Hostitel služby: místní systém
Napsal: 18 srp 2016 19:57
Mám stále aktivní proces hostitel služby: místní systém, po ukončení procesu se znovu obnoví. Tento proces mi výrazně zatěžuje internetové připojení.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
Ran by Fanda (administrator) on PC-FANDA (18-08-2016 20:47:48)
Running from C:\Users\Fanda\Desktop
Loaded Profiles: Fanda (Available Profiles: Fanda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dropbox, Inc.) C:\Users\Fanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5111\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(forum.viry.cz) C:\Users\Fanda\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [BitTorrent] => C:\Users\Fanda\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-21] (BitTorrent Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-08-14] ()
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [SoftonicAssistant] => C:\Users\Fanda\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3494920 2014-01-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [Dropbox Update] => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-29] (Dropbox, Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4234944 2016-06-29] (Disc Soft Ltd)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\MountPoints2: {a27833df-a835-11e5-8299-54bef791ac54} - "F:\autorun.exe"
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\MountPoints2: {b5aa51e1-27ee-11e6-82bb-54bef791ac54} - "F:\autorun.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-03-23]
ShortcutTarget: Curse.lnk -> C:\Users\Fanda\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Fanda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{8fa50786-b5e3-46ad-a055-ffaae41de7d7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8fa50786-b5e3-46ad-a055-ffaae41de7d7}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2892951960-3070060372-1058231282-1001 -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-05-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-05-23] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
FireFox:
========
FF ProfilePath: C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2892951960-3070060372-1058231282-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\searchplugins\google-avast.xml [2015-01-27]
FF Extension: BetterTTV - C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\Extensions\firefox@betterttv.net.xpi [2016-01-04]
FF Extension: Adblock Plus - C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18]
CHR Extension: (Dokumenty Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-18]
CHR Extension: (Disk Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18]
CHR Extension: (YouTube) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-18]
CHR Extension: (Peněženka Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (Gmail) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-25] (Digital Wave Ltd.)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1378496 2016-06-29] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2016-07-19] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-09-09] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-09-09] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2016-08-14] (Leapdroid Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-07-19] (Duplex Secure Ltd)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-18 20:47 - 2016-08-18 20:48 - 00023901 _____ C:\Users\Fanda\Desktop\FRST.txt
2016-08-18 20:47 - 2016-08-18 20:47 - 00000000 ____D C:\FRST
2016-08-18 20:46 - 2016-08-18 20:47 - 00112640 _____ (forum.viry.cz) C:\Users\Fanda\Desktop\FRSTLauncher.exe
2016-08-18 20:45 - 2016-08-18 20:47 - 02394624 _____ (Farbar) C:\Users\Fanda\Desktop\FRST64.exe
2016-08-18 17:35 - 2016-08-18 17:36 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-18 17:17 - 2016-08-18 17:17 - 00000000 ___HD C:\OneDriveTemp
2016-08-14 13:33 - 2016-08-14 13:33 - 00001879 _____ C:\Users\Fanda\Desktop\Leapdroid VM2.lnk
2016-08-14 13:33 - 2016-08-14 13:33 - 00001879 _____ C:\Users\Fanda\Desktop\Leapdroid VM1.lnk
2016-08-14 13:33 - 2016-08-14 13:33 - 00000000 ____D C:\Users\Fanda\AppData\Local\Leapdroid
2016-08-14 13:33 - 2016-08-14 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapdroidVM
2016-08-14 13:32 - 2016-08-14 15:33 - 00000000 ____D C:\Users\Fanda\Documents\Leapdroid
2016-08-14 13:32 - 2016-08-14 13:32 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\yiwanzhushou
2016-08-14 13:31 - 2016-08-14 13:33 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Leapdroid
2016-08-14 13:31 - 2016-08-14 13:31 - 00000000 ____D C:\Program Files\Leapdroid
2016-08-14 13:12 - 2016-08-14 13:12 - 00002550 _____ C:\Users\Fanda\Desktop\Hearthstone Deck Tracker.lnk
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Local\SquirrelTemp
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Local\HearthstoneDeckTracker
2016-08-13 11:51 - 2016-08-14 13:31 - 280994872 _____ (Leapdroid) C:\Users\Fanda\Downloads\LeapdroidVMInstallerFull.exe
2016-08-11 20:58 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-11 20:58 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-11 20:58 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-11 20:58 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-11 20:58 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-11 20:58 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-11 20:58 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-11 20:58 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-11 20:58 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-11 20:58 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-11 20:58 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-11 20:58 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-11 20:58 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-11 20:58 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-11 20:58 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-11 20:58 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-11 20:58 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-11 20:58 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-11 20:58 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-11 20:58 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-11 20:58 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-11 20:58 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-11 20:58 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-11 20:58 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-11 20:58 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-11 20:58 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-11 20:58 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-11 20:58 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-11 20:58 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-11 20:58 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-11 20:58 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-11 20:58 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-11 20:58 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-11 20:58 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-11 20:58 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-11 20:58 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-11 20:58 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-11 20:58 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-11 20:58 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-11 20:58 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-11 20:58 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-11 20:58 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-11 20:58 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-11 20:58 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-11 20:58 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-11 20:58 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-11 20:58 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-11 20:58 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-11 20:58 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-11 20:58 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-11 20:58 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-11 20:58 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-11 20:58 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-11 20:58 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-11 20:58 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-11 20:58 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-11 20:58 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-11 20:58 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-11 20:58 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-11 20:58 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-11 20:58 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-11 20:58 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-11 20:58 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-11 20:58 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-11 20:58 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-11 20:58 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-11 20:58 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-11 20:58 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-11 20:58 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-11 20:58 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-11 20:58 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-11 20:58 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-11 20:58 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-11 20:58 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-11 20:58 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-11 20:58 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-11 20:58 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-11 20:57 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-11 20:57 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-11 20:57 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-11 20:57 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-11 20:57 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-11 20:57 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-11 20:57 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-11 20:57 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-11 20:57 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-11 20:57 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-11 20:57 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-11 20:57 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-11 20:57 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-11 20:57 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-11 20:57 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-11 20:57 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-11 20:57 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-11 20:57 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-11 20:57 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-11 20:57 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-11 20:57 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-11 20:57 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-11 20:57 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-11 20:57 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-11 20:57 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-11 20:57 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-11 20:57 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-11 20:57 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-11 20:57 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-11 20:57 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-11 20:57 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-11 20:57 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-11 20:57 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-07 12:35 - 2016-08-07 12:35 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-02 22:42 - 2016-08-02 22:42 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-02 21:24 - 2016-08-02 21:24 - 00000000 ____D C:\Users\Fanda\AppData\LocalLow\Blizzard Entertainment
2016-08-02 19:30 - 2016-08-02 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-02 19:30 - 2016-08-02 19:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-24 12:09 - 2016-07-24 12:09 - 00001241 _____ C:\Users\Public\Desktop\Call of Duty 2.lnk
2016-07-24 12:09 - 2016-07-24 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-07-24 12:04 - 2016-07-24 12:04 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-07-20 07:00 - 2016-07-20 10:29 - 00000000 ____D C:\Users\Fanda\Downloads\Schindlers.List.1993.1080p.BluRay.x264.anoXmous
2016-07-20 07:00 - 2016-07-20 08:41 - 00000000 ____D C:\Users\Fanda\Downloads\The Good The Bad And The Ugly (1966) [1080p]
2016-07-20 06:11 - 2016-07-20 06:32 - 00000000 ____D C:\Users\Fanda\Downloads\The Green Mile (1999) 720p BRRiP x264 AAC [Team Nanban]
2016-07-20 01:59 - 2016-07-20 02:03 - 00000000 ____D C:\Users\Fanda\Downloads\Pulp.Fiction.1994.1080p.BluRay.x264.DTS-ETRG
2016-07-20 00:31 - 2016-07-20 01:15 - 00000000 ____D C:\Users\Fanda\Downloads\Batman The Dark Knight (2008) [1080p]
2016-07-19 23:56 - 2016-07-20 00:20 - 00000000 ____D C:\Users\Fanda\Downloads\12 Angry Men (1957)
2016-07-19 22:37 - 2016-07-19 22:45 - 00000000 ____D C:\Users\Fanda\Downloads\Gran Torino (2008) [1080p]
2016-07-19 19:37 - 2016-07-19 19:37 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA 2
2016-07-19 19:37 - 2016-07-19 19:37 - 00000000 ____D C:\TA2DST
2016-07-19 19:36 - 2016-07-19 19:41 - 00000000 ____D C:\Users\Fanda\Documents\ArmA 2
2016-07-19 19:36 - 2016-07-19 19:36 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA 2 OA
2016-07-19 19:06 - 2016-07-19 19:06 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArmA 2
2016-07-19 17:55 - 2016-07-24 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-07-19 17:55 - 2016-07-19 19:21 - 00000000 ____D C:\Program Files (x86)\ArmA 2
2016-07-19 17:32 - 2016-07-19 17:37 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA
2016-07-19 17:32 - 2016-07-19 17:32 - 00000000 ____D C:\Users\Fanda\Documents\ArmA
2016-07-19 17:28 - 2016-07-19 17:28 - 00431104 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00409600 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00108144 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00001040 _____ C:\Users\Fanda\Desktop\Launch ArmA.lnk
2016-07-19 17:28 - 2016-07-19 17:28 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-07-19 17:28 - 2016-07-19 17:28 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-07-19 17:28 - 2006-12-14 20:47 - 00782336 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpBF.tmp
2016-07-19 17:24 - 2016-07-19 17:31 - 00000000 ____D C:\Program Files\Bohemia Interactive
2016-07-19 17:21 - 2016-07-19 17:23 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\DAEMON Tools Pro
2016-07-19 17:21 - 2016-07-19 17:21 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtproscsibus.sys
2016-07-19 17:21 - 2016-07-19 17:21 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-07-19 17:21 - 2016-07-19 17:21 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2016-07-19 17:18 - 2016-07-19 17:18 - 02975424 _____ (Disc Soft Ltd) C:\Users\Fanda\Downloads\DTProInstaller.exe
2016-07-19 17:11 - 2016-08-02 19:31 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-19 17:11 - 2016-08-02 19:31 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-19 17:07 - 2016-07-19 17:07 - 00203832 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2016-07-19 17:06 - 2016-07-19 17:06 - 07360080 _____ (Alcohol Soft Development Team) C:\Users\Fanda\Downloads\Alcohol52_trial_2.0.3.8806_8faaa86ad04d6fdb0ec8942c6c4949f3.exe
2016-07-19 17:06 - 2016-07-19 17:06 - 01021248 _____ ( ) C:\Users\Fanda\Downloads\downloader_for_Alcohol52_trial_2.0.3.8806.exe
2016-07-19 06:32 - 2016-07-19 06:35 - 00000000 ____D C:\Users\Fanda\Downloads\ArmA 2 Combined Operations 1.60 JimbusEd
2016-07-19 03:06 - 2016-07-19 06:14 - 00000000 ____D C:\Users\Fanda\Downloads\Call of duty 2 repack Mr DJ
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-18 20:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-18 20:44 - 2014-12-28 04:17 - 00000000 ____D C:\Users\Fanda\AppData\Local\Battle.net
2016-08-18 20:34 - 2014-12-28 04:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-18 19:39 - 2016-01-26 04:54 - 01960536 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-18 19:39 - 2015-10-30 20:31 - 00812312 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-18 19:39 - 2015-10-30 20:31 - 00182744 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-18 19:39 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-18 19:15 - 2015-09-06 23:47 - 00000002 _____ C:\end
2016-08-18 19:15 - 2015-01-03 01:14 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-08-18 19:10 - 2016-01-26 05:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-18 19:07 - 2015-06-29 12:57 - 00000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001UA.job
2016-08-18 18:48 - 2015-01-04 12:07 - 00003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForFanda
2016-08-18 18:48 - 2015-01-04 12:07 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForFanda.job
2016-08-18 18:47 - 2014-12-24 23:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-18 17:36 - 2016-01-26 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-18 17:22 - 2014-12-24 22:32 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39F915E6-960A-4D6E-B4C9-A55C43B18B8E}
2016-08-18 17:18 - 2014-12-28 14:14 - 00000000 ____D C:\Users\Fanda\AppData\Local\LogMeIn Hamachi
2016-08-18 17:17 - 2015-01-05 22:36 - 00000000 ___RD C:\Users\Fanda\Dropbox
2016-08-18 17:17 - 2014-12-24 23:00 - 00000000 __RDO C:\Users\Fanda\OneDrive
2016-08-18 17:15 - 2016-01-26 04:51 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-17 23:33 - 2016-01-26 04:54 - 00000000 ____D C:\Users\Fanda
2016-08-17 23:23 - 2015-03-23 23:06 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Curse Client
2016-08-17 21:16 - 2014-12-25 20:42 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Skype
2016-08-17 19:21 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-14 16:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 13:12 - 2016-01-18 17:44 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\HearthstoneDeckTracker
2016-08-14 13:05 - 2015-12-18 16:22 - 00000000 ____D C:\Users\Fanda\Downloads\Hearthstone Deck Tracker
2016-08-14 04:34 - 2014-12-28 04:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-14 03:56 - 2014-12-11 13:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-14 03:32 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 03:31 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-14 03:31 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-14 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-13 19:09 - 2015-12-25 01:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-13 19:09 - 2014-12-25 20:42 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 22:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-11 22:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-11 22:35 - 2014-12-26 06:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-11 22:32 - 2014-12-26 06:52 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-07 12:35 - 2015-01-05 16:49 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Dropbox
2016-08-03 11:07 - 2015-06-29 12:57 - 00000884 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001Core.job
2016-08-02 22:42 - 2014-12-11 13:38 - 00298645 ____N C:\WINDOWS\Minidump\080216-21906-01.dmp
2016-07-31 21:16 - 2015-01-21 16:29 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\vlc
2016-07-27 21:25 - 2016-01-26 17:57 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 11:28 - 2015-01-28 01:06 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-07-24 10:46 - 2015-01-26 21:50 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\DVDVideoSoft
2016-07-20 21:16 - 2014-12-25 00:26 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\BitTorrent
2016-07-19 17:06 - 2014-12-28 16:53 - 00000563 _____ C:\Users\Fanda\Documents\ax_files.xml
2016-07-19 05:11 - 2016-07-18 23:27 - 1942462464 _____ C:\Users\Fanda\Downloads\Pelíšky-(1999)-Monty-698.avi
==================== Files in the root of some directories =======
2015-11-03 17:42 - 2015-11-03 17:49 - 0000129 _____ () C:\Users\Fanda\AppData\Roaming\Camdata.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0000408 _____ () C:\Users\Fanda\AppData\Roaming\CamLayout.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0000408 _____ () C:\Users\Fanda\AppData\Roaming\CamShapes.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0004546 _____ () C:\Users\Fanda\AppData\Roaming\CamStudio.cfg
2015-11-03 17:26 - 2015-11-03 17:47 - 0000096 _____ () C:\Users\Fanda\AppData\Roaming\version2.xml
2015-10-26 23:13 - 2015-10-26 23:13 - 0001471 _____ () C:\Users\Fanda\AppData\Local\recently-used.xbel
2015-02-14 02:44 - 2015-02-14 02:44 - 0007602 _____ () C:\Users\Fanda\AppData\Local\Resmon.ResmonCfg
2015-06-17 18:34 - 2015-06-17 18:34 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\Fanda\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Fanda\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Fanda\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Fanda\AppData\Local\Temp\Gw2.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\Fanda\AppData\Local\Temp\tmd_34015593.exe
C:\Users\Fanda\AppData\Local\Temp\vlc-2.2.4-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001Core.job => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001UA.job => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFanda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Fanda\Desktop" je 4084 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
Ran by Fanda (administrator) on PC-FANDA (18-08-2016 20:47:48)
Running from C:\Users\Fanda\Desktop
Loaded Profiles: Fanda (Available Profiles: Fanda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dropbox, Inc.) C:\Users\Fanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5111\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7730\Battle.net Helper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(forum.viry.cz) C:\Users\Fanda\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [BitTorrent] => C:\Users\Fanda\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-21] (BitTorrent Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-08-14] ()
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [SoftonicAssistant] => C:\Users\Fanda\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3494920 2014-01-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [Dropbox Update] => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-29] (Dropbox, Inc.)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4234944 2016-06-29] (Disc Soft Ltd)
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\MountPoints2: {a27833df-a835-11e5-8299-54bef791ac54} - "F:\autorun.exe"
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\...\MountPoints2: {b5aa51e1-27ee-11e6-82bb-54bef791ac54} - "F:\autorun.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Fanda\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-03-23]
ShortcutTarget: Curse.lnk -> C:\Users\Fanda\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Fanda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{8fa50786-b5e3-46ad-a055-ffaae41de7d7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8fa50786-b5e3-46ad-a055-ffaae41de7d7}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2892951960-3070060372-1058231282-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2892951960-3070060372-1058231282-1001 -> {5D46B2AE-0319-43B1-9E14-F524CB36D092} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-05-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-05-23] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
FireFox:
========
FF ProfilePath: C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2892951960-3070060372-1058231282-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\searchplugins\google-avast.xml [2015-01-27]
FF Extension: BetterTTV - C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\Extensions\firefox@betterttv.net.xpi [2016-01-04]
FF Extension: Adblock Plus - C:\Users\Fanda\AppData\Roaming\Mozilla\Firefox\Profiles\945y531f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18]
CHR Extension: (Dokumenty Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-18]
CHR Extension: (Disk Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18]
CHR Extension: (YouTube) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-18]
CHR Extension: (Peněženka Google) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (Gmail) - C:\Users\Fanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-25] (Digital Wave Ltd.)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1378496 2016-06-29] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2016-07-19] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-09-09] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-09-09] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2016-08-14] (Leapdroid Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-07-19] (Duplex Secure Ltd)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-18 20:47 - 2016-08-18 20:48 - 00023901 _____ C:\Users\Fanda\Desktop\FRST.txt
2016-08-18 20:47 - 2016-08-18 20:47 - 00000000 ____D C:\FRST
2016-08-18 20:46 - 2016-08-18 20:47 - 00112640 _____ (forum.viry.cz) C:\Users\Fanda\Desktop\FRSTLauncher.exe
2016-08-18 20:45 - 2016-08-18 20:47 - 02394624 _____ (Farbar) C:\Users\Fanda\Desktop\FRST64.exe
2016-08-18 17:35 - 2016-08-18 17:36 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-18 17:17 - 2016-08-18 17:17 - 00000000 ___HD C:\OneDriveTemp
2016-08-14 13:33 - 2016-08-14 13:33 - 00001879 _____ C:\Users\Fanda\Desktop\Leapdroid VM2.lnk
2016-08-14 13:33 - 2016-08-14 13:33 - 00001879 _____ C:\Users\Fanda\Desktop\Leapdroid VM1.lnk
2016-08-14 13:33 - 2016-08-14 13:33 - 00000000 ____D C:\Users\Fanda\AppData\Local\Leapdroid
2016-08-14 13:33 - 2016-08-14 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapdroidVM
2016-08-14 13:32 - 2016-08-14 15:33 - 00000000 ____D C:\Users\Fanda\Documents\Leapdroid
2016-08-14 13:32 - 2016-08-14 13:32 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\yiwanzhushou
2016-08-14 13:31 - 2016-08-14 13:33 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Leapdroid
2016-08-14 13:31 - 2016-08-14 13:31 - 00000000 ____D C:\Program Files\Leapdroid
2016-08-14 13:12 - 2016-08-14 13:12 - 00002550 _____ C:\Users\Fanda\Desktop\Hearthstone Deck Tracker.lnk
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Local\SquirrelTemp
2016-08-14 13:12 - 2016-08-14 13:12 - 00000000 ____D C:\Users\Fanda\AppData\Local\HearthstoneDeckTracker
2016-08-13 11:51 - 2016-08-14 13:31 - 280994872 _____ (Leapdroid) C:\Users\Fanda\Downloads\LeapdroidVMInstallerFull.exe
2016-08-11 20:58 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-11 20:58 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-11 20:58 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-11 20:58 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-11 20:58 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-11 20:58 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-11 20:58 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-11 20:58 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-11 20:58 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-11 20:58 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-11 20:58 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-11 20:58 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-11 20:58 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-11 20:58 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-11 20:58 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-11 20:58 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-11 20:58 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-11 20:58 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-11 20:58 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-11 20:58 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-11 20:58 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-11 20:58 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-11 20:58 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-11 20:58 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-11 20:58 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-11 20:58 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-11 20:58 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-11 20:58 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-11 20:58 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-11 20:58 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-11 20:58 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-11 20:58 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-11 20:58 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-11 20:58 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-11 20:58 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-11 20:58 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-11 20:58 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-11 20:58 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-11 20:58 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-11 20:58 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-11 20:58 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-11 20:58 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-11 20:58 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-11 20:58 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-11 20:58 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-11 20:58 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-11 20:58 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-11 20:58 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-11 20:58 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-11 20:58 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-11 20:58 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-11 20:58 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-11 20:58 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-11 20:58 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-11 20:58 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-11 20:58 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-11 20:58 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-11 20:58 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-11 20:58 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-11 20:58 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-11 20:58 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-11 20:58 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-11 20:58 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-11 20:58 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-11 20:58 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-11 20:58 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-11 20:58 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-11 20:58 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-11 20:58 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-11 20:58 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-11 20:58 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-11 20:58 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-11 20:58 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-11 20:58 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-11 20:58 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-11 20:58 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-11 20:58 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-11 20:58 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-11 20:58 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-11 20:58 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-11 20:58 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-11 20:58 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-11 20:58 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-11 20:57 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-11 20:57 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-11 20:57 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-11 20:57 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-11 20:57 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-11 20:57 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-11 20:57 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-11 20:57 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-11 20:57 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-11 20:57 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-11 20:57 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-11 20:57 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-11 20:57 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-11 20:57 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-11 20:57 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-11 20:57 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-11 20:57 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-11 20:57 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-11 20:57 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-11 20:57 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-11 20:57 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-11 20:57 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-11 20:57 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-11 20:57 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-11 20:57 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-11 20:57 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-11 20:57 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-11 20:57 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-11 20:57 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-11 20:57 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-11 20:57 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-11 20:57 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-11 20:57 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-07 12:35 - 2016-08-07 12:35 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-02 22:42 - 2016-08-02 22:42 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-02 21:24 - 2016-08-02 21:24 - 00000000 ____D C:\Users\Fanda\AppData\LocalLow\Blizzard Entertainment
2016-08-02 19:30 - 2016-08-02 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-02 19:30 - 2016-08-02 19:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-24 12:09 - 2016-07-24 12:09 - 00001241 _____ C:\Users\Public\Desktop\Call of Duty 2.lnk
2016-07-24 12:09 - 2016-07-24 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-07-24 12:04 - 2016-07-24 12:04 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-07-20 07:00 - 2016-07-20 10:29 - 00000000 ____D C:\Users\Fanda\Downloads\Schindlers.List.1993.1080p.BluRay.x264.anoXmous
2016-07-20 07:00 - 2016-07-20 08:41 - 00000000 ____D C:\Users\Fanda\Downloads\The Good The Bad And The Ugly (1966) [1080p]
2016-07-20 06:11 - 2016-07-20 06:32 - 00000000 ____D C:\Users\Fanda\Downloads\The Green Mile (1999) 720p BRRiP x264 AAC [Team Nanban]
2016-07-20 01:59 - 2016-07-20 02:03 - 00000000 ____D C:\Users\Fanda\Downloads\Pulp.Fiction.1994.1080p.BluRay.x264.DTS-ETRG
2016-07-20 00:31 - 2016-07-20 01:15 - 00000000 ____D C:\Users\Fanda\Downloads\Batman The Dark Knight (2008) [1080p]
2016-07-19 23:56 - 2016-07-20 00:20 - 00000000 ____D C:\Users\Fanda\Downloads\12 Angry Men (1957)
2016-07-19 22:37 - 2016-07-19 22:45 - 00000000 ____D C:\Users\Fanda\Downloads\Gran Torino (2008) [1080p]
2016-07-19 19:37 - 2016-07-19 19:37 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA 2
2016-07-19 19:37 - 2016-07-19 19:37 - 00000000 ____D C:\TA2DST
2016-07-19 19:36 - 2016-07-19 19:41 - 00000000 ____D C:\Users\Fanda\Documents\ArmA 2
2016-07-19 19:36 - 2016-07-19 19:36 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA 2 OA
2016-07-19 19:06 - 2016-07-19 19:06 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArmA 2
2016-07-19 17:55 - 2016-07-24 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-07-19 17:55 - 2016-07-19 19:21 - 00000000 ____D C:\Program Files (x86)\ArmA 2
2016-07-19 17:32 - 2016-07-19 17:37 - 00000000 ____D C:\Users\Fanda\AppData\Local\ArmA
2016-07-19 17:32 - 2016-07-19 17:32 - 00000000 ____D C:\Users\Fanda\Documents\ArmA
2016-07-19 17:28 - 2016-07-19 17:28 - 00431104 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00409600 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00108144 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt.dll
2016-07-19 17:28 - 2016-07-19 17:28 - 00001040 _____ C:\Users\Fanda\Desktop\Launch ArmA.lnk
2016-07-19 17:28 - 2016-07-19 17:28 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-07-19 17:28 - 2016-07-19 17:28 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-07-19 17:28 - 2006-12-14 20:47 - 00782336 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpBF.tmp
2016-07-19 17:24 - 2016-07-19 17:31 - 00000000 ____D C:\Program Files\Bohemia Interactive
2016-07-19 17:21 - 2016-07-19 17:23 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\DAEMON Tools Pro
2016-07-19 17:21 - 2016-07-19 17:21 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtproscsibus.sys
2016-07-19 17:21 - 2016-07-19 17:21 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-07-19 17:21 - 2016-07-19 17:21 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2016-07-19 17:18 - 2016-07-19 17:18 - 02975424 _____ (Disc Soft Ltd) C:\Users\Fanda\Downloads\DTProInstaller.exe
2016-07-19 17:11 - 2016-08-02 19:31 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-19 17:11 - 2016-08-02 19:31 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-19 17:07 - 2016-07-19 17:07 - 00203832 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2016-07-19 17:06 - 2016-07-19 17:06 - 07360080 _____ (Alcohol Soft Development Team) C:\Users\Fanda\Downloads\Alcohol52_trial_2.0.3.8806_8faaa86ad04d6fdb0ec8942c6c4949f3.exe
2016-07-19 17:06 - 2016-07-19 17:06 - 01021248 _____ ( ) C:\Users\Fanda\Downloads\downloader_for_Alcohol52_trial_2.0.3.8806.exe
2016-07-19 06:32 - 2016-07-19 06:35 - 00000000 ____D C:\Users\Fanda\Downloads\ArmA 2 Combined Operations 1.60 JimbusEd
2016-07-19 03:06 - 2016-07-19 06:14 - 00000000 ____D C:\Users\Fanda\Downloads\Call of duty 2 repack Mr DJ
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-18 20:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-18 20:44 - 2014-12-28 04:17 - 00000000 ____D C:\Users\Fanda\AppData\Local\Battle.net
2016-08-18 20:34 - 2014-12-28 04:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-18 19:39 - 2016-01-26 04:54 - 01960536 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-18 19:39 - 2015-10-30 20:31 - 00812312 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-18 19:39 - 2015-10-30 20:31 - 00182744 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-18 19:39 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-18 19:15 - 2015-09-06 23:47 - 00000002 _____ C:\end
2016-08-18 19:15 - 2015-01-03 01:14 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-08-18 19:10 - 2016-01-26 05:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-18 19:07 - 2015-06-29 12:57 - 00000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001UA.job
2016-08-18 18:48 - 2015-01-04 12:07 - 00003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForFanda
2016-08-18 18:48 - 2015-01-04 12:07 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForFanda.job
2016-08-18 18:47 - 2014-12-24 23:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-18 17:36 - 2016-01-26 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-18 17:22 - 2014-12-24 22:32 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39F915E6-960A-4D6E-B4C9-A55C43B18B8E}
2016-08-18 17:18 - 2014-12-28 14:14 - 00000000 ____D C:\Users\Fanda\AppData\Local\LogMeIn Hamachi
2016-08-18 17:17 - 2015-01-05 22:36 - 00000000 ___RD C:\Users\Fanda\Dropbox
2016-08-18 17:17 - 2014-12-24 23:00 - 00000000 __RDO C:\Users\Fanda\OneDrive
2016-08-18 17:15 - 2016-01-26 04:51 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-17 23:33 - 2016-01-26 04:54 - 00000000 ____D C:\Users\Fanda
2016-08-17 23:23 - 2015-03-23 23:06 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Curse Client
2016-08-17 21:16 - 2014-12-25 20:42 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Skype
2016-08-17 19:21 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-14 16:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 13:12 - 2016-01-18 17:44 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\HearthstoneDeckTracker
2016-08-14 13:05 - 2015-12-18 16:22 - 00000000 ____D C:\Users\Fanda\Downloads\Hearthstone Deck Tracker
2016-08-14 04:34 - 2014-12-28 04:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-14 03:56 - 2014-12-11 13:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-14 03:32 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 03:31 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-14 03:31 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-14 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-13 19:09 - 2015-12-25 01:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-13 19:09 - 2014-12-25 20:42 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 22:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-11 22:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-11 22:35 - 2014-12-26 06:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-11 22:32 - 2014-12-26 06:52 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-07 12:35 - 2015-01-05 16:49 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\Dropbox
2016-08-03 11:07 - 2015-06-29 12:57 - 00000884 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001Core.job
2016-08-02 22:42 - 2014-12-11 13:38 - 00298645 ____N C:\WINDOWS\Minidump\080216-21906-01.dmp
2016-07-31 21:16 - 2015-01-21 16:29 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\vlc
2016-07-27 21:25 - 2016-01-26 17:57 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-24 11:28 - 2015-01-28 01:06 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-07-24 10:46 - 2015-01-26 21:50 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\DVDVideoSoft
2016-07-20 21:16 - 2014-12-25 00:26 - 00000000 ____D C:\Users\Fanda\AppData\Roaming\BitTorrent
2016-07-19 17:06 - 2014-12-28 16:53 - 00000563 _____ C:\Users\Fanda\Documents\ax_files.xml
2016-07-19 05:11 - 2016-07-18 23:27 - 1942462464 _____ C:\Users\Fanda\Downloads\Pelíšky-(1999)-Monty-698.avi
==================== Files in the root of some directories =======
2015-11-03 17:42 - 2015-11-03 17:49 - 0000129 _____ () C:\Users\Fanda\AppData\Roaming\Camdata.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0000408 _____ () C:\Users\Fanda\AppData\Roaming\CamLayout.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0000408 _____ () C:\Users\Fanda\AppData\Roaming\CamShapes.ini
2015-11-03 17:42 - 2015-11-03 17:49 - 0004546 _____ () C:\Users\Fanda\AppData\Roaming\CamStudio.cfg
2015-11-03 17:26 - 2015-11-03 17:47 - 0000096 _____ () C:\Users\Fanda\AppData\Roaming\version2.xml
2015-10-26 23:13 - 2015-10-26 23:13 - 0001471 _____ () C:\Users\Fanda\AppData\Local\recently-used.xbel
2015-02-14 02:44 - 2015-02-14 02:44 - 0007602 _____ () C:\Users\Fanda\AppData\Local\Resmon.ResmonCfg
2015-06-17 18:34 - 2015-06-17 18:34 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\Fanda\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Fanda\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Fanda\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Fanda\AppData\Local\Temp\Gw2.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Fanda\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\Fanda\AppData\Local\Temp\tmd_34015593.exe
C:\Users\Fanda\AppData\Local\Temp\vlc-2.2.4-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001Core.job => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2892951960-3070060372-1058231282-1001UA.job => C:\Users\Fanda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFanda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Fanda\Desktop" je 4084 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================