Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2017 01
Ran by Administrator (administrator) on BBDRA2-3D0A5E7C (08-06-2017 23:52:03)
Running from C:\Documents and Settings\Adam2\Plocha
Loaded Profiles: Adam2 & Administrator (Available Profiles: Adam2 & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS2\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS2\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS2\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS2\system32\services.exe
(Microsoft Corporation) C:\WINDOWS2\system32\lsass.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\spoolsv.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(VIA Technologies, Inc.) C:\WINDOWS2\system32\KaraokeSer.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS2\system32\alg.exe
(Microsoft Corporation) C:\WINDOWS2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS2\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS2\explorer.exe
(Microsoft Corporation) C:\WINDOWS2\system32\wbem\wmiprvse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS2\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS2\system32\ctfmon.exe
(Microsoft Corporation) C:\WINDOWS2\system32\ctfmon.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [41134712 2000-01-01] (VIA Technologies, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS2\system32\userinit.exe,
HKLM\...\Winlogon: [UIHost] C:\WINDOWS2\system32\logonui.exe [515072 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINDOWS2\system32\crypt32.dll [2013-10-07] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS2\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS2\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS2\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS2\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS2\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS2\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS2\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS2\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\WgaLogon: C:\WINDOWS2\system32\WgaLogon.dll [2009-03-10] (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS2\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS2\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS2\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-329068152-1645522239-839522115-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27226072 2016-11-04] (Skype Technologies S.A.)
HKU\S-1-5-21-329068152-1645522239-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-329068152-1645522239-839522115-1003\...\Run: [ctfmon.exe] => C:\WINDOWS2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-329068152-1645522239-839522115-500\...\Run: [CTFMON.EXE] => C:\WINDOWS2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-329068152-1645522239-839522115-500\...\Run: [SlimDrivers] => "C:\Program Files\SlimDrivers\SlimDrivers.exe" -boot
HKU\S-1-5-21-329068152-1645522239-839522115-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS2\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS2\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS2\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS2\system32\inetpp.dll [75264 2008-04-14] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS2\system32\win32spl.dll [102400 2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS2\system32\shell32.dll [8466944 2012-06-08] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS2\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINDOWS2\system32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINDOWS2\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINDOWS2\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{19E21823-6180-4C49-977C-5D3183C290D7}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-329068152-1645522239-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxp://www.msn.com/HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhomeHKU\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
HKU\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxp://www.msn.com/HKU\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearchURLSearchHook: [S-1-5-21-329068152-1645522239-839522115-500] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-329068152-1645522239-839522115-500 -> {012E1000-F331-11DB-8314-0800200C9A66} URL =
hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-16] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-11-17] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-16] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-329068152-1645522239-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS2\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-329068152-1645522239-839522115-500 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-16] (AO Kaspersky Lab)
DPF: {31435657-9980-0010-8000-00AA00389B71}
hxxp://download.microsoft.com/download/ ... vc1dmo.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabFireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-11-23] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-16]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2016-11-17] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] -
hxxps://chrome.google.com/webstore/deta ... ijdbbplhib==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Alerter; C:\WINDOWS2\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINDOWS2\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINDOWS2\System32\appmgmts.dll [171008 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINDOWS2\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 AudioSrv; C:\WINDOWS2\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
S2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BITS; C:\WINDOWS2\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
S2 Browser; C:\WINDOWS2\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S3 CiSvc; C:\WINDOWS2\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S3 ClipSrv; C:\WINDOWS2\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS2\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS2\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS2\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS2\System32\dhcpcsvc.dll [125952 2008-04-14] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1023728 2015-03-31] (Disc Soft Ltd)
S3 dmadmin; C:\WINDOWS2\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINDOWS2\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS2\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS2\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS2\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINDOWS2\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS2\system32\services.exe [111104 2009-02-09] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS2\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS2\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2282504 2017-03-02] (LogMeIn Inc.)
R2 helpsvc; C:\WINDOWS2\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS2\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS2\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS2\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 idsvc; c:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS2\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2016-11-17] (Oracle Corporation)
R2 KaraokeService; C:\WINDOWS2\system32\KaraokeSer.exe [88696 2016-11-20] (VIA Technologies, Inc.)
S2 KSDE1.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 lanmanserver; C:\WINDOWS2\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS2\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
R2 LmHosts; C:\WINDOWS2\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2017-02-27] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-03-08] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-03-08] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS2\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS2\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS2\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS2\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S3 napagent; C:\WINDOWS2\System32\qagentrt.dll [293376 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS2\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS2\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS2\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; c:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [132096 2008-07-29] (Microsoft Corporation)
R3 Nla; C:\WINDOWS2\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1132160 2013-10-10] (Locktime Software)
S3 NtLmSsp; C:\WINDOWS2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS2\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
S2 NVSvc; C:\WINDOWS2\system32\nvsvc32.exe [167992 2016-03-08] (NVIDIA Corporation)
R2 PlugPlay; C:\WINDOWS2\system32\services.exe [111104 2009-02-09] (Microsoft Corporation)
R2 PolicyAgent; C:\WINDOWS2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS2\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS2\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS2\system32\sessmgr.exe [141824 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS2\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
R2 RemoteRegistry; C:\WINDOWS2\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS2\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS2\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\WINDOWS2\system32\rsvp.exe [132608 2001-10-25] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS2\System32\SCardSvr.exe [97792 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS2\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS2\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINDOWS2\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS2\System32\ipnathlp.dll [329728 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS2\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS2\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS2\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS2\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
R2 stisvc; C:\WINDOWS2\system32\wiaservc.dll [334336 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS2\system32\smlogsvc.exe [90112 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS2\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINDOWS2\System32\termsrv.dll [295936 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINDOWS2\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
S3 TlntSvr; C:\WINDOWS2\system32\tlntsvr.exe [73728 2008-04-14] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS2\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS2\System32\upnphost.dll [186368 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS2\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS2\System32\vssvc.exe [290816 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS2\system32\w32time.dll [176640 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINDOWS2\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS2\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS2\System32\advapi32.dll [684032 2009-02-09] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS2\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
R3 WPFFontCache_v0400; C:\WINDOWS2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS2\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS2\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS2\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS2\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
S3 SwPrv; C:\WINDOWS2\system32\dllhost.exe /Processid:{10A51E1C-CB28-40E5-BFFC-D4C715DBAF81}
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINDOWS2\System32\DRIVERS\ACPI.sys [188288 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS2\system32\Drivers\ACPIEC.sys [11776 2001-10-25] (Microsoft Corporation)
S3 aec; C:\WINDOWS2\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS2\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation)
S3 AMBFilt; C:\WINDOWS2\System32\drivers\AMBFilt.sys [1656960 2016-11-20] (Creative)
R0 amdide; C:\WINDOWS2\System32\DRIVERS\amdide.sys [11904 2016-11-20] (Advanced Micro Devices Inc.)
S3 AsyncMac; C:\WINDOWS2\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS2\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 Atmarpc; C:\WINDOWS2\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINDOWS2\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINDOWS2\system32\Drivers\Beep.sys [4224 2001-10-25] (Microsoft Corporation)
S4 cbidf2k; C:\WINDOWS2\system32\Drivers\cbidf2k.sys [13952 2001-10-25] (Microsoft Corporation)
S3 CCDECODE; C:\WINDOWS2\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS2\system32\Drivers\Cdaudio.sys [18688 2001-10-25] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS2\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS2\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 cm_km; C:\WINDOWS2\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
R0 Disk; C:\WINDOWS2\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS2\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmio; C:\WINDOWS2\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINDOWS2\System32\drivers\dmload.sys [5888 2001-10-25] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS2\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS2\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS2\System32\DRIVERS\dtlitescsibus.sys [25104 2017-01-21] (Disc Soft Ltd)
S4 Fastfat; C:\WINDOWS2\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S1 Fdc; C:\WINDOWS2\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINDOWS2\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S1 Flpydisk; C:\WINDOWS2\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS2\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS2\system32\Drivers\Fs_Rec.sys [7936 2001-10-25] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS2\System32\DRIVERS\ftdisk.sys [125184 2001-10-25] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS2\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 hamachi; C:\WINDOWS2\System32\DRIVERS\hamachi.sys [26176 2016-08-31] (LogMeIn, Inc.)
R3 HDAudBus; C:\WINDOWS2\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS2\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINDOWS2\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS2\system32\drivers\HWiNFO32.SYS [23840 2016-11-20] (REALiX(tm))
S1 i8042prt; C:\WINDOWS2\System32\DRIVERS\i8042prt.sys [52096 2008-04-14] (Microsoft Corporation)
R1 Imapi; C:\WINDOWS2\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S3 Ip6Fw; C:\WINDOWS2\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS2\System32\DRIVERS\ipfltdrv.sys [32896 2001-10-25] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS2\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS2\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS2\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS2\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS2\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS2\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS2\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
R0 kl1; C:\WINDOWS2\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS2\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS2\System32\DRIVERS\klbackupflt.sys [77656 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS2\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS2\System32\DRIVERS\klflt.sys [159448 2017-04-11] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS2\System32\DRIVERS\klhk.sys [128496 2017-04-11] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS2\System32\DRIVERS\klif.sys [796384 2017-04-11] (AO Kaspersky Lab)
R3 klim5; C:\WINDOWS2\System32\DRIVERS\klim5.sys [50080 2016-05-23] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS2\System32\DRIVERS\klkbdflt.sys [44976 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS2\System32\DRIVERS\klmouflt.sys [37040 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS2\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS2\System32\DRIVERS\kltap.sys [42336 2016-06-22] (The OpenVPN Project)
R1 kltdf; C:\WINDOWS2\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab)
R1 kltdi; C:\WINDOWS2\System32\DRIVERS\kltdi.sys [71088 2016-05-17] (AO Kaspersky Lab)
R3 kmixer; C:\WINDOWS2\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R1 kneps; C:\WINDOWS2\System32\DRIVERS\kneps.sys [165088 2017-04-07] (AO Kaspersky Lab)
R0 KSecDD; C:\WINDOWS2\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS2\system32\drivers\mbam.sys [21104 2013-03-08] (Malwarebytes Corporation) [File not signed]
R1 mnmdd; C:\WINDOWS2\system32\Drivers\mnmdd.sys [4224 2001-10-25] (Microsoft Corporation)
S3 Modem; C:\WINDOWS2\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation)
S3 MonFilt; C:\WINDOWS2\System32\drivers\MonFilt.sys [1389056 2016-11-20] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS2\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS2\System32\DRIVERS\mouhid.sys [12160 2001-10-25] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS2\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS2\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS2\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS2\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS2\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS2\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS2\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS2\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
S3 MSTEE; C:\WINDOWS2\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINDOWS2\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
S3 NABTSFEC; C:\WINDOWS2\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
R0 NDIS; C:\WINDOWS2\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS2\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS2\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS2\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS2\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS2\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS2\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS2\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R3 NLNdisMP; C:\WINDOWS2\System32\DRIVERS\nlndis.sys [5229360 2013-06-12] (Locktime Software)
S3 NLNdisPT; C:\WINDOWS2\System32\DRIVERS\nlndis.sys [5229360 2013-06-12] (Locktime Software)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [5280944 2013-06-12] (Locktime Software)
R1 Npfs; C:\WINDOWS2\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS2\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
R1 Null; C:\WINDOWS2\system32\Drivers\Null.sys [2944 2001-10-25] (Microsoft Corporation)
R3 nv; C:\WINDOWS2\System32\DRIVERS\nv4_mini.sys [13375672 2016-11-20] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS2\System32\drivers\nvhda32.sys [154320 2016-11-20] (NVIDIA Corporation)
S3 NwlnkFlt; C:\WINDOWS2\System32\DRIVERS\nwlnkflt.sys [12416 2001-10-25] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS2\System32\DRIVERS\nwlnkfwd.sys [32512 2001-10-25] (Microsoft Corporation)
S3 Parport; C:\WINDOWS2\system32\Drivers\Parport.sys [80000 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS2\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS2\system32\Drivers\ParVdm.sys [6784 2001-10-25] (Microsoft Corporation)
R0 PCI; C:\WINDOWS2\System32\DRIVERS\pci.sys [68736 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS2\System32\DRIVERS\pciide.sys [3328 2001-10-25] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS2\system32\Drivers\Pcmcia.sys [120064 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS2\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R1 Processor; C:\WINDOWS2\System32\DRIVERS\processr.sys [39168 2004-08-17] (Microsoft Corporation)
R3 PSched; C:\WINDOWS2\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS2\System32\DRIVERS\ptilink.sys [17792 2001-10-25] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS2\System32\DRIVERS\rasacd.sys [8832 2001-10-25] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS2\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS2\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS2\System32\DRIVERS\raspti.sys [16512 2001-10-25] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS2\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS2\System32\DRIVERS\RDPCDD.sys [4224 2001-10-25] (Microsoft Corporation)
R3 rdpdr; C:\WINDOWS2\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS2\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS2\System32\DRIVERS\redbook.sys [58496 2008-04-14] (Microsoft Corporation)
R3 RTLE8023xp; C:\WINDOWS2\System32\DRIVERS\Rtenicxp.sys [442328 2015-02-11] (Realtek Semiconductor Corporation )
S3 Secdrv; C:\WINDOWS2\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINDOWS2\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINDOWS2\System32\DRIVERS\serial.sys [64256 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS2\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S3 SLIP; C:\WINDOWS2\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 splitter; C:\WINDOWS2\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINDOWS2\System32\DRIVERS\sr.sys [73344 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINDOWS2\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
S3 streamip; C:\WINDOWS2\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R3 swenum; C:\WINDOWS2\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS2\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R3 sysaudio; C:\WINDOWS2\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS2\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS2\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS2\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS2\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
U3 TrueSight; C:\WINDOWS2\system32\drivers\TrueSight.sys [24688 2017-06-06] ()
S4 Udfs; C:\WINDOWS2\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINDOWS2\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS2\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS2\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbfilter; C:\WINDOWS2\System32\DRIVERS\usbfilter.sys [43392 2000-01-01] (Advanced Micro Devices)
R3 usbhub; C:\WINDOWS2\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 usbohci; C:\WINDOWS2\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation)
R3 usbstor; C:\WINDOWS2\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbvideo; C:\WINDOWS2\System32\Drivers\usbvideo.sys [123008 2013-07-17] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS2\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R3 VIAHdAudAddService; C:\WINDOWS2\System32\drivers\viahduaa.sys [2561968 2016-11-20] (VIA Technologies, Inc.)
R0 VolSnap; C:\WINDOWS2\system32\Drivers\VolSnap.sys [52480 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS2\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS2\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
R1 WmiAcpi; C:\WINDOWS2\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS2\System32\drivers\ws2ifsl.sys [12032 2001-10-25] (Microsoft Corporation)
S3 WSTCODEC; C:\WINDOWS2\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS2\System32\drivers\zam32.sys [181496 2017-06-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS2\System32\drivers\zamguard32.sys [181496 2017-06-06] (Zemana Ltd.)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS2\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-08 23:52 - 2017-06-08 23:52 - 00039804 _____ C:\Documents and Settings\Adam2\Plocha\FRST.txt
2017-06-08 23:49 - 2017-06-08 23:49 - 01775104 _____ (Farbar) C:\Documents and Settings\Adam2\Plocha\FRST.exe
2017-06-08 23:46 - 2017-06-08 23:46 - 00000882 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Revo Uninstaller.lnk
2017-06-08 23:46 - 2017-06-08 23:46 - 00000000 ____D C:\Program Files\VS Revo Group
2017-06-08 23:46 - 2017-06-08 23:46 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Revo Uninstaller
2017-06-08 23:46 - 2017-06-08 23:46 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Revo Uninstaller
2017-06-08 21:20 - 2017-06-08 21:20 - 00000000 ____D C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Data aplikací\Curiolab
2017-06-08 21:18 - 2017-06-08 21:18 - 15637544 _____ (CURIOLAB S.M.B.A.) C:\Documents and Settings\Adam2\Plocha\ExterminateItSetup.exe
2017-06-08 21:18 - 2017-06-08 21:18 - 00000756 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Exterminate It!.lnk
2017-06-08 21:18 - 2017-06-08 21:18 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Exterminate It!
2017-06-08 21:18 - 2017-06-08 21:18 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Exterminate It!
2017-06-08 21:06 - 2017-06-08 21:14 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\hledám vir
2017-06-08 20:38 - 2017-06-08 20:38 - 01931969 _____ C:\Documents and Settings\Adam2\Plocha\ProcessExplorer.zip
2017-06-08 20:38 - 2017-05-01 07:31 - 02724512 _____ (Sysinternals -
www.sysinternals.com) C:\Documents and Settings\Adam2\Plocha\procexp.exe
2017-06-08 01:13 - 2017-06-08 01:13 - 00000965 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Governor of Poker.lnk
2017-06-08 01:13 - 2017-06-08 01:13 - 00000000 ____D C:\Program Files\LeeGTs Games
2017-06-08 01:13 - 2017-06-08 01:13 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Governor of Poker
2017-06-08 01:13 - 2017-06-08 01:13 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Governor of Poker
2017-06-08 01:13 - 2017-06-08 01:13 - 00000000 ____D C:\Documents and Settings\Adam2\Data aplikací\Macromedia
2017-06-08 01:13 - 2017-06-08 01:13 - 00000000 ____D C:\Documents and Settings\Adam2\Data aplikací\Adobe
2017-06-08 00:42 - 2017-06-08 00:42 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Oracle
2017-06-08 00:42 - 2017-06-08 00:42 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Oracle
2017-06-08 00:32 - 2017-06-08 00:32 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\backups
2017-06-07 19:15 - 2017-06-07 19:15 - 00000512 _____ C:\Documents and Settings\Adam2\Plocha\MBR.dat
2017-06-07 19:14 - 2017-06-07 19:14 - 00006127 _____ C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha\hijackthis log2.txt
2017-06-07 19:13 - 2017-06-07 19:13 - 00006127 _____ C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha\hijackthis log2
2017-06-07 19:11 - 2017-06-08 23:52 - 00000000 ____D C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\znk\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\Default User.WINDOWS2\Local Settings\temp
2017-06-07 19:11 - 2017-06-07 19:11 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-06-07 19:02 - 2017-06-08 23:51 - 00000000 ____D C:\WINDOWS2\temp
2017-06-07 18:46 - 2017-06-07 18:46 - 00000000 _____ C:\Documents and Settings\Adam2\Plocha\Nový objekt - Textový dokument (4).txt
2017-06-07 17:38 - 2017-06-07 17:39 - 213020850 _____ C:\Documents and Settings\Adam2\Plocha\Pro Adámka♥
2017-06-06 22:00 - 2017-06-08 00:19 - 00000000 ____D C:\WINDOWS2\erdnt
2017-06-06 22:00 - 2017-06-06 22:00 - 00000000 ___RD C:\Documents and Settings\Adam2\Nabídka Start\Programy\Nástroje pro správu
2017-06-06 19:40 - 2017-06-08 23:52 - 00081908 _____ C:\WINDOWS2\ZAM.krnl.trace
2017-06-06 19:40 - 2017-06-08 23:52 - 00053545 _____ C:\WINDOWS2\ZAM_Guard.krnl.trace
2017-06-06 19:40 - 2017-06-06 19:40 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS2\system32\Drivers\zamguard32.sys
2017-06-06 19:40 - 2017-06-06 19:40 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS2\system32\Drivers\zam32.sys
2017-06-06 19:40 - 2017-06-06 19:40 - 00001605 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Zemana AntiMalware.lnk
2017-06-06 19:40 - 2017-06-06 19:40 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-06-06 19:40 - 2017-06-06 19:40 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\Zemana
2017-06-06 19:40 - 2017-06-06 19:40 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Zemana AntiMalware
2017-06-06 19:40 - 2017-06-06 19:40 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Zemana AntiMalware
2017-06-06 19:40 - 2017-06-06 19:40 - 00000000 ____D C:\Documents and Settings\Adam2\Local Settings\Data aplikací\Zemana
2017-06-06 19:39 - 2017-06-06 19:39 - 05774688 _____ (Zemana Ltd. ) C:\Documents and Settings\Adam2\Plocha\Zemana.AntiMalware.Setup.exe
2017-06-06 19:31 - 2017-06-06 19:22 - 00024064 _____ C:\WINDOWS2\zoek-delete.exe
2017-06-06 19:14 - 2017-06-06 19:15 - 01309184 _____ C:\Documents and Settings\Adam2\Plocha\zoek.exe
2017-06-06 13:18 - 2017-06-06 13:18 - 00023646 _____ C:\Documents and Settings\Adam2\Plocha\rkrep2.txt
2017-06-06 11:20 - 2017-06-06 11:20 - 11792456 _____ C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha\RogueKiller_old32.exe
2017-06-06 10:16 - 2017-06-06 10:16 - 22018120 _____ C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha\RogueKiller_portable32.exe
2017-06-06 10:06 - 2017-06-06 10:06 - 00000187 _____ C:\Documents and Settings\Adam2\Plocha\RKcrash.txt
2017-06-06 10:02 - 2017-06-06 10:02 - 00000000 _____ C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha\Nový objekt - Textový dokument.txt
2017-06-06 09:19 - 2017-06-06 13:18 - 00537574 _____ C:\WINDOWS2\ntbtlog.txt
2017-06-05 11:23 - 2017-06-05 11:23 - 00000718 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\RogueKiller.lnk
2017-06-05 11:23 - 2017-06-05 11:23 - 00000000 ____D C:\Program Files\RogueKiller
2017-06-05 11:23 - 2017-06-05 11:23 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\RogueKiller
2017-06-05 11:23 - 2017-06-05 11:23 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\RogueKiller
2017-06-05 11:22 - 2017-06-05 11:23 - 35426672 _____ (Adlice Software ) C:\Documents and Settings\Adam2\Plocha\setup.exe
2017-06-05 00:23 - 2017-06-05 00:24 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\ps_sun
2017-06-05 00:16 - 2017-06-05 00:23 - 124472827 _____ C:\Documents and Settings\Adam2\Plocha\PS_sun.zip
2017-06-04 23:53 - 2017-06-04 23:54 - 00002467 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Sophos Virus Removal Tool.lnk
2017-06-04 23:53 - 2017-06-04 23:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Sophos
2017-06-04 23:53 - 2017-06-04 23:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy\Sophos
2017-06-04 23:53 - 2017-06-04 23:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Sophos
2017-06-04 23:53 - 2017-06-04 23:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Sophos
2017-06-04 23:47 - 2017-06-04 23:50 - 168787792 _____ (Sophos Limited) C:\Documents and Settings\Adam2\Plocha\Sophos Virus Removal Tool.exe
2017-06-04 20:11 - 2017-06-04 20:11 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\LogMeIn
2017-06-04 20:07 - 2017-06-04 20:07 - 00000566 _____ C:\Documents and Settings\Adam2\Plocha\jrt.txt.txt
2017-06-04 17:31 - 2017-06-04 17:31 - 00002880 _____ C:\Documents and Settings\Adam2\Plocha\123.txt
2017-06-04 15:53 - 2017-06-04 15:53 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Adam2\Plocha\TFC.exe
2017-06-04 15:51 - 2017-06-04 15:51 - 00050688 _____ (Atribune.org) C:\Documents and Settings\Adam2\Plocha\ATF-Cleaner.exe
2017-06-04 14:35 - 2017-06-04 20:00 - 01663672 _____ (Malwarebytes) C:\Documents and Settings\Adam2\Plocha\JRT.exe
2017-05-22 15:21 - 2017-05-22 15:21 - 02710854 _____ C:\Documents and Settings\Adam2\Plocha\Nuni.bmp
2017-05-21 15:42 - 2017-05-21 15:42 - 03805494 _____ C:\Documents and Settings\Adam2\Plocha\sso_starcoins.bmp
2017-05-15 17:01 - 2017-06-04 23:36 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\Civ
2017-05-15 17:01 - 2017-05-15 17:01 - 01693413 _____ C:\Documents and Settings\Adam2\Plocha\Civilization.zip
2017-05-14 21:01 - 2017-05-14 21:01 - 01310090 _____ C:\Documents and Settings\Adam2\Plocha\sc.bmp
2017-05-14 02:02 - 2015-01-21 09:53 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\Šabach P. - Hovno hoří
2017-05-14 02:00 - 2017-05-14 02:01 - 194396344 _____ C:\Documents and Settings\Adam2\Plocha\Šabach-P.---Hovno-hoří.rar
2017-05-13 21:27 - 2017-05-13 21:27 - 00001650 _____ C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\PokerStars.net.lnk
2017-05-13 21:27 - 2017-05-13 21:27 - 00001650 _____ C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\PokerStars.net.lnk
2017-05-09 15:01 - 2017-05-09 15:01 - 04102600 _____ C:\Documents and Settings\Adam2\Plocha\adwcleaner_6.046.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-08 23:52 - 2016-11-17 14:54 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha
2017-06-08 23:52 - 2016-11-10 00:41 - 00000000 ____D C:\FRST
2017-06-08 23:51 - 2016-11-20 17:32 - 00000000 ____D C:\Documents and Settings\Adam2\Local Settings\Data aplikací\LogMeIn Hamachi
2017-06-08 23:51 - 2016-11-17 17:16 - 00000000 ____D C:\Documents and Settings\Adam2\Data aplikací\Skype
2017-06-08 23:50 - 2016-11-17 14:54 - 00000000 ____D C:\Documents and Settings\Adam2\Local Settings\Temp
2017-06-08 23:46 - 2016-11-17 15:18 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy
2017-06-08 23:46 - 2016-11-17 15:18 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start\Programy
2017-06-08 23:46 - 2016-11-17 15:18 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Plocha
2017-06-08 23:31 - 2016-11-17 16:45 - 01664400 _____ C:\WINDOWS2\system32\nvdrsdb0.bin
2017-06-08 23:31 - 2016-11-17 16:45 - 00000001 _____ C:\WINDOWS2\system32\nvdrssel.bin
2017-06-08 22:31 - 2016-11-17 16:45 - 01664400 _____ C:\WINDOWS2\system32\nvdrsdb1.bin
2017-06-08 22:24 - 2015-05-02 03:06 - 00000000 ____D C:\Program Files\Exterminate It!
2017-06-08 21:44 - 2016-11-20 21:43 - 00002285 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Skype.lnk
2017-06-08 21:20 - 2016-11-21 23:34 - 00000000 __RHD C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Data aplikací
2017-06-08 20:41 - 2016-11-17 17:16 - 00010776 _____ C:\WINDOWS2\system32\nvAppTimestamps
2017-06-08 17:59 - 2016-11-17 22:10 - 00000000 ____D C:\Documents and Settings\Adam2\Local Settings\Data aplikací\Battle.net
2017-06-08 17:59 - 2015-05-09 00:18 - 00000000 ____D C:\Program Files\Battle.net
2017-06-08 16:42 - 2017-02-11 22:36 - 00002365 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\Star Stable Online.lnk
2017-06-08 16:30 - 2016-11-17 17:15 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Skype
2017-06-08 16:30 - 2016-11-17 17:15 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Skype
2017-06-08 16:30 - 2016-02-09 10:38 - 00000000 ___RD C:\Program Files\Skype
2017-06-08 16:27 - 2016-11-22 09:36 - 00000224 _____ C:\WINDOWS2\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-06-08 16:27 - 2016-11-20 17:34 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\LogMeIn Hamachi
2017-06-08 16:27 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS2\system32\wpa.dbl
2017-06-08 16:26 - 2016-11-17 14:54 - 00000178 ___SH C:\Documents and Settings\Adam2\ntuser.ini
2017-06-08 15:00 - 2016-11-22 09:36 - 00000218 _____ C:\WINDOWS2\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-06-08 13:17 - 2016-11-23 02:45 - 00000000 ____D C:\Documents and Settings\Adam2\Data aplikací\vlc
2017-06-08 01:13 - 2016-11-17 14:54 - 00000000 __RHD C:\Documents and Settings\Adam2\Data aplikací
2017-06-08 00:48 - 2016-11-21 23:35 - 00000178 ___SH C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\ntuser.ini
2017-06-08 00:48 - 2016-11-21 23:34 - 00000000 ____D C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C
2017-06-08 00:47 - 2016-02-05 16:47 - 00000000 ____D C:\Program Files\Java
2017-06-08 00:42 - 2016-11-17 15:18 - 00000000 __RHD C:\Documents and Settings\All Users.WINDOWS2\Data aplikací
2017-06-08 00:40 - 2017-04-07 13:38 - 00000418 _____ C:\Documents and Settings\Adam2\advanced_ip_scanner_MAC.bin
2017-06-08 00:40 - 2017-04-07 13:38 - 00000041 _____ C:\Documents and Settings\Adam2\advanced_ip_scanner_Aliases.bin
2017-06-08 00:28 - 2016-11-17 16:10 - 00001324 _____ C:\WINDOWS2\system32\d3d9caps.dat
2017-06-08 00:28 - 2016-11-17 15:07 - 00000000 ____D C:\WINDOWS2\system32
2017-06-08 00:26 - 2016-11-17 16:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Kaspersky Lab
2017-06-08 00:26 - 2016-11-17 16:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Kaspersky Lab
2017-06-08 00:23 - 2016-11-17 15:17 - 00222432 _____ C:\WINDOWS2\system32\FNTCACHE.DAT
2017-06-08 00:23 - 2016-11-17 15:07 - 00000000 ____D C:\WINDOWS2
2017-06-08 00:23 - 2016-11-17 14:53 - 00000006 ____H C:\WINDOWS2\Tasks\SA.DAT
2017-06-08 00:21 - 2017-04-06 18:16 - 00065536 _____ C:\WINDOWS2\system32\config\NetLimit.evt
2017-06-08 00:21 - 2016-11-17 17:09 - 02119430 _____ C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-329068152-1645522239-839522115-1003-0.dat
2017-06-08 00:21 - 2016-11-17 17:09 - 00193998 _____ C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2017-06-08 00:21 - 2016-11-17 16:16 - 00262144 _____ C:\WINDOWS2\system32\config\Kaspersk.evt
2017-06-08 00:21 - 2016-11-17 14:53 - 00032376 _____ C:\WINDOWS2\SchedLgU.Txt
2017-06-07 19:14 - 2016-11-21 23:34 - 00000000 ____D C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Plocha
2017-06-07 19:04 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS2\system.ini
2017-06-07 19:03 - 2016-11-17 15:17 - 00262144 _____ C:\WINDOWS2\system32\config\SECURITY.bak
2017-06-07 19:03 - 2016-11-17 15:17 - 00262144 _____ C:\WINDOWS2\system32\config\SAM.bak
2017-06-07 19:03 - 2016-11-17 15:15 - 22544384 _____ C:\WINDOWS2\system32\config\software.bak
2017-06-07 19:03 - 2016-11-17 15:15 - 05767168 _____ C:\WINDOWS2\system32\config\system.bak
2017-06-07 19:03 - 2016-11-17 15:15 - 00524288 _____ C:\WINDOWS2\system32\config\default.bak
2017-06-07 18:17 - 2015-07-05 00:23 - 00000000 ____D C:\KMPlayer
2017-06-06 22:00 - 2016-11-17 14:54 - 00000000 ___RD C:\Documents and Settings\Adam2\Nabídka Start\Programy
2017-06-06 19:41 - 2016-11-17 14:54 - 00000000 ____D C:\Documents and Settings\Adam2
2017-06-06 19:40 - 2016-11-17 14:54 - 00000000 ___HD C:\Documents and Settings\Adam2\Local Settings\Data aplikací
2017-06-06 19:40 - 2016-11-17 14:53 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací
2017-06-06 19:28 - 2016-03-15 00:37 - 00000000 ____D C:\zoek_backup
2017-06-06 13:18 - 2016-11-21 23:34 - 00000000 ___HD C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Local Settings\Data aplikací
2017-06-06 11:25 - 2017-04-04 02:01 - 00024688 _____ C:\WINDOWS2\system32\Drivers\TrueSight.sys
2017-06-05 20:12 - 2015-05-01 23:07 - 00000000 ____D C:\Program Files\DOSBox-0.74
2017-06-04 23:38 - 2016-11-22 02:17 - 00000000 __HDC C:\WINDOWS2\$NtUninstallKB973869$
2017-06-04 20:11 - 2016-11-20 17:32 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\LogMeIn
2017-06-04 20:11 - 2016-11-20 17:32 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\LogMeIn
2017-06-04 19:56 - 2015-05-02 03:14 - 00000000 ____D C:\AdwCleaner
2017-06-04 15:54 - 2016-11-09 19:44 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\temp
2017-06-04 15:52 - 2016-11-09 19:44 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-06-04 15:52 - 2016-11-03 21:33 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Temp
2017-06-04 15:31 - 2016-11-20 23:00 - 00047616 _____ C:\Documents and Settings\Adam2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-04 13:49 - 2017-01-12 06:40 - 00000000 ____D C:\WINDOWS2\Minidump
2017-06-03 14:38 - 2017-01-22 13:17 - 00000000 ____D C:\Documents and Settings\Adam2\Dokumenty\Bandicam
2017-06-02 23:21 - 2017-02-14 13:56 - 00000000 ____D C:\Documents and Settings\Adam2\Plocha\mixy
2017-06-02 23:04 - 2015-05-09 00:50 - 00000000 ____D C:\Program Files\Hearthstone
2017-05-14 11:08 - 2016-02-11 20:15 - 00000000 ____D C:\Program Files\PokerStars.NET
2017-05-13 21:27 - 2017-02-07 00:13 - 00001650 _____ C:\Documents and Settings\All Users.WINDOWS2\Plocha\PokerStars.net.lnk
2017-05-13 21:27 - 2016-11-17 15:18 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS2\Nabídka Start
==================== Files in the root of some directories =======
2016-12-20 22:28 - 2016-12-20 22:28 - 0000000 ___SH () C:\Documents and Settings\Administrator.BBDRA2-3D0A5E7C\Local Settings\Data aplikací\LumaEmu
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS2\explorer.exe => File is digitally signed
C:\WINDOWS2\system32\winlogon.exe => File is digitally signed
C:\WINDOWS2\system32\svchost.exe => File is digitally signed
C:\WINDOWS2\system32\services.exe => File is digitally signed
C:\WINDOWS2\system32\User32.dll => File is digitally signed
C:\WINDOWS2\system32\userinit.exe => File is digitally signed
C:\WINDOWS2\system32\rpcss.dll => File is digitally signed
C:\WINDOWS2\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS2\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================