Rozsekaný windows HELP!

[Otoman]

Zdravím mám problém s windows 7 x64 , je vše pomalé a navíc mi v prohlížeči vyskakují okna :/ a sem tam jde slyšet aplaus

[Otoman]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Chuchej (administrator) on CHUCHEJ-PC (13-05-2016 10:20:28)
Running from C:\Users\Chuchej\Downloads
Loaded Profiles: Chuchej (Available Profiles: Chuchej)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(The Privoxy team - http://www.privoxy.org) C:\Program Files (x86)\AFC Secure Net\privoxy.exe
() C:\Program Files (x86)\AppCola\AppColaService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
() C:\Program Files (x86)\AppCola\AppColaLauncher.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
() C:\Program Files (x86)\Gaming Keyboard\OSD.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-04-29] (COMODO)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-23] (Apple Inc.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [950296 2015-03-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-02-24] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2016-03-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-03-23] (Oracle Corporation)
HKU\S-1-5-21-1773302446-1904236754-1123161198-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1773302446-1904236754-1123161198-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-05-08] (Valve Corporation)
HKU\S-1-5-21-1773302446-1904236754-1123161198-1001\...\Run: [XYAutoRun] => C:\Program Files (x86)\AppCola\AppColaLauncher.exe [935632 2016-02-19] ()
HKU\S-1-5-21-1773302446-1904236754-1123161198-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2016-04-17] (Safer Networking Limited)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-02-25] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1773302446-1904236754-1123161198-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1773302446-1904236754-1123161198-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 217.195.165.131 217.195.160.10 192.168.1.1
Tcpip\..\Interfaces\{1CD39E18-6C2D-4263-882C-B1593F399A66}: [DhcpNameServer] 217.195.165.131 217.195.160.10 192.168.1.1
ManualProxies: 1127.0.0.1:8118

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1773302446-1904236754-1123161198-1001 -> {41AEB965-C490-4933-B0E5-7CA17755F211} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-23] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2016-04-17] (Safer Networking Limited)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-01]
CHR Extension: (Dokumenty Google) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Disk Google) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-02-01]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-18]
CHR Extension: (YouTube) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]
CHR Extension: (Tabulky Google) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-13]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-02-01]
CHR Extension: (Gmail) - C:\Users\Chuchej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-25]
CHR Extension: (1bbb5cfd9e3fe08148f1956a552888c7) - C:\Program Files (x86)\Google\Chrome\Application\1bbb5cfd9e3fe08148f1956a552888c7 [2016-04-25]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Chuchej\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-04-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-23] (Apple Inc.)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-07] (Comodo)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817200 2016-04-29] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-04-29] (COMODO)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1787344 2016-02-24] (Micro-Star INT'L CO., LTD.)
R2 PrivoxyService; C:\Program Files (x86)\AFC Secure Net\privoxy.exe [371200 2016-05-11] (The Privoxy team - http://www.privoxy.org) [File not signed] <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XYService; C:\Program Files (x86)\AppCola\AppColaService.exe [89296 2016-02-19] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R3 CLVirtualBus02; C:\Windows\System32\DRIVERS\CLVirtualBus02.sys [95496 2015-12-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-04-27] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829608 2016-04-27] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-04-27] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-25] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-04-27] (COMODO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 RDID1079; C:\Windows\System32\Drivers\rdwm1079.sys [199296 2016-03-06] (Roland Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-19] (CyberLink Corp.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-13 10:02 - 2016-05-13 10:07 - 00060735 _____ C:\Users\Chuchej\Downloads\Addition.txt
2016-05-13 09:56 - 2016-05-13 10:21 - 00016733 _____ C:\Users\Chuchej\Downloads\FRST.txt
2016-05-13 09:56 - 2016-05-13 10:20 - 00000000 ____D C:\FRST
2016-05-13 09:55 - 2016-05-13 09:55 - 02381312 _____ (Farbar) C:\Users\Chuchej\Downloads\FRST64.exe
2016-05-12 12:22 - 2016-05-12 12:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-12 12:22 - 2016-05-12 12:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-12 12:22 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-12 12:22 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-12 12:22 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-12 12:21 - 2016-05-12 12:21 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-12 12:21 - 2016-05-12 12:21 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-12 12:21 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-12 12:21 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-12 12:21 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-12 12:21 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-12 12:21 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-12 12:21 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-12 12:19 - 2016-05-12 12:19 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-12 12:19 - 2016-05-12 12:19 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-12 12:19 - 2016-05-12 12:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-12 12:19 - 2016-05-12 12:19 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-12 12:19 - 2016-05-12 12:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-12 12:19 - 2016-05-12 12:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-12 12:19 - 2016-05-12 12:19 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-12 12:19 - 2016-05-12 12:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-12 12:19 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-12 12:19 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-12 12:19 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-12 12:18 - 2016-05-12 12:19 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-12 12:18 - 2016-05-12 12:19 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-12 12:18 - 2016-05-12 12:19 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-12 12:18 - 2016-05-12 12:19 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-12 12:18 - 2016-05-12 12:19 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-12 12:18 - 2016-05-12 12:19 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-12 12:18 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-12 12:16 - 2016-05-12 12:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-12 12:16 - 2016-05-12 12:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-12 12:16 - 2016-05-12 12:16 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-12 12:16 - 2016-05-12 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-12 12:16 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-12 12:16 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-12 12:16 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-12 12:16 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-12 12:16 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-12 12:16 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-12 12:16 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-12 12:16 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-12 12:16 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-12 12:16 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-12 12:16 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-12 12:16 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-12 12:16 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-12 12:16 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-12 12:16 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-12 12:16 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-12 12:16 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-12 12:16 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-12 12:16 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-12 12:16 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-12 12:16 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-12 12:16 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-12 12:16 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-12 12:14 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-04-26 21:30 - 2016-04-26 21:30 - 00000000 ____D C:\Users\Chuchej\Desktop\Kapela
2016-04-26 21:29 - 2016-04-26 21:30 - 370458155 _____ C:\Users\Chuchej\Downloads\documents-export-2016-04-26.zip
2016-04-25 18:45 - 2016-05-13 10:07 - 00003270 _____ C:\Windows\System32\Tasks\Omega Memory Uninstaller
2016-04-25 18:45 - 2016-04-25 18:45 - 00000000 ____D C:\Program Files (x86)\Omega Memory
2016-04-17 15:38 - 2016-04-17 20:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-04-17 15:38 - 2016-04-17 15:38 - 00001262 _____ C:\Users\Chuchej\Desktop\Spybot - Search & Destroy.lnk
2016-04-17 15:38 - 2016-04-17 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2016-04-17 15:38 - 2016-04-17 15:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-04-17 15:35 - 2016-04-17 15:35 - 16409960 _____ (Safer Networking Limited ) C:\Users\Chuchej\Downloads\spybotsd162.exe
2016-04-16 13:19 - 2016-05-12 23:58 - 00003274 _____ C:\Windows\System32\Tasks\AFC Secure Net Worker
2016-04-16 13:19 - 2016-04-16 13:19 - 00000000 ____D C:\Program Files (x86)\AFC Secure Net
2016-04-13 20:51 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 20:51 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 20:51 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 20:51 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:51 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:51 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:51 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 20:51 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 20:50 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:50 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 20:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 20:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 20:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 20:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 20:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 20:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 20:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 20:49 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 20:49 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 20:49 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 20:49 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 20:49 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 20:49 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-13 20:49 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 20:49 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 10:49 - 2016-04-13 10:51 - 00000000 ____D C:\Program Files (x86)\GUMB08A.tmp
2016-04-13 10:47 - 2016-04-13 16:48 - 04621272 _____ (Google) C:\Users\Chuchej\Downloads\chrome_cleanup_tool.exe
2016-04-13 10:46 - 2016-04-13 10:46 - 00003298 _____ C:\Windows\System32\Tasks\Fenix Defrag Logon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-13 10:14 - 2015-12-05 11:16 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-05-13 10:13 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 10:13 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 10:10 - 2015-12-05 11:30 - 07308244 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-05-13 10:07 - 2015-12-05 11:02 - 00002485 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 09:46 - 2015-10-06 12:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-13 09:45 - 2016-02-14 21:07 - 00000000 ____D C:\Users\Chuchej\AppData\Roaming\AppCola
2016-05-13 09:45 - 2015-12-05 10:59 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-13 09:45 - 2015-02-24 11:51 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-13 09:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-13 01:34 - 2015-09-18 09:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-13 00:37 - 2015-12-05 11:02 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 00:34 - 2015-09-18 09:26 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 00:34 - 2015-02-24 11:51 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 00:34 - 2015-02-24 11:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 00:34 - 2015-02-24 11:51 - 00003894 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-13 00:07 - 2015-06-25 00:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 00:05 - 2016-01-29 09:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-13 00:01 - 2015-02-26 10:26 - 00000000 ____D C:\Program Files\KMSnano
2016-05-12 23:51 - 2009-07-14 17:18 - 00743696 _____ C:\Windows\system32\perfh005.dat
2016-05-12 23:51 - 2009-07-14 17:18 - 00198346 _____ C:\Windows\system32\perfc005.dat
2016-05-12 23:51 - 2009-07-14 07:13 - 01718440 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-12 23:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-12 23:44 - 2009-07-14 06:45 - 00434696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-12 23:41 - 2015-02-25 01:13 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 23:41 - 2009-07-14 17:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 13:09 - 2015-02-24 12:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-05-12 13:01 - 2015-02-24 14:32 - 00000000 ____D C:\Windows\system32\MRT
2016-05-12 12:43 - 2015-02-24 14:32 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-12 09:38 - 2015-02-24 11:29 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424770140
2016-05-12 09:38 - 2015-02-24 11:28 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-12 09:30 - 2015-12-05 10:59 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-12 09:30 - 2015-12-05 10:59 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-12 09:30 - 2015-12-05 10:59 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-10 22:27 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-05-10 22:10 - 2016-03-18 12:52 - 00000000 ____D C:\Users\Chuchej\AppData\Roaming\HpUpdate
2016-05-08 16:17 - 2015-04-06 09:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-08 16:17 - 2015-04-06 09:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-08 13:48 - 2016-02-14 21:05 - 00000000 ____D C:\Users\Chuchej\Documents\AppCola
2016-05-03 21:25 - 2016-02-14 21:06 - 00001915 _____ C:\Users\Chuchej\Desktop\AppCola.lnk
2016-04-29 20:38 - 2015-12-05 11:17 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-04-27 23:09 - 2015-08-05 01:31 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-04-27 23:09 - 2015-08-05 01:31 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-04-27 23:08 - 2015-11-18 18:14 - 00829608 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-04-27 23:08 - 2015-11-18 18:14 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-04-27 23:05 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-04-27 23:04 - 2015-09-03 12:52 - 00596232 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-04-27 23:04 - 2015-09-03 12:52 - 00461648 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-04-27 23:00 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-04-27 22:58 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-04-27 22:55 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-04-27 22:53 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2016-04-17 01:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-15 13:54 - 2015-02-24 11:59 - 00000000 ____D C:\Users\Chuchej\AppData\Roaming\Winamp
2016-04-15 12:32 - 2015-02-24 11:55 - 00000000 ____D C:\Users\Chuchej\AppData\Roaming\uTorrent
2016-04-13 10:50 - 2015-12-05 10:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-13 10:46 - 2016-04-03 19:34 - 00003636 _____ C:\Windows\System32\Tasks\Fenix Defrag

==================== Files in the root of some directories =======

2016-02-14 18:57 - 2016-03-13 18:25 - 0000016 _____ () C:\Users\Chuchej\AppData\Roaming\msregsvv.dll
2015-05-10 10:24 - 2015-09-11 21:29 - 0004608 _____ () C:\Users\Chuchej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-18 12:51 - 2016-03-18 12:51 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-14 18:57 - 2016-03-13 18:25 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-12-25 20:32 - 2015-12-25 20:32 - 0005046 _____ () C:\ProgramData\pubjtini.xmz

Some files in TEMP:
====================
C:\Users\Chuchej\AppData\Local\Temp\GPUpd5712202D0.exe
C:\Users\Chuchej\AppData\Local\Temp\GPUpd572706E20.exe
C:\Users\Chuchej\AppData\Local\Temp\gpup_213.exe
C:\Users\Chuchej\AppData\Local\Temp\hp2_upd2_v1052.exe
C:\Users\Chuchej\AppData\Local\Temp\hp_u2_1733.exe
C:\Users\Chuchej\AppData\Local\Temp\hp_u_23822.exe
C:\Users\Chuchej\AppData\Local\Temp\libeay32.dll
C:\Users\Chuchej\AppData\Local\Temp\msvcr120.dll
C:\Users\Chuchej\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-29 18:33

==================== End of FRST.txt ============================

[Roli]

Zdravím, s tím nelegálním produktem od Microsoftu uděláme co ?

[Otoman]

Ahh to netuším , dělal mi to známí netuším ze jsou nelegal..

[Otoman]

Pomůže te mi ?

[Roli]

Pomůže te mi ?

Ano pomůžu, ale nejsem tady nonstop, chce to trochu trpělivosti.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files
C:\Program Files\KMSnano

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Nakonec použij Mbam z mého popdisu a dej mi sem z něj log po smazání nepořádku.

[Otoman]

Zde log z OTM po té akci
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\KMSnano\TokensBackup_05-15-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-15-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-14-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-14-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-13-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-13-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-11-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-11-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-10-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-10-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-09-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-09-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-08-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-08-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-06-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-06-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-05-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-05-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-04-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-04-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-03-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-03-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_02-26-2015\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_02-26-2015 folder moved successfully.
C:\Program Files\KMSnano\office2010vl folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\visio folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\proplus folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\project folder moved successfully.
C:\Program Files\KMSnano\kmscert2013 folder moved successfully.
C:\Program Files\KMSnano\Bios\keymaps folder moved successfully.
C:\Program Files\KMSnano\Bios folder moved successfully.
Folder move failed. C:\Program Files\KMSnano scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chuchej
->Temp folder emptied: 6701432 bytes
->Temporary Internet Files folder emptied: 1689793 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 335 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 923296 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1296064 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 104288 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7985539 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 05162016_055850




potom po restartu mi to poslalo todle
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\KMSnano\TokensBackup_05-15-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-15-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-14-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-14-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-13-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-13-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-11-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-11-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-10-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-10-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-09-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-09-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-08-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-08-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-06-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-06-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-05-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-05-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-04-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-04-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-03-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-03-2016 folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_02-26-2015\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_02-26-2015 folder moved successfully.
C:\Program Files\KMSnano\office2010vl folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\visio folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\proplus folder moved successfully.
C:\Program Files\KMSnano\kmscert2013\project folder moved successfully.
C:\Program Files\KMSnano\kmscert2013 folder moved successfully.
C:\Program Files\KMSnano\Bios\keymaps folder moved successfully.
C:\Program Files\KMSnano\Bios folder moved successfully.
Folder move failed. C:\Program Files\KMSnano scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chuchej
->Temp folder emptied: 6701432 bytes
->Temporary Internet Files folder emptied: 1689793 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 335 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 923296 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1296064 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 104288 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7985539 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 05162016_055850

Files moved on Reboot...
C:\Program Files\KMSnano\TokensBackup_05-16-2016\Cache folder moved successfully.
C:\Program Files\KMSnano\TokensBackup_05-16-2016 folder moved successfully.
Folder move failed. C:\Program Files\KMSnano scheduled to be moved on reboot.
C:\Users\Chuchej\AppData\Local\Temp\scoped_dir4204_17156\OTM.exe moved successfully.
C:\Users\Chuchej\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Roli]

Ještě si počkám na ten AdwCleaner a Mbam.

[Otoman]

Zde # AdwCleaner v5.117 - Log soubor vytvořen 16/05/2016 o 16:49:06
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 7 Ultimate Service Pack 1 (X64)
# Jméno uživatele : Chuchej - CHUCHEJ-PC
# Spuštěno z : C:\Users\Chuchej\AppData\Local\Temp\scoped_dir1368_31469\adwcleaner_5.117.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****


***** [ Webové prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7364 bytes] - [11/04/2016 10:42:09]
C:\AdwCleaner\AdwCleaner[C2].txt - [4370 bytes] - [16/05/2016 06:16:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [7069 bytes] - [11/04/2016 10:37:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [4108 bytes] - [16/05/2016 06:11:34]
C:\AdwCleaner\AdwCleaner[S3].txt - [4179 bytes] - [16/05/2016 06:15:07]
C:\AdwCleaner\AdwCleaner[S4].txt - [1083 bytes] - [16/05/2016 16:49:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1156 bytes] ##########

[Otoman]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 16.5.2016
Čas skenování: 16:27
Protokol: mam zaznam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.16.03
Databáze rootkitů: v2016.05.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Chuchej

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 298613
Uplynulý čas: 28 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 1
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-1773302446-1904236754-1123161198-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, Do karantény, [7f1426b04e4b11254bea486307fc2cd4]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Privoxy, C:\Program Files (x86)\Video Service, Do karantény, [b1e200d68c0d1e18dcc61cb9c142bc44],

Soubory: 12
RiskWare.Downloader, C:\ProgramData\Comodo\Cis\Quarantine\data\{4896923D-4508-4206-BC6A-A9EB0B2E7A4B}, Do karantény, [4152577f0b8e42f4070d81d5976ac040],
RiskWare.Tool.HCK, C:\ProgramData\Comodo\Cis\Quarantine\data\{9D773769-63D5-4D80-AE7B-8ABD4241FF9E}, Do karantény, [048fd9fdebaeb97d9acd4da8ea165ca4],
PUP.Optional.StartPlaying, C:\ProgramData\Comodo\Cis\Quarantine\data\{A0822FFF-1B58-4E50-9B3F-7493D5710FFC}, Do karantény, [eea56076bedb3303fb6f8cd28b7653ad],
HackTool.Kiser, C:\ProgramData\Comodo\Cis\Quarantine\data\{A6018629-DCF3-4D98-996C-66319C1D59A1}, Do karantény, [514231a5673268ce399acb535ca4639d],
RiskWare.Tool.HCK, C:\ProgramData\Comodo\Cis\Quarantine\data\{D623BDBB-EF1A-49CA-BAD1-8A3FE3156439}, Do karantény, [d6bd9a3c8b0e340251168e6748b8b947],
RiskWare.KG, C:\ProgramData\Comodo\Cis\Quarantine\data\{E794CF8C-34F4-4B60-96AF-3F0EAFD84198}, Do karantény, [eba8f4e2297085b1cdacaf6c9968758b],
RiskWare.KG, C:\ProgramData\Comodo\Cis\Quarantine\data\{F3A8F07C-8D81-4984-88E5-5CB6DCAD8EA4}, Do karantény, [f89b44925148cf671267aa71e02129d7],
RiskWare.Tool.HCK, C:\ProgramData\Comodo\Cis\Quarantine\data\{76E708CC-C8DF-4B10-970F-D628ACD340DC}, Do karantény, [791abc1a8415a5910f58c72ec13f6b95],
CrackTool.KMSPico, C:\Program Files\KMSnano\KMSELDI.exe, Do karantény, [4a499f370594db5b546c703457aad62a],
PUP.Optional.OpenCandy, C:\Users\Chuchej\Downloads\DTLite4491-0356.exe, Do karantény, [c4cf03d3a9f02016b4110e4ac93ba35d],
PUP.Optional.Amonetize, C:\Users\Chuchej\Downloads\rocksmith.2014.update.3.u.zip, Do karantény, [c0d3cf078712d85e2cf03c4f639ecc34],
PUP.Optional.Privoxy, C:\Program Files (x86)\Video Service\VideoService.exe, Do karantény, [b1e200d68c0d1e18dcc61cb9c142bc44],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Roli]

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[Otoman]

ComboFix 16-04-29.01 - Chuchej 17.05.2016 17:18:21.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.1293 [GMT 2:00]
Spuštěný z: c:\users\Chuchej\AppData\Local\Temp\scoped_dir3176_861\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Chuchej\AppData\Roaming\IHelper
F:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-04-17 do 2016-05-17 )))))))))))))))))))))))))))))))
.
.
2016-05-17 15:32 . 2016-05-17 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-16 04:13 . 2016-05-16 15:04 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-05-16 04:12 . 2016-05-16 04:12 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-05-16 04:12 . 2016-05-16 04:12 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-05-16 04:12 . 2016-05-16 04:12 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-05-16 04:12 . 2016-05-16 04:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-05-16 04:12 . 2016-05-16 04:12 -------- d-----w- c:\programdata\Malwarebytes
2016-05-16 03:58 . 2016-05-16 03:58 -------- d-----w- C:\_OTM
2016-05-15 20:03 . 2016-05-15 20:03 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-05-13 07:56 . 2016-05-13 08:24 -------- d-----w- C:\FRST
2016-05-12 10:22 . 2016-04-09 06:57 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-05-12 10:22 . 2016-04-09 06:54 312832 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-05-12 10:22 . 2016-04-09 05:49 3217408 ----a-w- c:\windows\system32\win32k.sys
2016-05-12 10:22 . 2016-05-12 10:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-05-12 10:22 . 2016-05-12 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2016-05-12 10:18 . 2016-04-23 05:00 417792 ----a-w- c:\windows\system32\html.iec
2016-05-12 10:18 . 2016-05-12 10:19 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2016-05-12 10:18 . 2016-05-12 10:19 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-05-12 10:18 . 2016-05-12 10:19 199680 ----a-w- c:\windows\system32\msrating.dll
2016-05-12 10:18 . 2016-05-12 10:19 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2016-05-12 10:18 . 2016-05-12 10:19 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2016-05-12 10:18 . 2016-05-12 10:19 25816064 ----a-w- c:\windows\system32\mshtml.dll
2016-05-12 10:18 . 2016-05-12 10:19 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2016-05-12 10:14 . 2016-05-12 10:14 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2016-05-12 10:14 . 2016-04-09 03:52 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-03 14:41 . 2016-05-03 14:41 225976 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2016-04-25 16:45 . 2016-04-25 16:45 -------- d-----w- c:\program files (x86)\Omega Memory
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-15 20:02 . 2016-01-28 09:38 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-05-12 22:34 . 2015-02-24 09:51 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-05-12 22:34 . 2015-02-24 09:51 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-05-12 10:43 . 2015-02-24 12:32 139319312 ----a-w- c:\windows\system32\MRT.exe
2016-04-27 21:09 . 2015-08-04 23:31 116248 ----a-w- c:\windows\system32\drivers\inspect.sys
2016-04-27 21:09 . 2015-08-04 23:31 56472 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2016-04-27 21:08 . 2015-11-18 16:14 829608 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2016-04-27 21:08 . 2015-11-18 16:14 31648 ----a-w- c:\windows\system32\drivers\cmderd.sys
2016-04-27 21:05 . 2015-08-04 23:29 51800 ----a-w- c:\windows\system32\cmdcsr.dll
2016-04-27 21:04 . 2015-09-03 10:52 461648 ----a-w- c:\windows\SysWow64\guard32.dll
2016-04-27 21:04 . 2015-09-03 10:52 596232 ----a-w- c:\windows\system32\guard64.dll
2016-04-27 21:00 . 2015-08-04 23:28 365752 ----a-w- c:\windows\system32\cmdvrt64.dll
2016-04-27 20:58 . 2015-08-04 23:28 51896 ----a-w- c:\windows\system32\cmdkbd64.dll
2016-04-27 20:55 . 2015-08-04 23:27 296120 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2016-04-27 20:53 . 2015-08-04 23:26 46776 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2016-04-09 06:58 . 2016-05-12 10:16 344064 ----a-w- c:\windows\system32\schannel.dll
2016-04-09 06:58 . 2016-05-12 10:16 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-04-09 06:54 . 2016-05-12 10:16 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-04-09 06:54 . 2016-05-12 10:16 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-04-09 06:54 . 2016-05-12 10:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-04-08 15:37 . 2016-04-08 15:37 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2016-04-08 15:37 . 2016-04-08 15:37 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2016-04-08 15:37 . 2016-04-08 15:37 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2016-04-08 15:37 . 2016-04-08 15:37 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2016-04-08 15:37 . 2016-04-08 15:37 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2016-04-08 15:37 . 2016-04-08 15:37 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2016-04-08 15:37 . 2016-04-08 15:37 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2016-04-08 15:37 . 2016-04-08 15:37 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2016-04-04 18:14 . 2016-04-13 18:49 38120 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-04-04 18:02 . 2016-04-13 18:49 1169408 ----a-w- c:\windows\system32\aeinv.dll
2016-04-02 13:08 . 2016-04-13 18:49 1386496 ----a-w- c:\windows\system32\appraiser.dll
2016-03-23 14:02 . 2016-04-13 18:49 215040 ----a-w- c:\windows\system32\aepic.dll
2016-03-17 22:56 . 2016-04-13 18:50 2084864 ----a-w- c:\windows\system32\ole32.dll
2016-03-17 22:28 . 2016-04-13 18:50 1414144 ----a-w- c:\windows\SysWow64\ole32.dll
2016-03-17 18:04 . 2016-04-13 18:49 698368 ----a-w- c:\windows\system32\generaltel.dll
2016-03-17 18:04 . 2016-04-13 18:49 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-17 18:04 . 2016-04-13 18:49 279040 ----a-w- c:\windows\system32\invagent.dll
2016-03-17 18:04 . 2016-04-13 18:49 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-16 18:50 . 2016-04-13 18:51 156672 ----a-w- c:\windows\system32\mtxoci.dll
2016-03-16 18:28 . 2016-04-13 18:51 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-03-16 18:28 . 2016-04-13 18:51 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-03-16 00:16 . 2016-04-13 18:49 760320 ----a-w- c:\windows\system32\samsrv.dll
2016-03-16 00:16 . 2016-04-13 18:49 106496 ----a-w- c:\windows\system32\samlib.dll
2016-03-15 23:53 . 2016-04-13 18:49 60416 ----a-w- c:\windows\SysWow64\samlib.dll
2016-03-13 16:25 . 2016-02-14 16:57 16 ----a-w- c:\users\Chuchej\AppData\Roaming\msregsvv.dll
2016-03-08 22:33 . 2016-03-08 22:33 22368 ----a-w- c:\windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 19808 ----a-w- c:\windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 19808 ----a-w- c:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 12640 ----a-w- c:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 12128 ----a-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 22:33 . 2016-03-08 22:33 12128 ----a-w- c:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 12128 ----a-w- c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 12128 ----a-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 22:33 . 2016-03-08 22:33 11616 ----a-w- c:\windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 11616 ----a-w- c:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 11616 ----a-w- c:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 20832 ----a-w- c:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 22:33 . 2016-03-08 22:33 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-03-08 22:33 . 2016-03-08 22:33 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-03-08 22:33 . 2016-03-08 22:33 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-03-08 22:33 . 2016-03-08 22:33 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-03-08 22:33 . 2016-03-08 22:33 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-03-08 22:33 . 2016-03-08 22:33 37888 ----a-w- c:\windows\system32\wups2.dll
2016-03-08 22:33 . 2016-03-08 22:33 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-03-08 22:33 . 2016-03-08 22:33 36864 ----a-w- c:\windows\system32\wups.dll
2016-03-08 22:33 . 2016-03-08 22:33 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-03-08 22:33 . 2016-03-08 22:33 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-03-08 22:33 . 2016-03-08 22:33 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-03-08 22:33 . 2016-03-08 22:33 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-03-08 22:33 . 2016-03-08 22:33 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-03-08 22:33 . 2016-03-08 22:33 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-03-08 22:33 . 2016-03-08 22:33 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-03-08 22:33 . 2016-03-08 22:33 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-03-08 22:33 . 2016-03-08 22:33 84992 ----a-w- c:\windows\system32\asycfilt.dll
2016-03-08 22:33 . 2016-03-08 22:33 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2016-03-08 22:33 . 2016-03-08 22:33 572416 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-03-08 22:31 . 2016-03-08 22:31 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-03-08 22:31 . 2016-03-08 22:31 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-03-08 22:31 . 2016-03-08 22:31 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-03-08 22:31 . 2016-03-08 22:31 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-03-08 22:31 . 2016-03-08 22:31 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-03-08 22:31 . 2016-03-08 22:31 30720 ----a-w- c:\windows\system32\seclogon.dll
2016-03-08 22:31 . 2016-03-08 22:31 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-03-08 22:31 . 2016-03-08 22:31 9728 ----a-w- c:\windows\system32\spwmp.dll
2016-03-08 22:31 . 2016-03-08 22:31 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2016-03-08 22:31 . 2016-03-08 22:31 5120 ----a-w- c:\windows\system32\msdxm.ocx
2016-03-08 22:31 . 2016-03-08 22:31 5120 ----a-w- c:\windows\system32\dxmasf.dll
2016-03-08 22:31 . 2016-03-08 22:31 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2016-03-08 22:31 . 2016-03-08 22:31 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2016-03-08 22:31 . 2016-03-08 22:31 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2016-03-08 22:31 . 2016-03-08 22:31 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2016-03-06 20:44 . 2016-03-06 20:44 56832 ----a-w- c:\windows\system32\RDCP1079.CPL
2016-03-06 20:44 . 2016-03-06 20:44 102400 ----a-w- c:\windows\SysWow64\RDAW1079.DLL
2016-03-06 20:44 . 2016-03-06 20:44 199296 ----a-w- c:\windows\system32\drivers\Rdwm1079.sys
2016-03-06 20:44 . 2016-03-06 20:44 17920 ----a-w- c:\windows\system32\RdCi1079.dll
2016-03-06 20:44 . 2016-03-06 20:44 115712 ----a-w- c:\windows\system32\rdas1079.dll
2016-03-06 20:43 . 2016-03-06 20:44 423424 ----a-w- c:\windows\system32\RDDP1079.DAT
2016-03-06 20:43 . 2016-03-06 20:44 275968 ----a-w- c:\windows\SysWow64\RDAH1079.DAT
2016-03-06 20:40 . 2015-02-25 10:11 109824 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2016-03-06 18:53 . 2016-04-13 18:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-04-12 17:13 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-04-12 17:13 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-04-12 17:13 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-05-08 3077712]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2016-04-17 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"="c:\program files (x86)\Gaming Keyboard\Monitor.exe" [2013-04-09 270336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"PowerDVD15Agent"="c:\program files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" [2015-03-19 950296]
"Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2016-02-24 11336656]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2016-03-18 96056]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-05-15 596504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RDID1079;UA-25EX;c:\windows\system32\Drivers\rdwm1079.sys;c:\windows\SYSNATIVE\Drivers\rdwm1079.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 {687703DE-DC6D-4649-892B-B8497854A6AB};Power Control [2015/12/05 09:50];c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 MSI_LiveUpdate_Service;MSI Live Update Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 XYService;XYService;c:\program files (x86)\AppCola\AppColaService.exe;c:\program files (x86)\AppCola\AppColaService.exe [x]
S3 CLVirtualBus02;CyberLink PowerDVD Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus02.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualBus02.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-05-12 22:35 1186968 ----a-w- c:\program files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-05-03 14:41 287416 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2016-05-14 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-12 22:34]
.
2016-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-24 22:34]
.
2016-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-13 08:49]
.
2016-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-13 08:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-04-12 17:08 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-04-12 17:08 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-04-12 17:08 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-22 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-05-22 1833504]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2016-04-29 1610936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-03-23 176952]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
Trusted Zone: line6.net
TCP: DhcpNameServer = 217.195.165.131 217.195.160.10 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{687703DE-DC6D-4649-892B-B8497854A6AB}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1773302446-1904236754-1123161198-1001\Software\X*Y*©RKb]
@Allowed: (Read) (RestrictedCode)
"InstallPath"="c:\\Program Files (x86)\\AppCola\\"
"Version"="2.4.7.6836"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2016-05-17 17:40:08
ComboFix-quarantined-files.txt 2016-05-17 15:40
.
Před spuštěním: Volných bajtů: 111 211 606 016
Po spuštění: Volných bajtů: 110 914 584 576
.
- - End Of File - - 3B5D935184998CE16FA52C5F969310D9
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.