-07-14 07:13 - 01592614 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-30 12:02 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-29 18:54 - 2014-12-27 16:46 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-29 18:50 - 2009-12-13 19:41 - 00000000 ___HD C:\windows\msdownld.tmp
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-29 15:38 - 2011-01-08 13:09 - 00000000 ____D C:\Users\Frenky\AppData\Local\ElevatedDiagnostics
2016-04-28 23:18 - 2011-03-02 14:37 - 00327680 _____ C:\windows\system32\Ikeext.etl
2016-04-28 23:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2016-04-28 23:12 - 2014-08-11 22:36 - 00000000 ____D C:\windows\system32\log
2016-04-28 23:12 - 2012-01-09 21:26 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-28 23:07 - 2014-07-29 20:02 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job
2016-04-28 22:58 - 2015-05-26 18:10 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-28 22:58 - 2015-05-26 18:10 - 00002393 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 22:58 - 2010-10-21 13:03 - 00001600 _____ C:\Users\Frenky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-28 22:55 - 2014-12-21 23:34 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-28 22:52 - 2011-04-30 14:51 - 00000000 ____D C:\windows\pss
2016-04-28 22:43 - 2010-10-21 14:31 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:44 - 2010-10-21 13:05 - 00003986 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{6857A334-B6AF-490C-8D5A-62E70274DC70}
2016-04-28 21:42 - 2010-10-21 14:31 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 21:39 - 2013-10-26 20:30 - 00000286 _____ C:\servicetest.txt
2016-04-28 21:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-28 21:00 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-04-28 20:16 - 2009-07-14 06:45 - 05148368 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-28 20:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-04-28 03:28 - 2012-01-11 12:54 - 00000000 ____D C:\Users\Frenky\Downloads\programy
2016-04-26 21:13 - 2010-10-21 12:54 - 00170936 _____ C:\Users\Frenky\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-26 21:10 - 2010-11-20 19:14 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\vlc
2016-04-25 00:09 - 2010-10-22 00:04 - 00000000 ____D C:\Users\Frenky\Documents\TEXT
2016-04-24 22:05 - 2010-10-26 22:21 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45 - 2012-09-16 08:38 - 00000000 ____D C:\Program Files\Autodesk
2016-04-24 21:35 - 2012-09-15 19:19 - 00000000 ____D C:\Autodesk
2016-04-24 21:29 - 2013-10-26 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoTURN 8
2016-04-24 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Local\Autodesk
2016-04-24 21:09 - 2010-10-21 22:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-24 21:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-24 20:59 - 2014-04-13 21:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-24 20:50 - 2015-06-15 21:19 - 00000000 ____D C:\Program Files (x86)\RoadPAC
2016-04-24 20:25 - 2010-10-21 12:50 - 00000000 ____D C:\Users\Frenky
2016-04-24 19:18 - 2014-01-08 20:26 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-24 09:38 - 2015-05-21 22:32 - 00000892 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-10 15:55 - 2015-05-21 22:32 - 00003894 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-10 15:55 - 2014-12-21 23:34 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-10 15:55 - 2014-07-06 21:37 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-10 15:55 - 2011-11-20 21:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-10-28 22:37 - 2013-08-27 22:51 - 0047104 _____ () C:\Users\Frenky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-24 22:42 - 2012-10-24 22:45 - 0007607 _____ () C:\Users\Frenky\AppData\Local\resmon.resmoncfg
2012-03-03 22:01 - 2012-03-03 22:01 - 0000928 _____ () C:\Users\Frenky\AppData\Local\SRDownloader.nast
2016-02-29 21:00 - 2016-02-29 21:00 - 0000000 _____ () C:\ProgramData\AdApplicationManager-installer.init.lock
2012-06-25 16:14 - 2012-06-25 16:35 - 0000845 _____ () C:\ProgramData\hpzinstall.log
2016-04-26 21:05 - 2016-04-26 21:05 - 0356864 _____ () C:\ProgramData\smp2.exe

Files to move or delete:
====================
C:\ProgramData\smp2.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-08 21:46

==================== End of FRST.txt ============================

#10 Příspěvek od **JaRon** » 30 dub 2016 12:15

pouzi fixlist - log po jeho pouziti sem

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat <===== ATTENTION
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
URLSearchHook: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 - (No Name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - No File
FF DefaultSearchEngine: YAC Safe Search
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search
CHR DefaultSearchURL: Default -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=toshibaxmk6465gsx_407ib0n0bxx407ib0n0b&ts=1461768683
CHR DefaultSearchKeyword: Default -> yac safe search
S2 QQRepair238d; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d" [X]
S2 QQRepair9f4; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4" [X]
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [X]
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [X]
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
C:\ProgramData\smp2.exe




Reboot:
End

frenky · #11 Příspěvek od **frenky** » 30 dub 2016 12:32

Fix result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Frenky (2016-04-30 13:28:34) Run:2
Running from C:\Users\Frenky\Desktop
Loaded Profiles: Frenky (Available Profiles: Frenky)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Frenky\AppData\Local\Temp\DeleteOnReboot.bat <===== ATTENTION
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
URLSearchHook: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 - (No Name) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=93018773_hao_pg
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> No Name - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - No File
FF DefaultSearchEngine: YAC Safe Search
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search
CHR DefaultSearchURL: Default -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=toshibaxmk6465gsx_407ib0n0bxx407ib0n0b&ts=1461768683
CHR DefaultSearchKeyword: Default -> yac safe search
S2 QQRepair238d; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair238d" [X]
S2 QQRepair9f4; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair9f4" [X]
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [X]
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [X]
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
2016-04-26 21:07 - 2016-04-28 23:19 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Tencent
C:\ProgramData\smp2.exe

Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteOnReboot => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{dfabc5b5-039b-4865-979a-de31cdf3e351} => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DFABC5B5-039B-4865-979A-DE31CDF3E351} => value removed successfully
HKCR\CLSID\{DFABC5B5-039B-4865-979A-DE31CDF3E351} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
QQRepair238d => service removed successfully
QQRepair9f4 => service removed successfully
QQRepairFixSVC => service removed successfully
Angelnt => service removed successfully
SRepairDrv => service removed successfully
TSDefenseBt => service removed successfully
C:\Users\Frenky\AppData\Roaming\Tencent => moved successfully
"C:\Users\Frenky\AppData\Roaming\Tencent" => not found.
C:\ProgramData\smp2.exe => moved successfully

The system needed a reboot.

==== End of Fixlog 13:28:34 ====

#12 Příspěvek od **JaRon** » 30 dub 2016 12:41

restartuj PC a vloz aktualny FRST

frenky · #13 Příspěvek od **frenky** » 30 dub 2016 13:22

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Frenky (administrator) on FRENKY-TOTH (30-04-2016 14:19:58)
Running from C:\Users\Frenky\Desktop
Loaded Profiles: Frenky (Available Profiles: Frenky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\userinit.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10103840 2010-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1870120 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {152aeec0-de50-11e0-bcc3-806e6f6e6963} - E:\cdstart.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {249f124e-53b0-11e3-a26e-002258c50d05} - F:\Startme.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {3b77c823-a9ac-11e1-b456-002258c50d05} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {7c0b5ac0-dd08-11df-a938-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {970f4721-030f-11e3-9a90-002258c50d05} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2589465553-2425290425-2319165384-1001\...\MountPoints2: {b6cfc72b-1912-11e1-b7a7-002258c50d05} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-05-27]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554DF99E-CA5D-498E-9468-31E0B544FE5B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{73F3A328-537D-4191-96CE-4EA077D137E4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C48A2676-C00C-4AC1-9548-F42C76A9C108}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {1CF10534-AAAA-4187-B063-1F8AAC0003D6} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {42293AE4-C47D-4394-6191-60EBC31DC559} URL =
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {662F2179-B80F-481B-9EAE-CBF16A14131B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2589465553-2425290425-2319165384-1001 -> {7FD08847-D78E-4FA9-8830-027AB428D5C1} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default
FF NewTab: about:blank
FF Homepage: about:blank
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @talk.google.com/O1DPlugin -> C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589465553-2425290425-2319165384-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Frenky\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\user.js [2011-12-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Frenky\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: No Name - C:\Users\Frenky\AppData\Roaming\Mozilla\Firefox\Profiles\7m5fwmum.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Frenky\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frenky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S2 Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [446464 2012-05-01] () [File not signed]
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
S2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
S2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [670208 2004-11-05] (Aladdin Knowledge Systems Ltd.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-02] (Duplex Secure Ltd.)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-30 13:28 - 2016-04-30 13:28 - 00006325 _____ C:\Users\Frenky\Desktop\Fixlog.txt
2016-04-30 12:10 - 2016-04-30 12:12 - 00069490 _____ C:\Users\Frenky\Desktop\Addition.txt
2016-04-30 12:09 - 2016-04-30 14:19 - 00000786 _____ C:\Users\Frenky\Desktop\FRST.txt
2016-04-30 12:03 - 2016-04-29 20:33 - 02376704 _____ (Farbar) C:\Users\Frenky\Desktop\FRST64.exe
2016-04-29 20:46 - 2016-04-30 14:19 - 00000000 ____D C:\FRST
2016-04-29 18:21 - 2016-04-29 18:21 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-28 23:17 - 2016-04-28 23:17 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-28 23:00 - 2016-04-28 23:07 - 00000000 ____D C:\AdwCleaner
2016-04-28 22:58 - 2016-04-28 22:59 - 03581504 _____ C:\Users\Frenky\Downloads\adwcleaner_5.114.exe
2016-04-28 22:22 - 2016-04-29 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-04-28 22:22 - 2016-04-28 22:23 - 00000000 ____D C:\rsit
2016-04-28 22:21 - 2016-04-28 22:22 - 01222144 _____ C:\Users\Frenky\Downloads\RSITx64.exe
2016-04-28 21:28 - 2016-04-28 21:36 - 00279416 _____ C:\windows\ntbtlog.txt
2016-04-28 21:09 - 2016-04-28 21:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Frenky\Downloads\SpyHunter-Installer.exe
2016-04-28 20:11 - 2016-04-28 20:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-28 20:11 - 2016-04-28 20:11 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-04-28 19:39 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-04-28 19:39 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-04-28 19:39 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-04-28 19:39 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-04-28 19:39 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-04-28 19:38 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-04-28 19:38 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-04-28 16:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-28 16:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-28 16:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-04-28 16:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-04-28 04:43 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-28 04:43 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-04-28 04:43 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-04-28 04:43 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-04-28 04:43 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-04-28 04:43 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-28 04:43 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-04-28 04:43 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-04-28 04:43 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-04-28 04:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-04-28 04:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-28 04:43 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-04-28 04:43 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-04-28 04:43 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-04-28 04:43 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-04-28 04:43 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-04-28 04:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-04-28 04:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-04-28 04:43 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-04-28 04:42 - 2016-01-22 08:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-28 04:42 - 2016-01-22 08:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-28 04:42 - 2016-01-22 08:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-28 04:42 - 2016-01-22 08:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 08:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 08:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-28 04:42 - 2016-01-22 08:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-28 04:42 - 2016-01-22 08:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-04-28 04:42 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-28 04:42 - 2016-01-22 08:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 07:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-28 04:42 - 2016-01-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-28 04:42 - 2016-01-22 07:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-28 04:42 - 2016-01-22 06:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-28 04:42 - 2016-01-22 06:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-28 04:42 - 2016-01-22 06:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-28 04:42 - 2016-01-22 06:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-28 04:42 - 2016-01-22 06:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-28 04:42 - 2016-01-22 06:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-28 04:42 - 2016-01-22 06:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-28 04:42 - 2016-01-22 06:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-28 04:42 - 2015-09-23 15:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-28 04:42 - 2015-09-23 15:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-04-28 04:42 - 2015-09-23 15:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-04-28 04:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-04-28 04:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-04-28 04:41 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-04-28 04:41 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-04-28 04:41 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-04-28 04:41 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-04-28 04:41 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-28 04:41 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-28 04:41 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-04-28 04:41 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-28 04:41 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-28 04:41 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-04-28 04:41 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-28 04:41 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-28 04:41 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-04-28 04:12 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-04-28 04:11 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-04-28 04:11 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-04-28 04:11 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-04-28 04:11 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-04-28 04:11 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-04-28 04:11 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-04-28 04:11 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-04-28 04:10 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-28 04:10 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-28 04:10 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-28 04:10 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-28 04:10 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-28 04:10 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-28 04:10 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-28 04:10 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-28 04:10 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-28 04:10 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-28 04:10 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-28 04:10 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-28 04:10 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-28 04:10 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-28 04:10 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-28 04:10 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-28 04:10 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-28 04:10 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-28 04:10 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-28 04:10 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-28 04:10 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-28 04:10 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-28 04:10 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-28 04:10 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-28 04:10 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-28 04:10 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-28 04:10 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-28 04:10 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-28 04:10 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-28 04:10 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-28 04:10 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-28 04:10 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-28 04:10 - 2015-12-08 23:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-04-28 04:10 - 2015-12-08 21:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-04-28 04:09 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-04-28 04:09 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-04-28 04:09 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-04-28 04:09 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-04-28 04:09 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-04-28 04:09 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-04-28 04:09 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-04-28 04:07 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-04-28 04:07 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-04-27 23:23 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-04-27 23:23 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-04-27 23:23 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-04-27 23:22 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-04-27 23:22 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-04-27 23:22 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-04-27 23:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-04-27 23:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-04-27 20:35 - 2016-04-27 20:35 - 00187674 _____ C:\Users\Frenky\Downloads\B48E.tmp
2016-04-27 19:22 - 2016-04-27 19:22 - 00003106 _____ C:\windows\System32\Tasks\{9AD7C23E-673D-4474-B258-902EE5DB636F}
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\ProgramData\ESET
2016-04-27 17:02 - 2016-04-27 17:02 - 00000000 ____D C:\Program Files\ESET
2016-04-27 16:57 - 2016-04-27 16:57 - 03013792 _____ (ESET) C:\Users\Frenky\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-04-27 09:53 - 2016-04-27 09:53 - 00460288 _____ C:\windows\system32\bi2.exe
2016-04-26 21:39 - 2016-04-26 21:39 - 02870984 _____ (ESET) C:\Users\Frenky\Downloads\esetsmartinstaller_sky (1).exe
2016-04-26 21:05 - 2016-04-27 16:21 - 00004164 _____ C:\windows\System32\Tasks\SMW_P
2016-04-26 21:05 - 2016-04-26 21:05 - 00000000 ____D C:\Program Files\Common Files\Doobzo
2016-04-26 21:02 - 2016-04-26 21:02 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 978165.crdownload
2016-04-26 20:59 - 2016-04-26 20:59 - 00282786 _____ C:\Users\Frenky\Downloads\Nepotvrdené 438925.crdownload
2016-04-25 00:59 - 2016-04-25 01:14 - 00000000 ____D C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit
2016-04-25 00:29 - 2016-04-25 00:54 - 1216220336 _____ C:\Users\Frenky\Desktop\AutoCAD_2013_English_Win_64bit.exe
2016-04-24 23:43 - 2016-04-24 23:43 - 01027735 _____ C:\Users\Frenky\Downloads\Autocad_2013_crack_rar.zip
2016-04-24 22:20 - 2016-04-24 22:20 - 00002357 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština britské (Czech Imperial).lnk
2016-04-24 22:20 - 2016-04-24 22:20 - 00002353 _____ C:\Users\Public\Desktop\AutoCAD Civil3D 2013 – čeština metrické (Czech Metric).lnk
2016-04-24 22:19 - 2016-04-24 22:19 - 00002141 _____ C:\Users\Public\Desktop\AutoCAD Civil 3D as AutoCAD 2013.lnk
2016-04-24 21:55 - 2016-04-24 21:56 - 00000000 ____D C:\Program Files (x86)\AutoCAD Civil 3D 2013
2016-04-24 21:55 - 2016-04-24 21:55 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-24 21:48 - 2016-04-24 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-24 21:42 - 2013-02-14 14:16 - 00000029 _____ C:\Users\Frenky\Desktop\serial.txt
2016-04-24 21:33 - 2016-04-24 21:35 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka (2)
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Projects
2016-04-24 19:42 - 2016-04-24 19:42 - 00000000 ____D C:\Civil 3D Project Templates
2016-04-24 18:58 - 2016-04-24 18:58 - 00206816 _____ C:\Users\Frenky\Downloads\SITUACIA.dwg
2016-04-24 15:29 - 2016-04-24 17:29 - 00829123 _____ C:\Users\Frenky\Desktop\rez_vjazdu-chodnika.dwg
2016-04-24 09:48 - 2016-04-24 19:05 - 00053867 _____ C:\Users\Frenky\Desktop\HOJDACKA.dwg
2016-04-24 09:48 - 2016-04-24 15:05 - 00053547 _____ C:\Users\Frenky\Desktop\HOJDACKA.bak
2016-04-14 20:46 - 2016-04-24 19:05 - 00050889 _____ C:\Users\Frenky\Desktop\šachta.dwg
2016-04-14 15:09 - 2016-04-14 15:09 - 00264552 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00186784 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2016-04-14 15:09 - 2016-04-14 15:09 - 00170792 _____ (ESET) C:\windows\system32\Drivers\epfwwfpr.sys
2016-04-12 22:16 - 2016-04-12 22:16 - 00338280 _____ (Autodesk Inc.) C:\Users\Frenky\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-04-04 21:00 - 2016-04-04 21:00 - 00877269 _____ C:\Users\Frenky\Desktop\Nová složka.rar
2016-04-04 20:57 - 2016-04-04 20:59 - 00000000 ____D C:\Users\Frenky\Desktop\Nová složka
2016-04-03 18:07 - 2016-04-03 18:09 - 00000000 ____D C:\Users\Frenky\Desktop\FOTAK_3.4.2016

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-30 13:34 - 2009-07-14 17:18 - 00663716 _____ C:\windows\system32\perfh005.dat
2016-04-30 13:34 - 2009-07-14 17:18 - 00142306 _____ C:\windows\system32\perfc005.dat
2016-04-30 13:34 - 2009-07-14 07:13 - 01592614 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-30 13:34 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-30 12:08 - 2010-11-06 20:19 - 07177728 ___SH C:\Users\Frenky\Desktop\Thumbs.db
2016-04-30 12:03 - 2010-10-26 20:31 - 00000000 ____D C:\Users\Frenky\AppData\LocalLow\Temp
2016-04-29 18:54 - 2014-12-27 16:46 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-29 18:50 - 2009-12-13 19:41 - 00000000 ___HD C:\windows\msdownld.tmp
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-29 18:21 - 2014-12-27 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-29 15:38 - 2011-01-08 13:09 - 00000000 ____D C:\Users\Frenky\AppData\Local\ElevatedDiagnostics
2016-04-28 23:18 - 2011-03-02 14:37 - 00327680 _____ C:\windows\system32\Ikeext.etl
2016-04-28 23:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing
2016-04-28 23:12 - 2014-08-11 22:36 - 00000000 ____D C:\windows\system32\log
2016-04-28 23:12 - 2012-01-09 21:26 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-28 23:07 - 2014-07-29 20:02 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2589465553-2425290425-2319165384-1001Core.job
2016-04-28 22:58 - 2015-05-26 18:10 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-28 22:58 - 2015-05-26 18:10 - 00002393 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 22:58 - 2010-10-21 13:03 - 00001600 _____ C:\Users\Frenky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-28 22:55 - 2014-12-21 23:34 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-28 22:52 - 2011-04-30 14:51 - 00000000 ____D C:\windows\pss
2016-04-28 22:43 - 2010-10-21 14:31 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:47 - 2009-07-14 06:45 - 00016304 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 21:44 - 2010-10-21 13:05 - 00003986 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{6857A334-B6AF-490C-8D5A-62E70274DC70}
2016-04-28 21:42 - 2010-10-21 14:31 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 21:39 - 2013-10-26 20:30 - 00000286 _____ C:\servicetest.txt
2016-04-28 21:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-28 21:00 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-04-28 20:16 - 2009-07-14 06:45 - 05148368 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-28 20:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-04-28 03:28 - 2012-01-11 12:54 - 00000000 ____D C:\Users\Frenky\Downloads\programy
2016-04-26 21:13 - 2010-10-21 12:54 - 00170936 _____ C:\Users\Frenky\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-26 21:10 - 2010-11-20 19:14 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\vlc
2016-04-25 00:09 - 2010-10-22 00:04 - 00000000 ____D C:\Users\Frenky\Documents\TEXT
2016-04-24 22:05 - 2010-10-26 22:21 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-24 21:45 - 2012-09-16 08:38 - 00000000 ____D C:\Program Files\Autodesk
2016-04-24 21:35 - 2012-09-15 19:19 - 00000000 ____D C:\Autodesk
2016-04-24 21:29 - 2013-10-26 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoTURN 8
2016-04-24 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Roaming\Autodesk
2016-04-24 21:22 - 2010-10-21 22:37 - 00000000 ____D C:\Users\Frenky\AppData\Local\Autodesk
2016-04-24 21:09 - 2010-10-21 22:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-24 21:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-24 20:59 - 2014-04-13 21:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-24 20:50 - 2015-06-15 21:19 - 00000000 ____D C:\Program Files (x86)\RoadPAC
2016-04-24 20:25 - 2010-10-21 12:50 - 00000000 ____D C:\Users\Frenky
2016-04-24 19:18 - 2014-01-08 20:26 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-24 09:38 - 2015-05-21 22:32 - 00000892 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-10 15:55 - 2015-05-21 22:32 - 00003894 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-10 15:55 - 2014-12-21 23:34 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-10 15:55 - 2014-07-06 21:37 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-10 15:55 - 2011-11-20 21:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-10-28 22:37 - 2013-08-27 22:51 - 0047104 _____ () C:\Users\Frenky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-24 22:42 - 2012-10-24 22:45 - 0007607 _____ () C:\Users\Frenky\AppData\Local\resmon.resmoncfg
2012-03-03 22:01 - 2012-03-03 22:01 - 0000928 _____ () C:\Users\Frenky\AppData\Local\SRDownloader.nast
2016-02-29 21:00 - 2016-02-29 21:00 - 0000000 _____ () C:\ProgramData\AdApplicationManager-installer.init.lock
2012-06-25 16:14 - 2012-06-25 16:35 - 0000845 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-08 21:46

==================== End of FRST.txt ============================

#14 Příspěvek od **JaRon** » 30 dub 2016 13:39

Nooo vypada to pomerne slusne
Prescanuj PC s MBAM log sem

frenky · #15 Příspěvek od **frenky** » 30 dub 2016 15:28

tento log?

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.04.2016
Čas skenování: 15:58
Protokol: protokol.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.02.16.06
Databáze rootkitů: v2016.02.08.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Frenky

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 393194
Uplynulý čas: 24 min, 25 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

VIRY.CZ

vyskakujúce čínske okná

vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná

Re: vyskakujúce čínske okná