Trojan-Banker Vyřešeno

[bbdra]

V podstatě hlavní důvod, proč by jsem chtěl pokračovat v opravě je, že se chci ujistit do jaké míry je počítač napadený, co za infekce na něm je, a pokud napadený je, zda by to někdo dokázal vyčistit, popř. našel nějaké stopy o tom, že se někdo naboural do mého PC. Nejpravděpodobnější je, že disk má mechanickou závadu, ale nemohu vyloučit ani možnost, že disk poškodil útočník, aby mě přinutil k jeho formátování, čili k zahlazení stop.(Mám k tomu své důvody si tohle myslet.) Tento problém, pravděpodobně nebude souviset s banker trojanem, který je z největší pravděpodobností stále v systému, protože do té doby, než byly smazány některé důležité součásti Mbam, jsem byl při každém pokusu o připojení se na web mého internetového bankovnictví varován o vadném certifikátu a možnosti odcizení mých osobních údajů. Poté jsem to už raději nezkoušel protože bez pořádné ochrany to podle mých úsudků postrádá smysl. Rozhodně by mě však zajímalo, jak se takového trojana zbavím. Není to nic příjemného když člověk nemůže ze svého PC na online banking.
Ztráty dat se nebojím, takže jsem ochotný riskovat, pokud mi vyloženě neshoří pc. Koupil jsem si externí HDD, na který jsem ve stavu nouze nakopíroval důležitá data(projekty, hudba, mé fotky, osobní poznámky a jednu hru), takže šance že bych si na něj překopíroval infekci je mizivá. V momentě, kdy bych si překopíroval celý obsah disku na disk nový, by šance byla výrazně větší a možná, že za pár měsíců by na tom disk nový byl podobně.

Co teda dělat, poradí mi někdo?

[Reklama]

[jaro3]

Pokud jde o infekce , tak si měl použít Kaspersky Rescue Disk 10. Ale z toho se moc nedozvíš , musel bys u toho sedět a psát si nákazy sám.

Tak by šlo udělat tohle:
Stáhni Farbar Recovery Scan Tool x64
a ulož si ho na plochu.

Zapoj flashdisk do infikovaného počítače.
Zadej“ Možnosti obnovení systému“
Chceš-li zadat Volby pro obnovení systému z Rozšířené možnosti spuštění:
Restartuj počítač.Jakmile BIOS je načten stlač klávesu F8 a drž ji, dokud se zobrazí rozšířené možnosti spuštění.Pomocí kláves se šipkami vyber položku na opravu počítače menu.Vyber CZE jako nastavení jazyka klávesnice, a potom klepni na tlačítko Další.Vyber operační systém, který chceš opravit, a potom klepni na tlačítko Další.Vyber svůj uživatelský účet k klepni na tlačítko Další.
Chceš-li zadat Volby pro obnovení systému pomocí instalačního disku systému Windows:
Vlož instalační disk.Restartuj počítač.Pokud se zobrazí výzva, stiskni libovolnou klávesu pro spuštění systému Windows z instalačního disku. Pokud Tvůj počítač není nakonfigurován na spuštění z disku CD-ROM nebo DVD, zkontroluj nastavení systému BIOS.Klepni na tlačítko „Opravit tento počítač“.Vyberte CZE jako nastavení jazyka klávesnice, a potom klepni na tlačítko Další.Vyber operační systém, který chceš opravit, a potom klepni na tlačítko Další.Vyber svůj uživatelský účet a klepni na tlačítko Další.
V systémovém menu „Možnosti obnovení „ získáš následující možnosti:
Startup Repair
Obnovení systému Windows
Complete PC Restore
Windows Memory Diagnostic Tool
Příkazový řádek
Vyber příkazový řádek
V typu příkazu okna napiš „notepad“ a stiskni klávesu Enter. Poznámkový blok se otevře. V nabídce Soubor zvol Otevřít. Zvol "počítač" a najdi si flash písmeno jednotky a zavři poznámkový blok.V příkazovém okně e: \ frst64.exe a stiskněte klávesu Enter

Poznámka: Nahradit písmeno e písmenem vašeho flash disku. Nástroj začne běžet.Když nástroj otevře klepni na tlačítko „Yes“ (Ano) k potvrzení upozornění.
Nejprve stiskni tlačítko“ Skenovat“.
Program vyhotoví text. soubor.To bude protokol (FRST.txt)
Zadej následující v editačním okně po "Search(Hledání):"
services.exe
Klepni na tlačítko „Search“ (Hledat)
To bude druhý protokol (search.txt) Chci, abys sem vložil(a) oba , FRST.txt zprávu a search.txt .

[bbdra]

Sken v KRD se nezdařil, při pokusu o sken mi to píše následující text:
Error: cannot start task 'Scan_objects' , error=80000040

Kaspersky rescue disk jsem již použil dřive, ale něco mi brání ve skenování PC.


Zkusil jsem udělat opravu pomocí instalačního disku systému Windows.

V konzole pro zotavení jsem napsal přesnou cestu k souboru, ale můj flash disk bohužel v konzole nereaguje(je vypnutý), takže mi konzole napsala: jednotka není platná nebo v jednotce není disk. Ostatní USB zařízení, např. klávesnice fungují.

Na druhý pokus jsem v možnosti spouštění zvolil Stav nouze s možností MS-Dosu a pomocí příkazového řádku spustil FRST.exe z flashky.


Slouží konzola pro zotavení a stav nouze s MS-Dos k těmto účelům, udělal jsem to správně?
Návod byl podle mě spíš pro 64 bitový systémy.

[bbdra]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by Administrator (16-11-2016 13:47:00)
Running from G:\
Systém Microsoft Windows XP Professional Service Pack 2 (X86) (2016-11-14 03:16:03)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

1234 (S-1-5-21-725345543-1078081533-839522115-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\1234
Adam (S-1-5-21-725345543-1078081533-839522115-1003 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Adam
Administrator (S-1-5-21-725345543-1078081533-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-725345543-1078081533-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-725345543-1078081533-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-725345543-1078081533-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-725345543-1078081533-839522115-1002 - Limited - Disabled)
VUSR_BBDRA-4E56AF2B9 (S-1-5-21-725345543-1078081533-839522115-1006 - Limited - Enabled)
znk (S-1-5-21-725345543-1078081533-839522115-1007 - Limited - Enabled) => %SystemDrive%\Documents and Settings\znk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.8.1.21 (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bandicam (HKLM\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Blade & Soul (HKLM\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Borland Delphi 7 (HKLM\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cole2k Media - Codec Pack (Advanced) 7.1.0 (HKLM\...\Cole2k Media - Codec Pack) (Version: - Cole2k Media)
CrystalDiskInfo 7.0.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
DJ OldGames Package: William Shatners TekWar (HKLM\...\WilliamShatnersTekWar44) (Version: 1.0.3.0 - DJ)
Exterminate It! (HKLM\...\Exterminate It!) (Version: 2.12.05.30 - CURIOLAB S.M.B.A.)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version: - )
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
Freemake Video Converter verze 4.1.6 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Chromodo (HKLM\...\Chromodo) (Version: 45.9.12.392 - Comodo)
Immortal Cities: Children of the Nile (HKLM\...\InstallShield_{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}) (Version: 000.118.00075 - Tilted Mill Entertainment)
Immortal Cities: Children of the Nile (Version: 000.118.00075 - Tilted Mill Entertainment) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217000F0}) (Version: 7.0.0 - Oracle)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes Anti-Malware verze 1.75.0.1100 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version: - )
MiniTool Partition Wizard Free 9.0 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 321.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 321.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 321.01 (Version: 321.01 - NVIDIA Corporation) Hidden
Pharaoh (HKLM\...\Pharaoh) (Version: - )
Python 2.3 (HKLM\...\Python 2.3) (Version: - )
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.20.0000 - Realtek)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version: - )
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Skype™ 7.18 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.18.111 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Star Stable (HKLM\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
Sugar Bytes Effectrix Demo 1.4.3 (HKLM\...\Effectrix_is1) (Version: 1.4.3 - Sugar Bytes)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Trust Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.106 - Sonix)
VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\TekWar\www.oldgames.sk.lnk -> hxxp:
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Caesar III Website.lnk -> hxxp://www.caesar3.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Impressions Games Official Website.lnk -> hxxp://www.impressionsgames.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Pharaoh Official Expansion Cleopatra Website.lnk -> hxxp://cleopatra.impressionsgames.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Pharaoh Web Site.lnk -> hxxp://www.pharaoh1.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Sierra Website.lnk -> hxxp://www.sierra.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Zeus Master of Olympus Website.lnk -> hxxp://zeus.impressionsgames.com/

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\0670A9E26.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 13:00 - 2016-11-09 18:40 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-725345543-1078081533-839522115-500\Control Panel\Desktop\\Wallpaper -> (Žádný)
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Battle.net\Battle.net.exe] => Enabled:Battle.net
StandardProfile\AuthorizedApplications: [C:\Program Files\Hearthstone\Hearthstone.exe] => Enabled:Hearthstone
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Adam\Data aplikací\GameRanger\GameRanger\GameRanger.exe] => Enabled:GameRanger
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe] => Enabled:NVIDIA Network Service TCP Exception (HTTPS)
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE] => Enabled:Microsoft (R) Visual Studio VSA RPC Event Creator
StandardProfile\AuthorizedApplications: [C:\Python23\pythonw.exe] => Enabled:pythonw
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Games\World_of_Tanks\WoTLauncher.exe] => Enabled:World of Tanks Launcher
StandardProfile\AuthorizedApplications: [C:\Games\World_of_Tanks\WorldOfTanks.exe] => Disabled:World of Tanks
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre7\bin\javaw.exe] => Enabled:Java(TM) Platform SE binary
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VIA High Definition Audio
Description: VIA High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: VIA Technologies, Inc.
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2016 04:43:31 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (11/14/2016 04:43:31 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (11/12/2016 03:53:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace moviemk.exe, verze 2.1.4028.0, chybující modul moviemk.exe, verze 2.1.4028.0, adresa chyby 0x00049793.
Zpracování události, specifické pro médium ([moviemk.exe!ws!])

Error: (11/12/2016 03:53:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeVC.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: ConverterCommon.Models.FreemakeComException
Zásobník:
na MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.runTryCode(System.Object)
na System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na VideoConverter.App.Main()

Error: (11/10/2016 07:50:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace frst.exe, verze 6.11.2016.0, chybující modul frst.exe, verze 6.11.2016.0, adresa chyby 0x000211de.
Zpracování události, specifické pro médium ([frst.exe!ws!])

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt sběrače nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (0x80070490)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
0x%08x (0xc0041800 - Index obsahu nelze číst. )


System errors:
=============
Error: (11/16/2016 01:43:23 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu. při pokusu o spuštění služby EventSystem s argumenty
za účelem spuštění serveru:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba obnovení systému byla ukončena s následující chybou:
Došlo k vnitřní chybě.

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
AFD
AmdPPM
Fips
HWiNFO32
IPSec
klbackupflt
klhk
klpd
kltdf
kltdi
kneps
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
WS2IFSL

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě AFD, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (11/16/2016 01:43:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem TCP/IP, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (11/16/2016 01:42:12 PM) (Source: SRService) (EventID: 104) (User: )
Description: Proces inicializace nástroje Obnovení systému se nezdařil.

Error: (11/16/2016 01:41:59 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (11/16/2016 01:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 8%
Total physical RAM: 3327.23 MB
Available physical RAM: 3056.61 MB
Total Virtual: 5210.91 MB
Available Virtual: 5144.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1863.02 GB) (Free:1613.55 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:463.89 GB) NTFS
Drive e: (WXP_VOLCZ) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
Drive g: (MULTIBOOT) (Removable) (Total:7.31 GB) (Free:0.32 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 70AAB22D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1DA49027)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.3 GB) (Disk ID: 58833CD8)
Partition 1: (Active) - (Size=7.3 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

[bbdra]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2016
Ran by Administrator (administrator) on BBDRA-4E56AF2B9 (16-11-2016 13:44:58)
Running from G:\
Loaded Profiles: Administrator (Available Profiles: Adam & 1234 & znk & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 2 (X86) Language: Čeština
Internet Explorer Version 6 (Default browser: IE)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\system32\savedump.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.)
HKLM\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [tsnp2uvc] => C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe [321024 2010-09-20] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-725345543-1078081533-839522115-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-725345543-1078081533-839522115-500\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C8].txt [2991 2016-10-27] ()
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2004-08-17] (Microsoft Corporation)
Lsa: [Notification Packages] scecli
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No File
ShellExecuteHooks: - {56F9679E-7826-4C84-81F3-532071A8BCC5} - No File [ ]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{246B0004-9250-42B2-9B04-5ED47748EC56}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.microsoft.com/isapi/redir.dl ... date&O1=b1
URLSearchHook: [S-1-5-21-725345543-1078081533-839522115-500] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-06-15] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-03-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2016-02-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/deta ... ihfajigkka

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-02-10] (Adobe Systems Incorporated) [File not signed]
S3 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
S2 ChromodoUpdater; C:\Program Files\Comodo\Chromodo\chromodo_updater.exe [2062384 2016-02-03] (Comodo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1023728 2015-03-31] (Disc Soft Ltd) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-07-12] (Macrovision Europe Ltd.) [File not signed]
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1958408 2016-09-13] (LogMeIn Inc.) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2016-11-05] (Oracle Corporation)
S2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88696 2015-05-02] (VIA Technologies, Inc.)
S2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-08-31] (LogMeIn, Inc.) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-03-08] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-03-08] (Malwarebytes Corporation)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [293376 2008-04-14] (Microsoft Corporation) [File not signed]
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
S3 Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-06] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11832 2015-05-01] (Advanced Micro Devices Inc.)
S1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
S3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25104 2016-02-21] (Disc Soft Ltd)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2016-08-31] (LogMeIn, Inc.)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) [File not signed]
S1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-05-01] (REALiX(tm))
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
S2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [66976 2016-03-25] (AO Kaspersky Lab)
S3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [150408 2015-12-06] (AO Kaspersky Lab)
S1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [44216 2015-12-06] (AO Kaspersky Lab)
S1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [766360 2016-03-25] (AO Kaspersky Lab)
S3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [36024 2015-06-04] (Kaspersky Lab ZAO)
S3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [37040 2015-06-07] (Kaspersky Lab ZAO)
S1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-12-06] (AO Kaspersky Lab)
S1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [73912 2015-06-10] (Kaspersky Lab ZAO)
S1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
S1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [21104 2013-03-08] (Malwarebytes Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2016-11-13] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-17] (Microsoft Corporation)
S2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-08-21] (CACE Technologies, Inc.)
S3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [138040 2015-12-16] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] ()
S1 uzmymzq1; C:\WINDOWS\system32\Drivers\uzmymzq1.sys [11264 2016-04-16] () [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2561968 2015-05-02] (VIA Technologies, Inc.)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-16 13:41 - 2016-11-16 13:41 - 00106496 _____ C:\WINDOWS\Minidump\Mini111616-01.dmp
2016-11-16 13:06 - 2016-11-16 13:06 - 00000000 ____D C:\DAEMON Tools Lite
2016-11-16 12:46 - 2016-11-09 23:40 - 01759744 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2016-11-15 14:59 - 2016-11-15 14:59 - 00106496 _____ C:\WINDOWS\Minidump\Mini111516-03.dmp
2016-11-15 14:47 - 2016-11-15 14:47 - 00090112 _____ C:\WINDOWS\Minidump\Mini111516-02.dmp
2016-11-15 14:45 - 2016-11-15 14:45 - 00106496 _____ C:\WINDOWS\Minidump\Mini111516-01.dmp
2016-11-14 21:33 - 2016-11-14 21:33 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-25.dmp
2016-11-14 21:17 - 2016-11-14 21:17 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 11b.bmp
2016-11-14 21:16 - 2016-11-14 21:16 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 11.bmp
2016-11-14 21:15 - 2016-11-14 21:15 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 9.bmp
2016-11-14 21:15 - 2016-11-14 21:15 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 8.bmp
2016-11-14 21:15 - 2016-11-14 21:15 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 10.bmp
2016-11-14 21:14 - 2016-11-14 21:14 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 7.bmp
2016-11-14 21:14 - 2016-11-14 21:14 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 6.bmp
2016-11-14 21:13 - 2016-11-14 21:20 - 00161334 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 5.bmp
2016-11-14 21:13 - 2016-11-14 21:13 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 4.bmp
2016-11-14 21:12 - 2016-11-14 21:18 - 00196558 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 1.bmp
2016-11-14 21:12 - 2016-11-14 21:13 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 3.bmp
2016-11-14 21:12 - 2016-11-14 21:12 - 01440054 _____ C:\Documents and Settings\Adam\Plocha\Dial fix error 2.bmp
2016-11-14 20:43 - 2016-11-14 20:43 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-24.dmp
2016-11-14 20:42 - 2016-11-14 20:42 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-23.dmp
2016-11-14 20:32 - 2016-11-14 20:32 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-22.dmp
2016-11-14 20:17 - 2016-11-14 20:17 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
2016-11-14 20:15 - 2016-11-14 20:15 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\DivX
2016-11-14 20:11 - 2016-11-14 20:11 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-21.dmp
2016-11-14 20:08 - 2016-11-14 20:08 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\fl settings.bmp
2016-11-14 20:05 - 2016-11-14 20:05 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-20.dmp
2016-11-14 20:03 - 2016-11-14 20:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-19.dmp
2016-11-14 19:00 - 2016-11-14 19:00 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2016-11-14 18:25 - 2016-11-14 18:25 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-18.dmp
2016-11-14 18:18 - 2016-11-14 18:18 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-17.dmp
2016-11-14 16:32 - 2016-11-14 16:32 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-16.dmp
2016-11-14 16:31 - 2016-11-14 16:31 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-15.dmp
2016-11-14 16:26 - 2016-11-14 16:26 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-14.dmp
2016-11-14 16:24 - 2016-11-14 16:24 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-13.dmp
2016-11-14 16:18 - 2016-11-14 16:18 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-12.dmp
2016-11-14 16:13 - 2016-11-14 16:13 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-11.dmp
2016-11-14 16:11 - 2016-11-14 16:11 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-10.dmp
2016-11-14 16:08 - 2016-11-14 16:08 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-09.dmp
2016-11-14 14:45 - 2016-11-14 14:45 - 00000000 ____D C:\NVIDIA
2016-11-14 14:36 - 2016-11-14 14:36 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-08.dmp
2016-11-14 14:35 - 2016-11-14 14:35 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-07.dmp
2016-11-14 14:31 - 2016-11-05 12:00 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-11-14 14:31 - 2016-11-05 12:00 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-11-14 14:31 - 2016-11-05 12:00 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-11-14 14:19 - 2016-11-14 14:19 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-06.dmp
2016-11-14 14:18 - 2016-11-14 14:17 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-05.dmp
2016-11-14 14:16 - 2016-11-14 14:16 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-04.dmp
2016-11-14 13:43 - 2016-11-14 13:43 - 00362496 _____ (DjLizard.net) C:\Documents and Settings\Administrator\Plocha\Dial-a-fix-2006-09-19.exe
2016-11-14 13:32 - 2016-11-14 13:32 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-03.dmp
2016-11-14 04:48 - 2016-11-14 04:49 - 00133394 _____ C:\TDSSKiller.3.1.0.12_14.11.2016_04.48.27_log.txt
2016-11-14 04:48 - 2016-11-14 04:48 - 04656523 _____ C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
2016-11-14 04:48 - 2016-11-14 04:48 - 00000364 _____ C:\TDSSKiller.3.1.0.9_14.11.2016_04.48.03_log.txt
2016-11-14 04:48 - 2016-11-07 07:10 - 04747704 _____ (AO Kaspersky Lab) C:\Documents and Settings\Administrator\Plocha\TDSSKiller.exe
2016-11-14 04:42 - 2016-11-14 04:42 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\LogMeIn
2016-11-14 04:41 - 2016-11-14 18:26 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-14 04:22 - 2016-11-14 04:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-02.dmp
2016-11-14 04:21 - 2016-11-14 22:39 - 00004966 _____ C:\WINDOWS\SchedLgU.Txt
2016-11-14 04:20 - 2016-11-14 04:20 - 00106496 _____ C:\WINDOWS\Minidump\Mini111416-01.dmp
2016-11-14 04:16 - 2001-10-25 13:00 - 00028288 ____C C:\WINDOWS\system32\dllcache\xjis.nls
2016-11-14 04:15 - 2004-08-17 14:49 - 00460800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsvc.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00365568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svc.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00358400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpincl.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00259072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpcl.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smi2smir.exe
2016-11-14 04:15 - 2004-08-17 14:49 - 00188416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpsmir.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00103936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uihelper.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wam51.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamreg51.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\svcext51.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sspifilt.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ssinc51.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00044544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nsepm.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpthrd.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmp.exe
2016-11-14 04:15 - 2004-08-17 14:49 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmptrap.exe
2016-11-14 04:15 - 2004-08-17 14:49 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pwsdata.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpmib.dll
2016-11-14 04:15 - 2004-08-17 14:49 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcref.dll
2016-11-14 04:15 - 2004-08-03 22:04 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winzm.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsp.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winpy.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winar30.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phon.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quick.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniime.dll
2016-11-14 04:15 - 2004-08-03 22:04 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winime.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unicdime.ime
2016-11-14 04:15 - 2004-08-03 22:04 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\romanime.ime
2016-11-14 04:15 - 2004-08-03 22:00 - 00020736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ramdisk.sys
2016-11-14 04:15 - 2004-08-03 21:32 - 00571392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlgnt.ime
2016-11-14 04:15 - 2004-08-03 21:32 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintsetp.exe
2016-11-14 04:15 - 2004-08-03 21:32 - 00426041 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicepad.dll
2016-11-14 04:15 - 2004-08-03 21:32 - 00086073 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicesub.dll
2016-11-14 04:15 - 2004-08-03 21:32 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlphr.exe
2016-11-14 04:15 - 2004-08-03 21:32 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs404.dll
2016-11-14 04:15 - 2004-08-03 21:32 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmigrate.dll
2016-11-14 04:15 - 2004-08-03 21:31 - 00482304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlgnt.ime
2016-11-14 04:15 - 2004-08-03 21:31 - 00175104 ____C C:\WINDOWS\system32\dllcache\pintlcsa.dll
2016-11-14 04:15 - 2004-08-03 21:31 - 00070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlphr.exe
2016-11-14 04:15 - 2004-08-03 21:31 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmigrate.dll
2016-11-14 04:15 - 2004-08-03 21:31 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlcsd.dll
2016-11-14 04:15 - 2004-08-03 21:31 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs804.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00229439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\multibox.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00143422 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\softkey.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtstocom.exe
2016-11-14 04:15 - 2001-10-25 13:00 - 00101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prcp.nls
2016-11-14 04:15 - 2001-10-25 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prc.nls
2016-11-14 04:15 - 2001-10-25 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ext.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00069120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wingb.ime
2016-11-14 04:15 - 2001-10-25 13:00 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nextlink.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00036927 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs411.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pagecnt.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00031360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
2016-11-14 04:15 - 2001-10-25 13:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tools.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026624 ____C (RICOH Co., Ltd.) C:\WINDOWS\system32\dllcache\rw330ext.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rw001ext.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
2016-11-14 04:15 - 2001-10-25 13:00 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\permchk.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
2016-11-14 04:15 - 2001-10-25 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\status.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
2016-11-14 04:15 - 2001-10-25 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
2016-11-14 04:15 - 2001-10-25 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
2016-11-14 04:15 - 2001-10-25 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs412.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
2016-11-14 04:15 - 2001-10-25 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
2016-11-14 04:15 - 2001-10-25 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamps51.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svapi.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2016-11-14 04:15 - 2001-10-25 13:00 - 00004608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ctrs51.dll
2016-11-14 04:15 - 2001-10-24 12:25 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2016-11-14 04:15 - 2001-10-24 12:25 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2016-11-14 04:15 - 2001-10-24 12:25 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2016-11-14 04:15 - 2001-10-24 12:25 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2016-11-14 04:15 - 2001-10-24 12:25 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2016-11-14 04:15 - 2001-10-24 12:24 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00562688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00452096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00400896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00285184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00268288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpext.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00268288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infocomm.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00231936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscover.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00194560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00155136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iische51.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00143360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00126976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsv251.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\metada51.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iislog51.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00072192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpod51.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00037888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\md5filt.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00035840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iprip.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lmmib2.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gzip.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iscomlog.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisadmin.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lpdsvc.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lprmon.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetin51.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exstrace.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lonsint.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpmb51.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migregdb.exe
2016-11-14 04:14 - 2004-08-17 14:49 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisfecnv.dll
2016-11-14 04:14 - 2004-08-17 14:49 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpmib.dll
2016-11-14 04:14 - 2004-08-17 14:48 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
2016-11-14 04:14 - 2004-08-03 22:04 - 00106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrcic.dll
2016-11-14 04:14 - 2004-08-03 22:04 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekr61.ime
2016-11-14 04:14 - 2004-08-03 22:04 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmbx.dll
2016-11-14 04:14 - 2004-08-03 21:32 - 00274489 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputyc.dll
2016-11-14 04:14 - 2004-08-03 21:32 - 00262200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputy.exe
2016-11-14 04:14 - 2004-08-03 21:32 - 00233527 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjprw.exe
2016-11-14 04:14 - 2004-08-03 21:32 - 00208952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpmig.exe
2016-11-14 04:14 - 2004-08-03 21:32 - 00102456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imlang.dll
2016-11-14 04:14 - 2004-08-03 21:31 - 00811064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81k.dll
2016-11-14 04:14 - 2004-08-03 21:31 - 00716856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcus.dll
2016-11-14 04:14 - 2004-08-03 21:31 - 00368696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcic.dll
2016-11-14 04:14 - 2004-08-03 21:31 - 00340023 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81.ime
2016-11-14 04:14 - 2004-08-03 21:31 - 00307257 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.exe
2016-11-14 04:14 - 2004-08-03 21:31 - 00196665 ____C C:\WINDOWS\system32\dllcache\imjpinst.exe
2016-11-14 04:14 - 2004-08-03 21:31 - 00155705 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdsvr.exe
2016-11-14 04:14 - 2004-08-03 21:31 - 00081976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.dll
2016-11-14 04:14 - 2004-08-03 21:31 - 00059392 ____C C:\WINDOWS\system32\dllcache\imscinst.exe
2016-11-14 04:14 - 2003-03-24 15:52 - 00024632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2016-11-14 04:14 - 2003-03-24 15:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
2016-11-14 04:14 - 2002-05-14 13:08 - 00094208 ____C C:\WINDOWS\system32\dllcache\fpencode.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 13463552 ____C C:\WINDOWS\system32\dllcache\hwxjpn.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 10129408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxkor.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 10096640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxcht.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 01875968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.lex
2016-11-14 04:14 - 2001-10-25 13:00 - 01158818 ____C C:\WINDOWS\system32\dllcache\korwbrkr.lex
2016-11-14 04:14 - 2001-10-25 13:00 - 00471102 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskdic.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00315452 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskf.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00311359 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsv.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00137216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00134339 ____C C:\WINDOWS\system32\dllcache\imekr.lex
2016-11-14 04:14 - 2001-10-25 13:00 - 00112128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00108827 ____C C:\WINDOWS\system32\dllcache\hanja.lex
2016-11-14 04:14 - 2001-10-25 13:00 - 00102463 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsm.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
2016-11-14 04:14 - 2001-10-25 13:00 - 00092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\korwbrkr.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00060928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisclex4.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imkrinst.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00057398 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdadm.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00047066 ____C C:\WINDOWS\system32\dllcache\ksc.nls
2016-11-14 04:14 - 2001-10-25 13:00 - 00045109 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpuex.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmig.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hanjadic.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mdsync.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2016-11-14 04:14 - 2001-10-25 13:00 - 00022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logscrpt.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iiscrmap.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00011776 ____C (Microsoft Corporation)

[bbdra]

C:\WINDOWS\system32\dllcache\fxssend.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecat.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iwrps.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoctrs.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecnt.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpctrs2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnec95.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdibm02.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isapips.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41a.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iissync.exe
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41j.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdax2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd106n.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101a.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
2016-11-14 04:14 - 2001-10-25 13:00 - 00003584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismui.dll
2016-11-14 04:14 - 2001-10-24 12:24 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2016-11-14 04:14 - 2001-10-24 12:24 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00834048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00372736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asp51.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00330752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00290816 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adsiis51.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00133632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrtl.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00109056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\appconf.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isatq.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisext51.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismap.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\coadmin.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admwprox.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00042496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\davcdata.exe
2016-11-14 04:13 - 2004-08-17 14:49 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstas.exe
2016-11-14 04:13 - 2004-08-17 14:49 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admexs.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compfilt.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoadmn.dll
2016-11-14 04:13 - 2004-08-17 14:49 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\staxmem.dll
2016-11-14 04:13 - 2004-08-17 14:45 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logui.ocx
2016-11-14 04:13 - 2004-08-17 14:44 - 00278528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certwiz.ocx
2016-11-14 04:13 - 2004-08-17 14:44 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnfgprts.ocx
2016-11-14 04:13 - 2004-08-03 22:04 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dayi.ime
2016-11-14 04:13 - 2004-08-03 22:04 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chajei.ime
2016-11-14 04:13 - 2004-08-03 21:31 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintsetp.exe
2016-11-14 04:13 - 2004-08-03 21:31 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintime.dll
2016-11-14 04:13 - 2004-08-03 21:31 - 00173568 ____C C:\WINDOWS\system32\dllcache\chtskf.dll
2016-11-14 04:13 - 2004-08-03 21:31 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtmbx.dll
2016-11-14 04:13 - 2004-08-03 21:31 - 00057399 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cplexe.exe
2016-11-14 04:13 - 2004-08-03 21:31 - 00056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtskdic.dll
2016-11-14 04:13 - 2004-08-03 21:31 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintlgnt.ime
2016-11-14 04:13 - 2004-05-13 00:39 - 00876653 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
2016-11-14 04:13 - 2004-05-13 00:39 - 00598071 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
2016-11-14 04:13 - 2004-05-13 00:39 - 00184435 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
2016-11-14 04:13 - 2003-04-14 20:48 - 00212992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2016-11-14 04:13 - 2003-04-14 20:48 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00188494 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00188480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00147513 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00102509 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00082035 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00049212 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00049210 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00041020 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00032827 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00032826 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00020538 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00020536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
2016-11-14 04:13 - 2003-03-24 15:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2016-11-14 04:13 - 2003-03-24 15:52 - 00016437 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
2016-11-14 04:13 - 2002-05-14 13:08 - 00109328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
2016-11-14 04:13 - 2002-05-14 13:08 - 00014608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 01677824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chsbrkr.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtbrkr.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00171008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisui.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00162850 ____C C:\WINDOWS\system32\dllcache\c_10001.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certmap.ocx
2016-11-14 04:13 - 2001-10-25 13:00 - 00082172 ____C C:\WINDOWS\system32\dllcache\bopomofo.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066728 ____C C:\WINDOWS\system32\dllcache\big5.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2016-11-14 04:13 - 2001-10-25 13:00 - 00050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetsloc.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisreset.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.exe
2016-11-14 04:13 - 2001-10-25 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamregps.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsapi2.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
2016-11-14 04:13 - 2001-10-25 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstap.dll
2016-11-14 04:13 - 2001-10-24 12:24 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2016-11-14 04:13 - 2001-10-24 12:24 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2016-11-14 04:12 - 2016-11-14 04:12 - 00001581 _____ C:\Documents and Settings\All Users\Nabídka Start\Aktivace systému Windows.lnk
2016-11-14 04:12 - 2016-11-14 04:12 - 00000410 _____ C:\WINDOWS\OEWABLog.txt
2016-11-14 04:10 - 2016-11-14 04:10 - 00000749 ___RH C:\WINDOWS\WindowsShell.Manifest
2016-11-14 04:10 - 2016-11-14 04:10 - 00000749 ___RH C:\WINDOWS\system32\wuaucpl.cpl.manifest
2016-11-14 04:10 - 2016-11-14 04:10 - 00000749 ___RH C:\WINDOWS\system32\sapi.cpl.manifest
2016-11-14 04:10 - 2016-11-14 04:10 - 00000749 ___RH C:\WINDOWS\system32\nwc.cpl.manifest
2016-11-14 04:10 - 2016-11-14 04:10 - 00000749 ___RH C:\WINDOWS\system32\ncpa.cpl.manifest
2016-11-14 04:10 - 2016-11-14 04:10 - 00000488 ___RH C:\WINDOWS\system32\logonui.exe.manifest
2016-11-14 04:09 - 2016-11-14 04:09 - 00000000 ___HD C:\Program Files\WindowsUpdate
2016-11-14 04:09 - 2001-10-25 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isignup.exe
2016-11-14 04:08 - 2004-08-17 14:49 - 00215552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwconn1.exe
2016-11-14 04:08 - 2004-08-17 14:49 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwconn2.exe
2016-11-14 04:08 - 2004-08-17 14:49 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwdl.dll
2016-11-14 04:08 - 2004-08-17 14:49 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetwiz.exe
2016-11-14 04:07 - 2016-11-14 04:07 - 00000000 ____D C:\Program Files\ComPlus Applications
2016-11-14 03:59 - 2016-11-14 03:59 - 00000124 _____ C:\WINDOWS\pnplog.txt
2016-11-14 03:49 - 2004-08-17 15:50 - 01014483 ____R C:\WINDOWS\SETED.tmp
2016-11-14 03:49 - 2004-08-17 15:50 - 01014483 ____C C:\WINDOWS\system32\dllcache\SP2.CAT
2016-11-14 03:49 - 2004-08-17 15:50 - 00102826 ____C C:\WINDOWS\system32\dllcache\tabletpc.cat
2016-11-14 03:49 - 2004-08-17 15:46 - 01086058 ____R C:\WINDOWS\SETF0.tmp
2016-11-14 03:49 - 2004-08-17 15:46 - 01086058 ____C C:\WINDOWS\system32\dllcache\NTPRINT.CAT
2016-11-14 03:49 - 2004-08-17 15:46 - 00621080 ____C C:\WINDOWS\system32\dllcache\NT5INF.CAT
2016-11-14 03:49 - 2004-08-17 15:46 - 00141702 ____C C:\WINDOWS\system32\dllcache\netfx.cat
2016-11-14 03:49 - 2004-08-17 15:46 - 00030983 ____C C:\WINDOWS\system32\dllcache\FP4.CAT
2016-11-14 03:49 - 2004-08-17 15:46 - 00014043 ____R C:\WINDOWS\SETFC.tmp
2016-11-14 03:49 - 2004-08-17 15:46 - 00014043 ____C C:\WINDOWS\system32\dllcache\IMS.CAT
2016-11-14 03:49 - 2004-08-17 15:46 - 00009581 ____C C:\WINDOWS\system32\dllcache\MSMSGS.CAT
2016-11-14 03:49 - 2004-08-17 15:46 - 00007245 ____C C:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2016-11-14 03:49 - 2004-08-17 15:45 - 01896102 ____C C:\WINDOWS\system32\dllcache\NT5.CAT
2016-11-14 03:49 - 2004-08-17 15:44 - 00031965 ____C C:\WINDOWS\system32\dllcache\mediactr.cat
2016-11-14 03:49 - 2001-10-25 13:00 - 00809394 ____C C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2016-11-14 03:49 - 2001-10-25 13:00 - 00399670 ____C C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2016-11-14 03:49 - 2001-10-25 13:00 - 00037509 ____C C:\WINDOWS\system32\dllcache\MW770.CAT
2016-11-14 03:49 - 2001-10-25 13:00 - 00024661 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxcoins.dll
2016-11-14 03:49 - 2001-10-25 13:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS\system32\spxcoins.dll
2016-11-14 03:49 - 2001-10-25 13:00 - 00013497 ____C C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2016-11-14 03:49 - 2001-10-25 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irclass.dll
2016-11-14 03:49 - 2001-10-25 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\irclass.dll
2016-11-14 03:49 - 2001-10-25 13:00 - 00008599 ____C C:\WINDOWS\system32\dllcache\IASNT4.CAT
2016-11-14 03:49 - 2001-10-25 13:00 - 00007382 ____C C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2016-11-14 03:48 - 2016-11-14 04:18 - 00819331 _____ C:\WINDOWS\setuplog.txt
2016-11-12 15:53 - 2016-11-12 15:53 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\WMTools Downloaded Files
2016-11-12 02:39 - 2010-09-13 13:06 - 03563776 _____ () C:\WINDOWS\system32\Drivers\snp2uvc.sys
2016-11-12 02:39 - 2010-08-06 15:48 - 00306688 _____ (Sonix Technology Co., Ltd.) C:\WINDOWS\system32\vsnp2uvc.dll
2016-11-12 02:39 - 2009-08-13 20:33 - 00239616 _____ ( ) C:\WINDOWS\system32\rsnp2uvc.dll
2016-11-12 02:39 - 2009-08-12 15:06 - 00662016 _____ (Sonix) C:\WINDOWS\vsnp2uvc.exe
2016-11-12 02:39 - 2009-07-21 12:08 - 00013021 _____ C:\WINDOWS\snp2uvc.src
2016-11-12 02:39 - 2009-02-16 18:32 - 00196608 _____ ( ) C:\WINDOWS\system32\csnp2uvc.dll
2016-11-12 02:39 - 2008-12-29 17:13 - 00028544 _____ C:\WINDOWS\system32\Drivers\sncduvc.sys
2016-11-12 02:39 - 2006-05-19 11:39 - 00015497 _____ C:\WINDOWS\snp2uvc.ini
2016-11-12 02:38 - 2016-11-12 02:39 - 00000000 ____D C:\Program Files\Common Files\SNP2UVC
2016-11-12 02:38 - 2016-11-12 02:38 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Trust Webcam
2016-11-11 21:14 - 2016-11-11 21:14 - 00000775 _____ C:\Documents and Settings\Adam\Plocha\chromodo.exe.lnk
2016-11-11 19:28 - 2016-11-11 19:28 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-11-11 19:28 - 2016-11-11 19:28 - 00000000 ____D C:\download
2016-11-11 10:00 - 2016-11-14 03:00 - 00124258 _____ C:\WINDOWS\setupapi.old
2016-11-10 19:53 - 2016-11-13 15:41 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2016-11-10 19:48 - 2016-11-16 13:42 - 01573424 _____ C:\WINDOWS\ntbtlog.txt
2016-11-09 23:41 - 2016-11-16 13:44 - 00000000 ____D C:\FRST
2016-11-09 18:51 - 2016-11-09 18:51 - 00000512 _____ C:\Documents and Settings\1234\Plocha\MBR.dat
2016-11-09 18:44 - 2016-11-16 13:45 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2016-11-09 18:44 - 2016-11-14 16:50 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\znk\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2016-11-09 18:22 - 2016-11-09 18:22 - 00000000 ____D C:\Documents and Settings\1234\Plocha\backups
2016-11-05 17:22 - 2016-11-05 17:22 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\.minecraft
2016-11-05 16:53 - 2016-11-14 21:34 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 __SHD C:\Documents and Settings\Default User\IETldCache
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 ____D C:\Documents and Settings\Default User\Data aplikací\Adobe
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\LogMeIn
2016-11-05 16:52 - 2016-11-06 09:59 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:52 - 2016-11-05 16:52 - 00000697 _____ C:\Documents and Settings\Adam\Plocha\LogMeIn Hamachi.lnk
2016-11-05 16:52 - 2016-11-05 16:52 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2016-11-05 16:52 - 2016-11-05 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2016-11-05 16:52 - 2016-08-31 15:46 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys
2016-11-05 16:51 - 2016-11-16 13:36 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:51 - 2016-11-14 16:37 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:51 - 2016-11-05 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2016-11-05 16:51 - 2016-11-05 16:51 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\LogMeIn
2016-11-05 12:14 - 2016-11-05 12:26 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\.technic
2016-11-05 12:01 - 2016-11-05 17:15 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\.technic
2016-11-05 12:01 - 2016-11-05 12:01 - 00000000 ____D C:\Program Files\Common Files\Java
2016-11-05 12:00 - 2016-11-05 12:00 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-11-05 12:00 - 2016-11-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2016-11-05 11:54 - 2016-11-05 11:54 - 04959431 _____ (Mc Phoenix Launcher) C:\Documents and Settings\Adam\Plocha\TLv4.0-238-32b-win.exe
2016-11-05 11:51 - 2016-11-05 12:00 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-11-05 11:43 - 2016-11-05 11:44 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\.minecraft
2016-11-04 10:26 - 2016-11-04 10:26 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\ProductData
2016-11-03 20:35 - 2016-11-03 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2016-11-03 20:35 - 2016-11-03 20:35 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\ProductData
2016-11-03 20:33 - 2016-11-14 21:41 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Temp
2016-11-03 20:33 - 2016-11-03 20:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-11-03 19:04 - 2016-11-03 19:04 - 00006274 _____ C:\Documents and Settings\1234\Plocha\rk_33.tmp
2016-11-02 23:18 - 2016-11-02 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
2016-11-02 23:18 - 2016-11-02 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sophos
2016-11-02 23:17 - 2016-11-02 23:17 - 00000000 ____D C:\Program Files\Sophos
2016-10-25 00:13 - 2016-10-25 00:13 - 00000000 ____D C:\Program Files\Codemasters
2016-10-19 03:38 - 2016-10-19 03:38 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-16 13:41 - 2015-07-06 03:54 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-16 13:38 - 2015-04-30 21:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-16 13:03 - 2015-05-02 03:34 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-11-16 12:46 - 2015-05-02 03:34 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2016-11-15 15:41 - 2015-05-02 03:34 - 00000000 __SHD C:\WINDOWS\CSC
2016-11-15 15:10 - 2015-04-30 21:31 - 00000000 ____D C:\Documents and Settings\Adam\Plocha
2016-11-15 14:51 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\security
2016-11-14 22:39 - 2015-04-30 21:31 - 00000000 ____D C:\Documents and Settings\Adam
2016-11-14 22:33 - 2015-05-01 21:47 - 00028262 _____ C:\WINDOWS\system32\nvAppTimestamps
2016-11-14 20:38 - 2016-03-06 23:37 - 00000178 ___SH C:\Documents and Settings\1234\ntuser.ini
2016-11-14 19:00 - 2015-05-02 03:34 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2016-11-14 19:00 - 2010-09-07 12:02 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Adobe
2016-11-14 18:32 - 2016-08-30 21:25 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\nové utility
2016-11-14 18:30 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234\Plocha
2016-11-14 16:47 - 2016-08-06 14:04 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\složky
2016-11-14 15:57 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Dokumenty
2016-11-14 15:51 - 2016-02-26 15:45 - 00000000 ____D C:\Documents and Settings\Adam\Dokumenty\Camera
2016-11-14 15:32 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Dokumenty\Obrázky
2016-11-14 15:30 - 2015-07-04 23:40 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\vlc
2016-11-14 15:15 - 2016-01-27 13:23 - 00000767 _____ C:\Documents and Settings\Adam\Nabídka Start\Programy\Internet Explorer.lnk
2016-11-14 15:15 - 2015-04-30 21:31 - 00000792 _____ C:\Documents and Settings\Adam\Nabídka Start\Programy\Windows Media Player.lnk
2016-11-14 15:15 - 2015-04-30 21:31 - 00000000 __RHD C:\Documents and Settings\Adam\Data aplikací
2016-11-14 15:15 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Oblíbené položky
2016-11-14 15:15 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Nabídka Start\Programy
2016-11-14 15:15 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Dokumenty\Hudba
2016-11-14 15:13 - 2016-06-15 10:49 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\vlc
2016-11-14 15:09 - 2016-06-02 14:41 - 00000000 ____D C:\Documents and Settings\1234\Dokumenty\Bandicam
2016-11-14 15:09 - 2016-04-17 11:43 - 00016384 _____ C:\Documents and Settings\1234\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-14 15:05 - 2016-03-11 14:39 - 00000000 ____D C:\Documents and Settings\1234\Plocha\utility
2016-11-14 15:03 - 2015-04-30 23:13 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-11-14 14:52 - 2015-04-30 21:26 - 00000000 ____D C:\WINDOWS\system32\DirectX
2016-11-14 14:31 - 2016-02-05 15:47 - 00000000 ____D C:\Program Files\Java
2016-11-14 14:31 - 2015-04-30 23:14 - 01238318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-14 14:31 - 2001-10-25 13:00 - 00518652 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-14 14:31 - 2001-10-25 13:00 - 00110822 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-14 04:48 - 2015-05-02 03:34 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2016-11-14 04:46 - 2015-04-30 23:12 - 31719424 _____ C:\WINDOWS\system32\config\software.sav
2016-11-14 04:46 - 2015-04-30 23:12 - 05242880 _____ C:\WINDOWS\system32\config\system.sav
2016-11-14 04:46 - 2015-04-30 23:12 - 00290816 _____ C:\WINDOWS\system32\config\default.sav
2016-11-14 04:46 - 2015-04-30 23:12 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2016-11-14 04:46 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\Setup
2016-11-14 04:46 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\Help
2016-11-14 04:45 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\usmt
2016-11-14 04:45 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\PeerNet
2016-11-14 04:45 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\Media
2016-11-14 04:45 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\ime
2016-11-14 04:44 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\npp
2016-11-14 04:44 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\msagent
2016-11-14 04:42 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\1029
2016-11-14 04:41 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-11-14 04:40 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\ias
2016-11-14 04:40 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\1033
2016-11-14 04:39 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-11-14 04:27 - 2001-10-25 13:00 - 00000683 _____ C:\WINDOWS\win.ini
2016-11-14 04:26 - 2015-04-30 23:05 - 00000000 ___HD C:\WINDOWS\inf
2016-11-14 04:26 - 2015-04-30 21:23 - 00000000 ____D C:\WINDOWS\Registration
2016-11-14 04:19 - 2016-03-06 23:37 - 00000792 _____ C:\Documents and Settings\1234\Nabídka Start\Programy\Windows Media Player.lnk
2016-11-14 04:19 - 2016-03-06 23:37 - 00000767 _____ C:\Documents and Settings\1234\Nabídka Start\Programy\Internet Explorer.lnk
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 __RHD C:\Documents and Settings\1234\Data aplikací
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Oblíbené položky
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Nabídka Start\Programy
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Dokumenty\Obrázky
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Dokumenty\Hudba
2016-11-14 04:19 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Dokumenty
2016-11-14 04:18 - 2015-04-30 23:12 - 00148400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-14 04:18 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-11-14 04:17 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-11-14 04:16 - 2015-04-30 23:05 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-11-14 04:12 - 2016-01-27 02:34 - 00262144 _____ C:\WINDOWS\system32\config\userdifr
2016-11-14 04:12 - 2015-04-30 23:14 - 00004249 _____ C:\WINDOWS\ODBCINST.INI
2016-11-14 04:12 - 2015-04-30 23:13 - 00000000 ___RD C:\Documents and Settings\Default User\Nabídka Start\Programy
2016-11-14 04:12 - 2015-04-30 23:13 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2016-11-14 04:12 - 2015-04-30 21:28 - 00001607 _____ C:\Documents and Settings\All Users\Nabídka Start\Přístup a výchozí nastavení programů.lnk
2016-11-14 04:12 - 2015-04-30 21:28 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-11-14 04:12 - 2015-04-30 21:28 - 00001507 _____ C:\Documents and Settings\All Users\Nabídka Start\Windows Update.lnk
2016-11-14 04:12 - 2015-04-30 21:28 - 00000792 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Windows Media Player.lnk
2016-11-14 04:12 - 2015-04-30 21:28 - 00000398 _____ C:\Documents and Settings\All Users\Nabídka Start\Katalog systému Windows.lnk
2016-11-14 04:12 - 2015-04-30 21:27 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2016-11-14 04:12 - 2015-04-30 21:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Nástroje pro správu
2016-11-14 04:10 - 2015-04-30 23:05 - 00000000 ___RD C:\WINDOWS\Web
2016-11-14 04:10 - 2015-04-30 21:26 - 00000749 ___RH C:\WINDOWS\system32\cdplayer.exe.manifest
2016-11-14 04:10 - 2015-04-30 21:26 - 00000488 ___RH C:\WINDOWS\system32\WindowsLogon.manifest
2016-11-14 04:09 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-14 04:09 - 2015-04-30 21:26 - 00000786 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Movie Maker.lnk
2016-11-14 04:09 - 2015-04-30 21:26 - 00000000 ___RD C:\Documents and Settings\Default User\Nabídka Start\Programy\Příslušenství
2016-11-14 04:09 - 2015-04-30 21:25 - 00000000 ____D C:\WINDOWS\srchasst
2016-11-14 04:09 - 2015-04-30 21:25 - 00000000 ____D C:\Program Files\Movie Maker
2016-11-14 04:08 - 2015-04-30 21:24 - 00000000 ____D C:\Program Files\Outlook Express
2016-11-14 04:08 - 2015-04-30 21:24 - 00000000 ____D C:\Program Files\NetMeeting
2016-11-14 04:08 - 2015-04-30 21:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-11-14 04:07 - 2015-04-30 21:24 - 00025076 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-11-14 04:07 - 2015-04-30 21:24 - 00000615 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
2016-11-14 04:07 - 2015-04-30 21:22 - 00000000 ____D C:\WINDOWS\system32\Com
2016-11-14 04:06 - 2015-04-30 21:22 - 00000000 ____D C:\Program Files\Windows NT
2016-11-14 04:04 - 2015-04-30 23:12 - 00000211 ___SH C:\boot.ini
2016-11-14 03:57 - 2015-05-01 21:43 - 01114168 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2016-11-14 03:57 - 2015-05-01 21:43 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2016-11-14 03:50 - 2001-10-25 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-11-14 03:49 - 2015-04-30 23:12 - 00000000 ___HD C:\Documents and Settings\Default User
2016-11-14 03:49 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\system
2016-11-14 03:27 - 2016-03-10 23:36 - 00032566 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2016-11-14 03:27 - 2015-04-30 23:12 - 00057344 _____ C:\WINDOWS\system32\config\security.sav
2016-11-14 03:15 - 2016-03-10 21:52 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\Skype
2016-11-12 15:53 - 2016-03-06 23:37 - 00000000 ___HD C:\Documents and Settings\1234\Local Settings\Data aplikací
2016-11-12 02:38 - 2015-05-01 21:19 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-11-12 02:38 - 2015-04-30 23:13 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-11-11 21:32 - 2015-06-08 17:03 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\Skype
2016-11-11 21:27 - 2015-05-08 23:19 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\Battle.net
2016-11-11 19:39 - 2016-03-15 19:40 - 00000000 ____D C:\WINDOWS\PixArt
2016-11-11 15:42 - 2016-04-29 17:27 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-11-11 15:42 - 2016-04-29 17:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
2016-11-11 15:42 - 2016-03-06 23:41 - 00026824 _____ C:\Documents and Settings\1234\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-11-10 13:16 - 2015-05-08 23:18 - 00000000 ____D C:\Program Files\Battle.net
2016-11-10 11:49 - 2015-04-30 21:30 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-11-09 23:53 - 2015-05-08 23:50 - 00000000 ____D C:\Program Files\Hearthstone
2016-11-09 23:35 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234
2016-11-09 23:34 - 2016-03-15 09:55 - 00000000 ____D C:\WINDOWS\erdnt
2016-11-09 18:39 - 2015-05-02 03:33 - 00165298 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2016-11-09 18:39 - 2015-04-30 23:12 - 31719424 _____ C:\WINDOWS\system32\config\software.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 05242880 _____ C:\WINDOWS\system32\config\system.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00290816 _____ C:\WINDOWS\system32\config\default.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00057344 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00032768 _____ C:\WINDOWS\system32\config\SAM.bak
2016-11-08 23:13 - 2015-05-10 18:36 - 00044032 _____ C:\Documents and Settings\Adam\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-08 20:24 - 2016-03-15 23:03 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\Battle.net
2016-11-08 11:58 - 2015-07-04 23:23 - 00000000 ____D C:\KMPlayer
2016-11-08 02:58 - 2015-05-02 02:06 - 00000000 ____D C:\Program Files\Exterminate It!
2016-11-07 00:06 - 2016-02-13 18:54 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\StarStableOnline
2016-11-06 00:49 - 2016-03-10 21:39 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\StarStableOnline
2016-11-05 16:53 - 2015-04-30 23:13 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2016-11-05 16:53 - 2015-04-30 21:31 - 00000000 ___HD C:\Documents and Settings\Adam\Local Settings\Data aplikací
2016-11-05 16:52 - 2015-04-30 23:13 - 00000000 ___HD C:\Documents and Settings\Default User\Local Settings\Data aplikací
2016-11-05 16:51 - 2015-04-30 23:13 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-11-05 12:43 - 2016-02-06 11:42 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\.minecraft
2016-11-03 20:31 - 2016-03-14 23:37 - 00000000 ____D C:\zoek_backup
2016-11-03 20:30 - 2016-02-06 09:31 - 00000000 ____D C:\Documents and Settings\znk\Local Settings\Data aplikací\Google
2016-11-03 20:22 - 2016-02-06 09:30 - 00000000 __RHD C:\Documents and Settings\znk\Data aplikací
2016-11-03 06:30 - 2016-03-10 23:15 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-01 16:20 - 2015-05-02 02:14 - 00000000 ____D C:\AdwCleaner
2016-10-31 18:45 - 2016-10-15 17:05 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\TS3Client
2016-10-28 05:00 - 2016-03-07 01:34 - 00611514 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-725345543-1078081533-839522115-1005-0.dat
2016-10-27 22:02 - 2016-08-09 20:10 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\DAEMON Tools Lite
2016-10-25 00:04 - 2015-04-30 23:12 - 00000000 ____D C:\Documents and Settings
2016-10-23 18:32 - 2016-02-13 18:54 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\StarStableOnline
2016-10-22 21:26 - 2015-07-26 18:47 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\TS3Client
2016-10-19 23:20 - 2015-05-02 03:33 - 01739602 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-725345543-1078081533-839522115-1003-0.dat
2016-10-19 13:18 - 2015-05-02 03:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2016-10-19 03:38 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\Google
2016-10-18 00:29 - 2016-02-11 19:15 - 00000000 ____D C:\Program Files\PokerStars.NET

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[bbdra]

Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by Administrator (16-11-2016 13:48:38)
Running from G:\
Boot Mode: Safe Mode (minimal)

================== Search Files: "services.exe" =============

C:\WINDOWS\system32\services.exe
[2004-08-17 14:49][2004-08-17 14:49] 0108544 ____A (Microsoft Corporation) 6E401E61F952FBBF708AFBECEFAFAE81 [File is digitally signed]

C:\WINDOWS\system32\dllcache\services.exe
[2004-08-17 14:49][2004-08-17 14:49] 0108544 ___AC (Microsoft Corporation) 6E401E61F952FBBF708AFBECEFAFAE81 [File is digitally signed]

C:\WINDOWS\erdnt\cache\services.exe
[2016-03-15 10:03][2009-02-09 12:25] 0111104 ____A (Microsoft Corporation) 9EF697AF07BB8DD82C3B02CA953A95B7 [File not signed]

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2015-05-02 09:25][2009-02-09 12:18] 0111104 ____A (Microsoft Corporation) 3D107D45CCFDB266E91D84B52CD7F430 [File not signed]

====== End of Search ======

[jaro3]

Vlož USB flash disk do infikovaného počítače
Zadej „ Možnosti obnovy systému“ (stiskni klávesu F8 při startu) a potom vyber „ Příkazový řádek“.
Spusť FRST, a stiskni tlačítko „Fix“ (Opravit) jen jednou a počkej, program se automaticky spustí a vyhotoví log na flash disk (fixlist.txt). Vlož sem celý jeho obsah.

Kód: Vybrat vše

IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100sexlinks.com -> 100sexlinks.com
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No File
ShellExecuteHooks: - {56F9679E-7826-4C84-81F3-532071A8BCC5} - No File [ ]
URLSearchHook: [S-1-5-21-725345543-1078081533-839522115-500] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
S4 IntelIde; no ImagePath
2016-11-14 04:13 - 2001-10-25 13:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
C:\WINDOWS\SETED.tmp
C:\WINDOWS\SETF0.tmp
C:\WINDOWS\SETFC.tmp


Poznámka: Je důležité, aby oba soubory, FrSt a fixlist.txt byly na stejném místě , jinak oprava nebude fungovat.(máte FrSt ve své stažené složce "Spuštění z D: \ Users \ jméno \ Downloads", takže fixlist.txt musí být uložen tam)
UPOZORNĚNÍ: Tento skript byl napsán speciálně pro tohoto uživatele, pro použití na daném stroji. Běží to na jiném počítači, může dojít k poškození vašeho operačního systému
Spusťte FRST64 a stiskněte tlačítko Fix (Opravit) jen jednou a čekat.
Na ploše se objeví log (Fixlog.txt). Prosím, vlož ho sem..


V programech je Exterminate It!
což je další antivir , ale jeho součásti nelze dohledat.
Jinak žádná podstatná nákaza v logu vidět není , ani keylogger.

[bbdra]

Program 2x v průběhu čištění spadl, na třetí pokus se čištění dokončilo, takže možná bude chybět část logu.

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by Administrator (16-11-2016 20:46:13) Run:6
Running from G:\
Loaded Profiles: Administrator (Available Profiles: Adam & 1234 & znk & Administrator)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\100sexlinks.com -> 100sexlinks.com
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No File
ShellExecuteHooks: - {56F9679E-7826-4C84-81F3-532071A8BCC5} - No File [ ]
URLSearchHook: [S-1-5-21-725345543-1078081533-839522115-500] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
S4 IntelIde; no ImagePath
2016-11-14 04:13 - 2001-10-25 13:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
2016-11-14 04:13 - 2001-10-25 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
C:\WINDOWS\SETED.tmp
C:\WINDOWS\SETF0.tmp
C:\WINDOWS\SETFC.tmp
*****************

HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => could not removekey. key is possibly corrupted
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com => could not removekey. key is possibly corrupted
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com => could not removekey. key is possibly corrupted
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz => could not removekey. key is possibly corrupted
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net => could not removekey. key is possibly corrupted
HKU\S-1-5-21-725345543-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com => could not removekey. key is possibly corrupted
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WPDShServiceObj => value not found.
"HKLM\Software\Classes\CLSID\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{56F9679E-7826-4C84-81F3-532071A8BCC5} => value removed successfully.
"HKCR\CLSID\{56F9679E-7826-4C84-81F3-532071A8BCC5}" => key removed successfully.
Could not restore Default URLSearchHook.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => key removed successfully.
"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}" => key removed successfully.
"HKCR\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => key removed successfully.
"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => key removed successfully.
IntelIde => service removed successfully.
C:\WINDOWS\system32\dllcache\c_10002.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1361.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20005.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20001.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20003.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20932.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20004.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20000.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20949.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_10003.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20936.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20002.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_10008.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_864.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_862.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_858.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_720.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_870.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_708.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_28596.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_21027.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_21025.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20924.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20880.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20871.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20838.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20833.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20424.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20423.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20420.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20297.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20290.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20285.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20284.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20280.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20278.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20277.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20273.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20269.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20108.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20107.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20106.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_20105.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1149.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1148.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1147.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1146.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1145.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1144.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1143.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1142.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1141.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1140.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_1047.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_10021.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_10005.nls => moved successfully
C:\WINDOWS\system32\dllcache\c_10004.nls => moved successfully
C:\WINDOWS\SETED.tmp => moved successfully
C:\WINDOWS\SETF0.tmp => moved successfully
C:\WINDOWS\SETFC.tmp => moved successfully

==== End of Fixlog 20:46:41 ====

[jaro3]

Spusť OTL a klikni na Vyčisti.

Já myslím , že s tím nic dalšího neuděláme.

[bbdra]

Mám dobré zprávy, nainstaloval jsem kopii windows a zkušební verzi Kaspersky. Vše zatím funguje a žádné viry to nenašlo.
Chci se zeptat, co přesně dělá např. toto:

IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

nebo tyto soubory:

C:\WINDOWS\system32\dllcache\c_10004.nls => moved successfully
C:\WINDOWS\SETED.tmp => moved successfully

A ještě bych poprosil o link na OTL. Díky

[jaro3]

1-britney-spears-nude.com-- Pornhub.com takže se to maže jako adware.

C:\WINDOWS\system32\dllcache\c_10004.nls => moved successfully- chybové zprávy NLS (zbytečné)

C:\WINDOWS\SETED.tmp => moved successfully -- Dočasné soubory systému Windows

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.