Stránka 1 z 1

Preventivka

Napsal: 04 zář 2016 13:21
od jasanek
Prosím o preventivní kontrolu. Děkuji.

info.txt logfile of random's system information tool 1.10 2016-09-04 14:12:40

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A0841094100008001010007FEFFFF3F00000041CFA40B00FEFFFF0FFEFFFF80CFA40B418ACB68000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->C:\Program Files (x86)\InstallShield Installation Information\{290E27C0-1927-4E9A-8857-9A286BFB3DC3}\Setup.exe -runfromtemp -l0x0405 /removeonly
ABBYY FineReader 9.0 Professional Edition-->MsiExec.exe /I{F9000000-0001-0000-0000-074957833700}
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 22 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824191728}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Cerberus FTP Server-->MsiExec.exe /I{A64A0A39-0943-4505-B22D-7DD3EFACBDE1}
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
CZ-->MsiExec.exe /I{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}
DU Meter-->"C:\Program Files (x86)\DU Meter\unins000.exe"
EasySaver B9.1214.1 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{07300F01-89CA-4CF8-92BD-2A605EB83C95}\setup.exe" -l0x9 -removeonly
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
FormatFactory 3.9.5.0-->C:\Program Files (x86)\FormatFactory\uninst.exe
Google Earth Pro-->MsiExec.exe /I{35DAA04C-1720-4BE3-A920-A03731EC6A1D}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
IrfanView 64 (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 8 Update 91 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418091F0}
Jpeg Resampler Vs 6+-->"C:\Program Files (x86)\JpegResampler2010\unins000.exe"
Microsoft .NET Framework 4.6.1 (CSY)-->MsiExec.exe /X{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}
Microsoft .NET Framework 4.6.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.6.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.6.1-->MsiExec.exe /X{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 46.0.1 (x64 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 45.2.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Phaser 6121MFP-S Scan Dashboard-->C:\Program Files (x86)\InstallShield Installation Information\{A687AAF2-CDF6-4673-B74D-5B350310D929}\Setup.exe -runfromtemp -l0x0005 -removeonly
Realtek Ethernet Controller Driver For Windows Vista and Later-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly
Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe -k -m -nrg2709
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
Security Update for Microsoft .NET Framework 4.6.1 (KB3122661)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {52670DE2-48BC-310D-B2C2-0CA3EFBEBC2F}
Security Update for Microsoft .NET Framework 4.6.1 (KB3127233)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {30D29D7D-5801-31A0-A209-6B6EC9785CDE}
Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {CD825BC8-B8A8-3B73-98AD-3D10A9576E9A}
Security Update for Microsoft .NET Framework 4.6.1 (KB3142037)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {C06D6487-BA82-3BBD-B95C-2B68D0026BD1}
Security Update for Microsoft .NET Framework 4.6.1 (KB3143693)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {19FD565A-D4E7-3718-879B-08B18F837E1A}
Security Update for Microsoft .NET Framework 4.6.1 (KB3164025)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe /uninstallpatch {1224FB06-57C1-3C51-93F9-CFD9BCE4C8CA}
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A33F3451-9AD4-46C0-9CDB-AA38071CDAB5}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488CDF0A-098C-4CF5-8552-DA5F2F7B7829}
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E359D786-B101-4545-B8AB-8652323CF3CA}
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {800D1A82-D1B0-4ED4-89B4-C666B570ABA5}
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE}
Security Update for Microsoft Office 2007 suites (KB3114442) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {69E0CBF6-BBD9-43F8-86DD-13B247CC26BE}
Security Update for Microsoft Office 2007 suites (KB3114893) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D12CCAE-88B0-4983-8051-B94683B84F03}
Security Update for Microsoft Office 2007 suites (KB3115109) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1977B207-301C-484B-B70F-98B506234D55}
Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115308) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E793C11F-418E-43CE-BB22-84EB1CA517EE}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115464) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D732098C-6DD7-4D8D-A9DC-F33D6ABC7A80}
Security Update for Microsoft Office Excel 2007 (KB3115306) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {57006E27-A90D-4357-8BA7-F8A9AE8E3FEF}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26C5C75F-E1FD-4F95-AA29-CA221C3AFEEE}
Security Update for Microsoft Office OneNote 2007 (KB3114456) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E0F25378-0690-4F53-998A-F5D63412BBD7}
Security Update for Microsoft Office Outlook 2007 (KB3114981) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F94F551-FCE9-446E-B18A-31FC23C00469}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B9E85A9D-2565-4DDC-A21D-34DACF7D716A}
Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {724051CF-E09E-4F84-9946-F5014AB7389B}
Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7FE99CC2-FBE5-422F-A6FB-49E0D8AFE919}
Security Update for Microsoft Office Word 2007 (KB3115465) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C53CCF1F-EBCE-4DF3-A257-EE26D7A7C439}
Sweet Home 3D version 5.2-->"C:\Program Files\Sweet Home 3D\unins000.exe"
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\Totalcmd\tcunin64.exe
Trainz: Engineer's Edition-->"E:\Program Files (x86)\Auran\TS2010\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115461) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8C829BE5-F60C-417A-89E3-9A1B427320F2}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
USB2.0 PC Camera-->C:\Program Files (x86)\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x0009 -removeonly -u
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Xerox Phaser 6121MFP-S Scanner-->C:\Program Files (x86)\InstallShield Installation Information\{290E27C0-1927-4E9A-8857-9A286BFB3DC3}\Setup.exe -runfromtemp -l0x0405 /removeonly
Xerox Phaser 6121MFP-S-->XUINST0H.EXE /TABOR_A3

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: PCI\VEN_1822&DEV_4E35&SUBSYS_00031AE4&REV_01
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI4CD7.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_1cb47afd41a7ee85213c5cca816a049921d43_cab_05d94da2

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 47e3c919-237d-11e6-a26a-d60170b6d3bc
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20160526200607.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20160526200604.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20160526200558.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20160526200552.998121-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20160526200553.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160526200530.752482-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160526200530.752482-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x3212d
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160526200530.315681-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160526200528.006877-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160526200527.850877-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503

-----------------EOF-----------------

Re: Preventivka

Napsal: 05 zář 2016 17:03
od Rudy
Zdravím!
Z tohoto logu (info.txt) nezjistím nic. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

Re: Preventivka

Napsal: 05 zář 2016 17:11
od jasanek
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by jasan (administrator) on JASAN-PC (05-09-2016 18:01:54)
Running from C:\Users\jasan\Desktop
Loaded Profiles: jasan (Available Profiles: jasan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Cerberus, LLC) C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2std.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\tsnp2std.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(emc) C:\Users\jasan\AppData\Roaming\uTorrent\uninstall.exe
(BitTorrent, Inc.) C:\Users\jasan\AppData\Roaming\uTorrent\utorrent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD64.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-08] (Realtek Semiconductor)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [344064 2007-09-28] (Sonix)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [tsnp2std] => C:\Windows\tsnp2std.exe
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Run: [VirtualDiskAutomount] => rundll32 "C:\Program Files\Totalcmd\plugins\wfx\VirtualDisk\VirtualDisk.wfx64",MountAfterReboot
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [9738392 2015-08-03] (Hagel Technologies Ltd.)
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Run: [uTorrent] => C:\Users\jasan\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\MountPoints2: {1edb20e4-237d-11e6-a26a-806e6f6e6963} - H:\1011_USB20PCCam_5.7.19104.100.exe
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Winlogon: [Shell] explorer.exe,"C:\Users\jasan\AppData\Roaming\System.exe" <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D30CA68-C5C9-43E2-B2D1-3C067247E87E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131173646186531899&GUID=F471C82C-96CA-486B-8049-077BFF0C294B
URLSearchHook: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> DefaultScope {CBE5C84F-DEC0-4bbc-A124-3FAD2BCEFB6C} URL = hxxp://www.google.com/custom?client=pub-379428 ... earchTerms}
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> {CBE5C84F-DEC0-4bbc-A124-3FAD2BCEFB6C} URL = hxxp://www.google.com/custom?client=pub-379428 ... earchTerms}
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default
FF NewTab: about:newtab
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://go.mail.ru/distib/ep/?product_id=%7B64D7D122-B510-4EBD-A120-269910FA2439%7D&gp=811002
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\aukro.xml [2016-12-28]
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\filmova-databaze-fdbcz.xml [2016-12-28]
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\imdb.xml [2011-03-27]
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\slovnk-encz.xml [2011-04-23]
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\uloto.xml [2012-03-24]
FF SearchPlugin: C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\searchplugins\youtube.xml [2009-04-04]
FF Extension: (All-in-One Sidebar) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2016-01-04]
FF Extension: (Save Images) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\extensions\LDSI_plashcor@gmail.com.xpi [2016-04-29]
FF Extension: (FireGestures) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\extensions\firegestures@xuldev.org.xpi [2016-08-16]
FF Extension: (Classic Theme Restorer) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-08-24]
FF Extension: (FireShot) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-08-30]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-08-13]
FF Extension: (IE Tab Plus) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\ietab@ip(2).cn [2016-05-26] [not signed]
FF Extension: (Forecastfox) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-05-26] [not signed]
FF Extension: (Download Status Bar) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-08-17]
FF Extension: (ReloadEvery) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-03-13]
FF Extension: (Video DownloadHelper) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-02]
FF Extension: (Adblock Plus) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: (FoxClocks) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2016-04-17]
FF Extension: (DownThemAll!) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-05]
FF Extension: (Mouse Gestures Redox) - C:\Users\jasan\AppData\Roaming\Mozilla\Firefox\Profiles\1opdsb0l.default\Extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0} [2016-05-26] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Cerberus FTP Server; C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe [13623776 2016-05-25] (Cerberus, LLC)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [5777048 2015-08-03] (Hagel Technologies Ltd.) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [21224 2015-08-03] (Hagel Technologies Ltd.) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12528768 2007-09-10] ()
R3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [12212864 2007-09-05] ()
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (CaptainFlint Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 18:01 - 2016-09-05 18:02 - 00013663 _____ C:\Users\jasan\Desktop\FRST.txt
2016-09-05 18:01 - 2016-09-05 18:01 - 00000000 ____D C:\FRST
2016-09-05 17:58 - 2016-09-05 17:58 - 02397696 _____ (Farbar) C:\Users\jasan\Desktop\FRST64.exe
2016-09-04 16:39 - 2016-09-04 16:41 - 00000000 ____D C:\Users\jasan\Desktop\kamejk
2016-09-04 14:12 - 2016-09-04 14:12 - 01222144 _____ C:\Users\jasan\Downloads\RSITx64.exe
2016-09-04 14:12 - 2016-09-04 14:12 - 00000000 ____D C:\rsit
2016-09-04 14:12 - 2016-09-04 14:12 - 00000000 ____D C:\Program Files\trend micro
2016-09-04 13:56 - 2016-09-04 13:58 - 00000000 ____D C:\Program Files (x86)\DU Meter
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\ProgramData\Hagel Technologies
2016-09-04 13:55 - 2016-09-04 13:55 - 06261344 _____ (Hagel Technologies Ltd. ) C:\Users\jasan\Downloads\DU-Meter_7.09.4754.exe
2016-09-03 10:53 - 2016-09-03 10:53 - 00001430 _____ C:\Users\jasan\Desktop\firefox.lnk
2016-09-03 10:31 - 2016-09-03 10:32 - 03826240 _____ C:\Users\jasan\Downloads\adwcleaner_6.010.exe
2016-09-03 10:27 - 2016-09-03 10:27 - 00000270 __RSH C:\Users\jasan\ntuser.pol
2016-09-03 10:22 - 2016-09-03 10:29 - 00000000 ____D C:\Users\jasan\AppData\Roaming\GameLauncher
2016-09-03 10:22 - 2016-09-03 10:22 - 00001554 __RSH C:\ProgramData\ntuser.pol
2016-09-03 10:21 - 2016-09-03 10:21 - 00002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-02 16:12 - 2016-09-02 16:13 - 00120030 _____ C:\Users\jasan\Desktop\rozvrh.aspx.pdf
2016-09-02 16:01 - 2016-09-02 16:01 - 00793229 _____ C:\Users\jasan\Desktop\(1) Facebook.mp4
2016-09-01 10:45 - 2016-09-04 14:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 10:45 - 2016-09-01 10:45 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 10:44 - 2016-09-01 10:44 - 00000000 ____D C:\Windows\system32\appmgmt
2016-09-01 10:33 - 2016-09-01 10:33 - 00510246 _____ C:\Users\jasan\Desktop\neziskovky.pdf
2016-08-29 19:53 - 2016-08-29 19:53 - 01114557 _____ C:\Users\jasan\Downloads\IX.1 Polední stín.pdf
2016-08-29 19:52 - 2016-08-29 19:52 - 00029674 _____ C:\Users\jasan\Desktop\Vladimír Švastal - VI.pdf
2016-08-29 19:51 - 2016-08-29 19:51 - 01115558 _____ C:\Users\jasan\Desktop\Vladimír Švastal - V.pdf
2016-08-28 20:36 - 2016-08-28 16:09 - 01181505 _____ C:\Users\jasan\Documents\Prezentace kamejk.net.pdf
2016-08-28 16:09 - 2016-08-28 16:09 - 01181505 _____ C:\Users\jasan\Desktop\Prezentace kamejk.net.pdf
2016-08-28 16:08 - 2016-08-28 16:08 - 00293543 _____ C:\Users\jasan\Desktop\Banner 4.pdf
2016-08-28 16:08 - 2016-08-28 16:08 - 00293093 _____ C:\Users\jasan\Desktop\Banner 3.pdf
2016-08-28 16:07 - 2016-08-28 16:08 - 00293252 _____ C:\Users\jasan\Desktop\Banner 2.pdf
2016-08-28 16:07 - 2016-08-28 16:07 - 00292261 _____ C:\Users\jasan\Desktop\Banner 1.pdf
2016-08-28 16:03 - 2016-08-28 16:03 - 00024436 _____ C:\Users\jasan\Desktop\kamejk návštěvnost.pdf
2016-08-24 18:05 - 2016-08-24 18:05 - 00079620 _____ C:\Users\jasan\Desktop\plakat-zajezd-mar-lazne.pdf
2016-08-23 16:03 - 2016-08-23 16:03 - 09242050 _____ C:\Users\jasan\Desktop\valentynka.cdr
2016-08-23 15:59 - 2016-08-23 15:55 - 00544619 _____ C:\Users\jasan\Desktop\valen2.jpeg
2016-08-23 15:58 - 2016-08-23 15:54 - 00588485 _____ C:\Users\jasan\Desktop\valen.jpeg
2016-08-22 13:52 - 2016-08-22 13:52 - 00000714 _____ C:\Users\Public\Desktop\Launch TS2010.lnk
2016-08-22 13:52 - 2016-08-22 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auran
2016-08-22 13:42 - 2016-08-22 13:43 - 04717936 _____ C:\Users\jasan\Downloads\46170_to_49938.exe
2016-08-22 13:42 - 2016-08-22 13:42 - 04386651 _____ C:\Users\jasan\Downloads\44088_to_49933.exe
2016-08-22 13:40 - 2016-08-22 13:46 - 251317004 _____ C:\Users\jasan\Downloads\41491_to_44088.exe
2016-08-22 13:39 - 2016-08-22 13:45 - 211787936 _____ C:\Users\jasan\Downloads\41615_to_42203.exe
2016-08-22 13:39 - 2016-08-22 13:45 - 211692937 _____ C:\Users\jasan\Downloads\41622_to_42203.exe
2016-08-22 13:39 - 2016-08-22 13:39 - 14592473 _____ C:\Users\jasan\Downloads\41491_to_41615.exe
2016-08-22 10:06 - 2016-08-22 10:06 - 00000000 ____D C:\Users\jasan\Desktop\mp
2016-08-19 19:38 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-08-19 19:38 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-08-19 19:38 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-08-19 19:38 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-08-19 19:38 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-08-19 19:38 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-08-19 17:54 - 2016-08-19 17:56 - 173854382 _____ C:\Users\jasan\Downloads\Prague-Subway-Trainz-2010-Addon.zip
2016-08-19 17:03 - 2016-08-19 17:03 - 00000000 ____D C:\TempDump
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Users\jasan\AppData\Roaming\SmartSteamEmu
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\Microsoft Games
2016-08-19 16:53 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-08-19 16:53 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-19 16:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-08-19 16:53 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-19 16:53 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-19 16:53 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-08-19 16:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-08-19 16:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-08-19 16:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-08-19 16:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-08-19 16:53 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-08-19 16:53 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-08-19 16:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-08-19 16:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-08-19 16:53 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-08-19 16:53 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-08-19 16:53 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-08-19 16:53 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-08-19 16:53 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-08-19 16:53 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-08-19 16:53 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-08-19 16:53 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-08-19 16:53 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-08-19 16:53 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-08-19 16:53 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-08-19 16:53 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-08-19 16:53 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-08-19 16:53 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-08-19 16:53 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-08-19 16:53 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-08-19 16:53 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-08-19 16:53 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-08-19 16:53 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-08-19 16:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-08-19 16:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-08-19 16:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-08-19 16:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-08-19 16:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-08-19 16:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-08-19 16:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-08-19 16:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-08-19 16:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-08-19 16:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-08-19 16:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-08-19 16:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-08-19 16:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-08-19 16:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-08-19 16:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-08-19 16:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-08-19 16:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-08-19 16:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-08-19 16:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-08-19 16:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-08-19 16:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-08-19 16:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-08-19 16:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-08-19 16:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-08-19 16:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-08-19 16:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-08-19 16:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-08-19 16:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-08-19 16:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-08-19 16:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-08-19 16:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-08-19 16:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-08-19 16:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-08-19 16:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-08-19 16:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-08-19 16:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-08-19 16:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-08-19 16:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-08-19 16:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-08-19 16:51 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-08-19 16:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-08-19 16:51 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-08-19 16:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-08-19 16:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-08-19 16:51 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-08-19 16:51 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-08-19 16:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-08-19 16:51 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-08-19 16:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-08-19 16:51 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-08-19 16:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-08-19 16:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-08-19 16:51 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-08-19 16:51 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-08-19 16:51 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-08-19 16:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-08-19 16:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-08-19 16:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-08-19 16:51 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-08-19 16:51 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-19 16:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-08-19 16:51 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-19 16:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-08-19 16:51 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-19 16:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-08-19 16:51 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-08-19 16:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-08-19 16:51 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-08-19 16:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-08-19 16:51 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-19 16:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-08-19 16:51 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-08-19 16:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-08-19 16:51 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-08-19 16:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-08-19 16:51 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-08-19 16:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-08-19 16:51 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-08-19 16:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-08-19 16:51 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-08-19 16:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-08-19 16:43 - 2016-08-19 18:08 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-08-17 09:29 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 09:29 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-14 18:53 - 2016-08-14 18:53 - 00000000 ____D C:\Users\jasan\AppData\Roaming\yiwanzhushou
2016-08-14 18:53 - 2016-08-14 18:53 - 00000000 ____D C:\Users\jasan\AppData\Local\Leapdroid
2016-08-14 18:52 - 2016-08-14 19:09 - 00000000 ____D C:\Users\jasan\AppData\Roaming\Leapdroid
2016-08-14 18:52 - 2016-08-14 19:09 - 00000000 ____D C:\Program Files\Leapdroid
2016-08-14 09:22 - 2016-08-14 09:22 - 00000000 ____D C:\Users\jasan\AppData\Local\fontconfig
2016-08-14 09:22 - 2016-08-14 09:22 - 00000000 ____D C:\Users\jasan\.cache
2016-08-13 22:15 - 2016-08-13 22:15 - 00001067 _____ C:\Users\jasan\Desktop\Format Factory.lnk
2016-08-13 22:15 - 2016-08-13 22:15 - 00000000 ____D C:\Users\jasan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-08-13 22:15 - 2016-08-13 22:15 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-08-13 22:11 - 2016-08-13 22:13 - 47396880 _____ (Free Time Co., Ltd) C:\Users\jasan\Downloads\FFSetup3.9.5.0.exe
2016-08-10 19:07 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 19:07 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 19:07 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 19:07 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-10 19:07 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-10 19:07 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 19:07 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-10 19:07 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 19:07 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-10 19:07 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-10 19:07 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-10 19:07 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-10 19:07 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-10 19:07 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 19:07 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-10 19:07 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-10 19:07 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 19:07 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 19:07 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-10 19:07 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-10 19:07 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-10 19:07 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-10 19:07 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-10 19:07 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-10 19:07 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-10 19:07 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 19:07 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 19:07 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-10 19:07 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 19:07 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-10 19:07 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-10 19:07 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-10 19:07 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-10 19:07 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-10 19:07 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 19:07 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-10 19:07 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-10 19:07 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-10 19:07 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 19:07 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-10 19:07 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-10 19:07 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 19:07 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 19:07 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 19:07 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-10 19:07 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 19:07 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-10 19:07 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-10 19:07 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 19:07 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-10 19:07 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-10 19:07 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-10 19:07 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-10 19:07 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 19:07 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-10 19:07 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 19:07 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-10 19:07 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 19:07 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 19:07 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-10 19:07 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 19:07 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 19:07 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 19:07 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 19:07 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 19:07 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 19:07 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 19:07 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-10 19:07 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-10 19:07 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-10 19:07 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-10 19:07 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-10 19:07 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-10 19:07 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-10 19:07 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-10 19:07 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-10 19:07 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 19:07 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-10 19:07 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-10 19:07 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-10 19:02 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-07 13:19 - 2016-08-07 13:19 - 00623866 _____ C:\Users\jasan\Desktop\Facebook-1.mp4
2016-08-07 13:13 - 2016-08-07 13:13 - 15993999 _____ C:\Users\jasan\Desktop\Facebook.mp4
2016-08-06 10:39 - 2016-08-06 10:39 - 00000000 ____D C:\Users\jasan\AppData\Local\CEF
2016-08-06 10:36 - 2016-08-06 10:40 - 00000000 ____D C:\Users\jasan\AppData\Local\Free Download Manager
2016-08-06 10:31 - 2016-08-06 10:32 - 00000000 ____D C:\Program Files (x86)\ScreenshotCaptor
2016-08-06 10:31 - 2016-08-06 10:31 - 00000058 _____ C:\Windows\SysWOW64\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-08-06 10:31 - 2016-08-06 10:31 - 00000058 _____ C:\Users\jasan\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-08-06 10:31 - 2016-08-06 10:31 - 00000000 ____D C:\Users\jasan\Documents\DonationCoder
2016-08-06 10:31 - 2016-08-06 10:31 - 00000000 ____D C:\Users\jasan\AppData\Roaming\DonationCoder
2016-08-06 10:30 - 2016-08-06 10:30 - 16260528 _____ C:\Users\jasan\Downloads\ScreenshotCaptorSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 18:02 - 2016-07-14 12:27 - 00000000 ____D C:\Users\jasan\AppData\Roaming\uTorrent
2016-09-05 17:55 - 2016-05-27 10:31 - 00540672 _____ C:\Users\jasan\Documents\Plán příjmů a výdajů.xls
2016-09-05 17:44 - 2016-05-29 10:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-05 17:04 - 2016-06-24 16:47 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-05 16:27 - 2016-06-24 16:47 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-05 06:42 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-05 06:42 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-05 06:35 - 2009-07-14 17:18 - 00668542 _____ C:\Windows\system32\perfh005.dat
2016-09-05 06:35 - 2009-07-14 17:18 - 00141202 _____ C:\Windows\system32\perfc005.dat
2016-09-05 06:35 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-05 06:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-05 05:44 - 2016-05-27 16:05 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-09-05 05:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-04 18:37 - 2016-05-27 10:31 - 00265728 _____ C:\Users\jasan\Documents\kamejk návštěvnost.xls
2016-09-04 16:38 - 2016-06-01 18:21 - 00000000 ____D C:\Users\jasan\AppData\Roaming\vlc
2016-09-04 14:01 - 2016-05-27 13:20 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-03 10:43 - 2015-12-10 11:02 - 00000000 ____D C:\AdwCleaner
2016-09-03 10:27 - 2016-05-26 22:32 - 00000000 ____D C:\Users\jasan
2016-09-03 10:22 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-09-01 13:58 - 2016-05-27 10:30 - 08131726 _____ C:\Users\jasan\Documents\Banner hrkačky.cdr
2016-09-01 10:46 - 2016-05-27 10:53 - 00000000 ____D C:\Users\jasan\AppData\Roaming\Adobe
2016-09-01 10:46 - 2016-05-27 10:49 - 00000000 ____D C:\Users\jasan\AppData\Local\Adobe
2016-09-01 10:44 - 2016-05-27 10:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 10:35 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-23 15:56 - 2016-06-08 20:18 - 00000000 ___RD C:\Users\jasan\Documents\Scanned Documents
2016-08-19 20:20 - 2016-05-26 22:43 - 00000000 ____D C:\Users\jasan\AppData\Roaming\Mozilla
2016-08-18 03:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-14 17:45 - 2010-09-25 20:19 - 00027853 _____ C:\Users\jasan\Desktop\note.txt
2016-08-11 15:43 - 2009-07-14 06:45 - 00346544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-11 07:32 - 2016-05-27 20:01 - 00000000 ____D C:\Windows\system32\MRT
2016-08-11 07:28 - 2016-05-27 20:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-07 13:13 - 2016-06-19 11:45 - 00000000 ____D C:\Users\jasan\dwhelper
2016-08-07 10:52 - 2016-05-27 10:28 - 00000000 ____D C:\Users\jasan\Documents\_Sipo

==================== Files in the root of some directories =======

2016-05-26 22:53 - 2016-05-29 21:36 - 0000000 _____ () C:\Users\jasan\AppData\Roaming\QNYYXGZWiLdOigdd.exe
2016-05-26 22:52 - 2016-05-29 21:36 - 0000000 _____ () C:\Users\jasan\AppData\Roaming\System.exe
2016-08-06 10:31 - 2016-08-06 10:31 - 0000058 _____ () C:\Users\jasan\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat

Some files in TEMP:
====================
C:\Users\jasan\AppData\Local\Temp\Cerberus FTP Server 8 Crack Serial Keygen Free Download.exe
C:\Users\jasan\AppData\Local\Temp\libeay32.dll
C:\Users\jasan\AppData\Local\Temp\MailRuUpdater.exe
C:\Users\jasan\AppData\Local\Temp\msvcr120.dll
C:\Users\jasan\AppData\Local\Temp\sqlite3.dll
C:\Users\jasan\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\jasan\AppData\Local\Temp\_isA534.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-26 11:52

==================== End of FRST.txt ============================

Re: Preventivka

Napsal: 05 zář 2016 17:20
od Rudy
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Preventivka

Napsal: 05 zář 2016 18:11
od jasanek
# AdwCleaner v6.010 - Log soubor vytvořen 05/09/2016 na 18:45:53
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-05.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : jasan - JASAN-PC
# Beží od : C:\Users\jasan\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6803 Bajtů] - [10/12/2015 11:04:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [3586 Bajtů] - [03/09/2016 10:36:34]
C:\AdwCleaner\AdwCleaner[C3].txt - [1420 Bajtů] - [03/09/2016 10:43:00]
C:\AdwCleaner\AdwCleaner[C4].txt - [1023 Bajtů] - [05/09/2016 18:45:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [6351 Bajtů] - [10/12/2015 11:02:34]
C:\AdwCleaner\AdwCleaner[S2].txt - [3754 Bajtů] - [03/09/2016 10:33:22]
C:\AdwCleaner\AdwCleaner[S3].txt - [1792 Bajtů] - [03/09/2016 10:42:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [1841 Bajtů] - [05/09/2016 18:45:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1393 Bajtů] ##########

Re: Preventivka

Napsal: 05 zář 2016 18:45
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\MountPoints2: {1edb20e4-237d-11e6-a26a-806e6f6e6963} - H:\1011_USB20PCCam_5.7.19104.100.exe
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Winlogon: [Shell] explorer.exe,"C:\Users\jasan\AppData\Roaming\System.exe" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://go.mail.ru/distib/ep/?product_id ... &gp=811002
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\jasan\AppData\Roaming\QNYYXGZWiLdOigdd.exe
C:\Users\jasan\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Preventivka

Napsal: 05 zář 2016 19:01
od jasanek
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by jasan (05-09-2016 19:52:30) Run:1
Running from C:\Users\jasan\Desktop
Loaded Profiles: jasan (Available Profiles: jasan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\MountPoints2: {1edb20e4-237d-11e6-a26a-806e6f6e6963} - H:\1011_USB20PCCam_5.7.19104.100.exe
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\...\Winlogon: [Shell] explorer.exe,"C:\Users\jasan\AppData\Roaming\System.exe" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-406812359-3264526012-2679633240-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://go.mail.ru/distib/ep/?product_id ... &gp=811002
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\jasan\AppData\Roaming\QNYYXGZWiLdOigdd.exe
C:\Users\jasan\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-406812359-3264526012-2679633240-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1edb20e4-237d-11e6-a26a-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{1edb20e4-237d-11e6-a26a-806e6f6e6963} => key not found.
HKU\S-1-5-21-406812359-3264526012-2679633240-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
"HKU\S-1-5-21-406812359-3264526012-2679633240-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
Firefox SearchEngineOrder.3 removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\jasan\AppData\Roaming\QNYYXGZWiLdOigdd.exe => moved successfully

"C:\Users\jasan\AppData\Local\Temp" folder move:

Could not move "C:\Users\jasan\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-09-2016 19:54:17)

C:\Users\jasan\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:54:17 ====

Re: Preventivka

Napsal: 05 zář 2016 20:05
od Rudy
Smazáno. Log by již měl být OK.

Re: Preventivka

Napsal: 05 zář 2016 20:37
od jasanek
Děkuji.

Re: Preventivka

Napsal: 05 zář 2016 21:19
od Rudy
Rádo se stalo! :)