Prosím o kontrolu logu

[jaro3]

Vlož nový log z HJT + informuj o problémech.

[Reklama]

[spini11]

HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:39:11, on 24.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Admin123\Downloads\hijackthis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_015C5B588226AE512C03D68BD9593816] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Touchpad Server.lnk = C:\Program Files (x86)\Things & Stuff\Touchpad Server\TouchpadServer.exe
O8 - Extra context menu item: Call this number using SideSync - res://C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll/105
O8 - Extra context menu item: Volat toto číslo pomocí aplikace SideSync - res://C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll/105
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11102 bytes

Věe je v pořádku jenom začala vyskakovat hláška s problémem "dllhost.exe"
Až znovu vyskočí nápíšu detailnější info...

[spini11]

Chybová hláška

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[spini11]

chybné vložení

[spini11]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by Admin123 (administrator) on DESKTOP-4557LVV (24-02-2016 17:37:41)
Running from C:\Users\Admin123\Downloads
Loaded Profiles: Admin123 (Available Profiles: Admin123 & Babetka)
Platform: Windows 10 Home Version 1511 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4888264 2016-01-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-02-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2539984 2015-11-30] (FileZilla Project)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-01-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [9918104 2015-12-22] ()
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Run: [GoogleChromeAutoLaunch_015C5B588226AE512C03D68BD9593816] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
Startup: C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Touchpad Server.lnk [2016-02-08]
ShortcutTarget: Touchpad Server.lnk -> C:\Program Files (x86)\Things & Stuff\Touchpad Server\TouchpadServer.exe (Things & Stuff)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{1bcffda5-c4cd-461a-83c2-c7b70130a0e6}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{d5a7330a-6066-497f-afb5-dfceb77cd9ef}: [DhcpNameServer] 8.8.8.8 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp
SearchScopes: HKU\S-1-5-21-583393380-1616411477-220059149-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-02-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-01-29] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-01-29] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2015-12-05]

Chrome:
=======
CHR Profile: C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-23]
CHR Extension: (Dokumenty Google) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-23]
CHR Extension: (Disk Google) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-23]
CHR Extension: (YouTube) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-23]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-02-23]
CHR Extension: (Tabulky Google) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-23]
CHR Extension: (Skype) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-02-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-23]
CHR Extension: (Gmail) - C:\Users\Admin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-23]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/deta ... ihfajigkka
CHR HKU\S-1-5-21-583393380-1616411477-220059149-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/deta ... ihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S3 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-09-10] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-10] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [827856 2015-11-30] (FileZilla Project)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-30] ()
S3 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [747800 2015-12-14] (DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-10-07] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4322440 2016-02-24] (Qualcomm Atheros Communications, Inc.)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [84472 2015-10-07] (ASUS Corporation)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [380768 2016-02-19] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 cpuz137; no ImagePath
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33592 2015-12-06] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [230712 2015-12-06] (Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-24] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-05] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-05] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-05] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-05] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-23] (Intel Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26392 2015-12-14] (DEVGURU Co., LTD.)
S3 tapSF0901; C:\Windows\System32\drivers\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-24 17:37 - 2016-02-24 17:38 - 00021736 _____ C:\Users\Admin123\Downloads\FRST.txt
2016-02-24 17:37 - 2016-02-24 17:37 - 02371072 _____ (Farbar) C:\Users\Admin123\Downloads\FRST64.exe
2016-02-24 17:37 - 2016-02-24 17:37 - 00000000 ____D C:\FRST
2016-02-24 14:28 - 2016-02-24 14:28 - 01780820 _____ C:\Users\Admin123\Downloads\AuthMe-5.2-SNAPSHOT-spigot.jar
2016-02-24 14:24 - 2016-02-24 14:40 - 2448322560 _____ C:\Users\Admin123\Downloads\2016-02-24-14-20-27929-131499-i24w0wtr7qfpbvrunh64.tar
2016-02-24 13:39 - 2016-02-24 13:39 - 00001329 _____ C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku Realtek HD.lnk
2016-02-24 13:38 - 2016-02-24 13:38 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-24 13:35 - 2016-02-24 13:35 - 01226515 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2016-02-24 13:35 - 2016-02-24 13:35 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-02-24 13:34 - 2016-02-24 13:34 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-02-24 13:34 - 2016-02-24 13:34 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 12986520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 10521552 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-02-24 13:34 - 2016-02-24 13:34 - 05776688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 04705536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-02-24 13:34 - 2016-02-24 13:34 - 04486133 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-02-24 13:34 - 2016-02-24 13:34 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 03152591 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-02-24 13:34 - 2016-02-24 13:34 - 03052880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-02-24 13:34 - 2016-02-24 13:34 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02692848 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01928632 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01421104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01286152 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01186168 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01008360 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00933640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00888472 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00716112 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00589072 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-02-24 13:34 - 2016-02-24 13:34 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00448592 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00369304 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00340648 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00224264 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-02-24 13:34 - 2016-02-24 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-24 13:34 - 2016-02-24 13:34 - 00000000 ____D C:\Windows\system32\DAX2
2016-02-24 13:34 - 2016-02-24 13:34 - 00000000 ____D C:\Program Files\Realtek
2016-02-24 13:33 - 2016-02-24 13:33 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 05338936 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 04322440 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athw10x.sys
2016-02-24 13:33 - 2016-02-24 13:33 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 02437144 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00952984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00480520 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-02-24 13:33 - 2016-02-24 13:33 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-02-24 13:33 - 2016-02-24 13:33 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-02-24 13:32 - 2016-02-24 13:32 - 01462720 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-02-24 13:32 - 2016-02-24 13:32 - 00609992 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2016-02-24 13:32 - 2016-02-24 13:32 - 00000000 ____D C:\Windows\LastGood
2016-02-24 13:28 - 2016-02-24 13:28 - 00000000 ____D C:\ProgramData\ProductData
2016-02-24 13:27 - 2016-02-24 13:35 - 00002233 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-02-24 13:27 - 2016-02-24 13:28 - 00003424 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-02-24 13:27 - 2016-02-24 13:28 - 00003078 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Admin123)
2016-02-24 13:27 - 2016-02-24 13:27 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-24 13:27 - 2016-02-24 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-24 13:26 - 2016-02-24 13:27 - 14423632 _____ (IObit ) C:\Users\Admin123\Downloads\driver_booster_setup.exe
2016-02-24 12:42 - 2016-02-24 12:42 - 00002876 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-02-24 12:42 - 2016-02-24 12:42 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-24 12:42 - 2016-02-24 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-24 12:42 - 2016-02-24 12:42 - 00000000 ____D C:\Program Files\CCleaner
2016-02-24 12:41 - 2016-02-24 12:42 - 06837784 _____ (Piriform Ltd) C:\Users\Admin123\Downloads\ccsetup515.exe
2016-02-24 12:38 - 2016-02-24 12:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin123\Downloads\hijackthis (1).exe
2016-02-23 20:20 - 2016-02-23 20:20 - 00000000 ____D C:\Users\Admin123\AppData\Local\NetworkTiles
2016-02-23 19:13 - 2016-02-23 19:13 - 04117240 _____ C:\Users\Admin123\Downloads\AuthMe-5.2-SNAPSHOT-legacy.jar
2016-02-23 18:28 - 2016-02-23 19:49 - 1471111496 _____ C:\Users\Admin123\Downloads\The.Walking.Dead.S06E10.-HD-720p.--CZ-titulky-by-HanzeST.avi
2016-02-23 18:07 - 2016-02-23 18:10 - 01199656 _____ (Uniblue Systems Limited ) C:\Users\Admin123\Downloads\pcmechanicpm.exe
2016-02-23 18:06 - 2016-02-23 18:06 - 00245751 _____ C:\Users\Admin123\Downloads\cports.exe
2016-02-23 17:13 - 2016-02-23 17:13 - 01298434 _____ C:\Users\Admin123\Downloads\simple radar.rar
2016-02-23 16:58 - 2016-02-23 16:58 - 00000000 ____D C:\Users\Admin123\AppData\Local\TeamViewer
2016-02-23 15:24 - 2016-02-23 15:24 - 00000000 ____D C:\Users\Admin123\AppData\Local\ActiveSync
2016-02-23 15:08 - 2016-02-23 14:54 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-23 14:54 - 2016-02-23 15:07 - 00000000 ____D C:\zoek_backup
2016-02-23 14:53 - 2016-02-23 14:54 - 01309184 _____ C:\Users\Admin123\Downloads\zoek.exe
2016-02-23 14:47 - 2016-02-23 14:47 - 00087543 _____ C:\Users\Admin123\Downloads\cports.zip
2016-02-23 13:58 - 2016-02-23 13:58 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-02-22 22:15 - 2016-02-22 22:15 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\ProductData
2016-02-22 16:25 - 2016-02-22 16:27 - 03008448 _____ C:\Users\Admin123\Desktop\20160222_153938.mp4.sfk
2016-02-22 16:16 - 2016-02-22 16:13 - 4294944360 ____N C:\Users\Admin123\Desktop\20160222_153938.mp4
2016-02-22 13:54 - 2016-02-22 13:54 - 00007728 _____ C:\Users\Admin123\Desktop\RK.txt
2016-02-22 13:23 - 2016-02-22 15:22 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-22 13:22 - 2016-02-22 13:23 - 25169992 _____ C:\Users\Admin123\Downloads\RogueKillerX64.exe
2016-02-22 13:17 - 2016-02-22 13:20 - 00831552 _____ C:\Users\Admin123\Desktop\20160222_130312.mp4.sfk
2016-02-22 13:16 - 2016-02-22 13:12 - 1186480638 ____N C:\Users\Admin123\Desktop\20160222_130312.mp4
2016-02-22 13:13 - 2016-02-22 13:13 - 00001569 _____ C:\Users\Admin123\Desktop\JRT.txt
2016-02-22 13:10 - 2016-02-22 13:10 - 01609216 _____ (Malwarebytes) C:\Users\Admin123\Downloads\JRT.exe
2016-02-22 12:56 - 2016-02-22 12:56 - 01511936 _____ C:\Users\Admin123\Downloads\adwcleaner_5.036.exe
2016-02-22 12:51 - 2016-02-22 12:52 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-02-22 12:51 - 2016-02-22 12:51 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-02-22 12:17 - 2016-02-22 12:17 - 00000000 ____D C:\Users\Admin123\Downloads\VGA_Intel_10.18.15.4248_W10x64_A
2016-02-22 12:14 - 2016-02-22 12:15 - 173480933 _____ C:\Users\Admin123\Downloads\VGA_Intel_10.18.15.4248_W10x64_A.zip
2016-02-21 22:50 - 2016-02-21 22:49 - 04409571 ____N C:\Users\Admin123\Desktop\20160221_224900.mp4
2016-02-21 22:47 - 2016-02-21 22:47 - 00255560 _____ C:\Users\Admin123\Downloads\TheFatRat - Time Lapse.mp3.sfk
2016-02-21 22:35 - 2016-02-21 22:37 - 00293512 _____ C:\Users\Admin123\Desktop\20160221_222820.mp4.sfk
2016-02-21 22:34 - 2016-02-21 22:31 - 418518870 ____N C:\Users\Admin123\Desktop\20160221_222820.mp4
2016-02-21 22:24 - 2016-02-21 22:24 - 00000000 ____D C:\Users\Admin123\Desktop\Nová složka (5)
2016-02-21 22:19 - 2016-02-21 22:19 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Publish Providers
2016-02-21 22:16 - 2016-02-21 22:18 - 00000000 ____D C:\Users\Admin123\AppData\Local\Sony
2016-02-21 22:16 - 2016-02-21 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-02-21 22:16 - 2016-02-21 22:16 - 00000000 ____D C:\Program Files\Sony
2016-02-21 22:16 - 2016-02-21 22:16 - 00000000 ____D C:\Program Files (x86)\Sony
2016-02-21 22:15 - 2016-02-23 11:39 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Sony
2016-02-21 22:15 - 2016-02-21 22:16 - 00000000 ____D C:\ProgramData\Sony
2016-02-21 22:12 - 2016-02-21 22:14 - 241963482 _____ C:\Users\Admin123\Downloads\Sony-Vegas-Pro-12-Build-770-Final-+-Crack-[Kedar_CZ].rar
2016-02-21 21:22 - 2016-02-21 22:08 - 00000000 ____D C:\Users\Admin123\AppData\Local\AMD
2016-02-21 21:21 - 2016-02-21 21:23 - 00000000 ____D C:\Users\Admin123\AppData\Local\Adobe
2016-02-21 21:07 - 2016-02-21 21:08 - 00000000 ____D C:\Users\Admin123\Desktop\phone
2016-02-21 20:16 - 2016-02-21 20:46 - 00000000 ____D C:\Users\Admin123\Desktop\Server download
2016-02-21 18:58 - 2016-02-21 18:58 - 00000000 ____D C:\Users\Admin123\AppData\Local\Blizzard
2016-02-21 17:42 - 2016-02-24 13:39 - 00000000 ___RD C:\Users\Admin123\Disk Google
2016-02-21 17:42 - 2016-02-21 17:42 - 00001778 _____ C:\Users\Admin123\Desktop\Disk Google.lnk
2016-02-21 17:41 - 2016-02-21 17:41 - 00002121 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-02-21 17:41 - 2016-02-21 17:41 - 00002119 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-02-21 17:41 - 2016-02-21 17:41 - 00002109 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-02-21 17:41 - 2016-02-21 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-21 17:40 - 2016-02-24 16:45 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-21 17:40 - 2016-02-24 13:38 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-21 17:40 - 2016-02-21 17:40 - 00987728 _____ (Google Inc.) C:\Users\Admin123\Downloads\googledrivesync.exe
2016-02-21 17:38 - 2016-02-21 17:38 - 00000000 ____D C:\Users\Admin123\Desktop\DOGE-data
2016-02-21 17:37 - 2016-02-21 17:44 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\MultiDoge
2016-02-21 17:36 - 2016-02-21 17:36 - 10129920 _____ C:\Users\Admin123\Downloads\multidoge-0.1.7-windows-setup.exe
2016-02-21 17:36 - 2016-02-21 17:36 - 00000000 ____D C:\Program Files (x86)\MultiDoge-0.1.7
2016-02-21 13:44 - 2016-02-22 12:59 - 00000000 ____D C:\AdwCleaner
2016-02-21 13:39 - 2016-02-21 13:39 - 12475154 _____ C:\Users\Admin123\Downloads\Electrum-2.6-debug.apk
2016-02-21 13:36 - 2016-02-21 13:38 - 00000000 ____D C:\Users\Admin123\Downloads\electrum_data
2016-02-21 13:26 - 2016-02-21 17:17 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Electrum
2016-02-21 13:26 - 2016-02-21 13:26 - 00001076 _____ C:\Users\Admin123\Desktop\Electrum.lnk
2016-02-21 13:26 - 2016-02-21 13:26 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2016-02-21 13:26 - 2016-02-21 13:26 - 00000000 ____D C:\Program Files (x86)\Electrum
2016-02-21 13:25 - 2016-02-21 13:36 - 26449522 _____ C:\Users\Admin123\Downloads\electrum-2.5.4-portable.exe
2016-02-21 13:25 - 2016-02-21 13:25 - 49360749 _____ C:\Users\Admin123\Downloads\electrum-2.5.4-setup.exe
2016-02-21 13:25 - 2016-02-21 13:25 - 00448512 _____ (OldTimer Tools) C:\Users\Admin123\Downloads\TFC (1).exe
2016-02-21 13:24 - 2016-02-21 13:24 - 00050688 _____ (Atribune.org) C:\Users\Admin123\Downloads\ATF-Cleaner (1).exe
2016-02-21 13:21 - 2016-02-21 13:21 - 00448512 _____ (OldTimer Tools) C:\Users\Admin123\Downloads\TFC.exe
2016-02-21 13:20 - 2016-02-21 13:20 - 00050688 _____ (Atribune.org) C:\Users\Admin123\Downloads\ATF-Cleaner.exe
2016-02-20 16:01 - 2016-02-19 17:35 - 00846796 _____ C:\Users\Admin123\Desktop\021916-40203-01.dmp
2016-02-20 14:40 - 2016-02-20 14:40 - 00193833 _____ C:\Windows\Minidump\Minidump.rar
2016-02-20 14:40 - 2016-02-20 14:40 - 00193833 _____ C:\Users\Admin123\Downloads\Minidump.rar
2016-02-20 13:54 - 2016-02-20 13:54 - 00531440 _____ C:\Users\Admin123\Downloads\Doklad_2141932898.pdf
2016-02-20 13:51 - 2016-02-20 13:51 - 00430728 _____ () C:\Users\Admin123\Downloads\setup.exe
2016-02-20 13:51 - 2016-02-20 13:51 - 00000000 ____D C:\Users\Admin123\AppData\Local\Deployment
2016-02-20 13:51 - 2016-02-20 13:51 - 00000000 ____D C:\Users\Admin123\AppData\Local\Apps\2.0
2016-02-20 10:53 - 2016-02-20 10:53 - 00000193 _____ C:\Windows\WORDPAD.INI
2016-02-20 10:47 - 2016-02-23 12:32 - 00001139 _____ C:\Users\Admin123\Desktop\Mbam.txt
2016-02-20 10:22 - 2016-02-23 11:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-20 10:22 - 2016-02-20 10:22 - 00001187 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-20 10:22 - 2016-02-20 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-20 10:22 - 2016-02-20 10:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 10:22 - 2016-02-20 10:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 10:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-20 10:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-20 10:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-20 10:20 - 2016-02-20 10:21 - 22908888 _____ (Malwarebytes ) C:\Users\Admin123\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-20 10:18 - 2016-02-20 10:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin123\Downloads\hijackthis.exe
2016-02-19 18:43 - 2016-02-20 21:10 - 00000000 ____D C:\Windows\CryptoGuard
2016-02-19 18:43 - 2016-02-19 18:55 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-02-19 18:43 - 2016-02-19 18:54 - 00000000 ____D C:\ProgramData\HitmanPro
2016-02-19 18:43 - 2016-02-19 18:43 - 04093696 _____ (SurfRight B.V.) C:\Users\Admin123\Downloads\hmpalert.exe
2016-02-19 18:34 - 2016-02-19 18:34 - 00001024 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-02-19 18:34 - 2016-02-19 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-02-19 18:34 - 2016-02-19 18:34 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-02-19 18:30 - 2016-02-19 18:31 - 36639550 _____ C:\Users\Admin123\Downloads\TeamSpeak3-Client-linux_amd64-3.0.18.2.run
2016-02-19 18:24 - 2016-02-19 18:25 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\Admin123\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe
2016-02-19 17:54 - 2016-02-19 17:54 - 01858064 _____ C:\Users\Admin123\Downloads\ulozto-release-1.161-25.apk
2016-02-19 16:22 - 2016-02-19 16:21 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-19 16:22 - 2016-02-03 16:48 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-19 16:21 - 2016-02-19 16:21 - 00000000 ____D C:\Program Files (x86)\Java

[spini11]

2016-02-18 13:27 - 2016-02-18 13:27 - 00010554 _____ C:\Users\Admin123\Downloads\2016-02-12-6.log.gz
2016-02-18 13:26 - 2016-02-18 13:26 - 00001731 _____ C:\Users\Admin123\Downloads\2016-02-13-1.log.gz
2016-02-17 21:43 - 2016-02-17 21:43 - 00022536 _____ C:\Users\Admin123\Downloads\Settings_RT-N12D1.CFG
2016-02-17 19:15 - 2016-02-17 19:15 - 00000465 _____ C:\Users\Admin123\Documents\url.htm
2016-02-17 19:15 - 2016-02-17 19:15 - 00000112 _____ C:\Users\Admin123\AppData\Roaming\Předvolby CS6 pro JP2K
2016-02-17 19:14 - 2016-02-17 19:15 - 00064312 _____ C:\Users\Admin123\Documents\stažený soubor.jpf
2016-02-17 18:45 - 2016-02-17 18:45 - 00147098 _____ C:\Users\Admin123\Documents\as_PVMbf.jpeg
2016-02-15 19:12 - 2016-02-15 19:45 - 597126500 _____ C:\Users\Admin123\Downloads\The.Walking.Dead.S06E09---CZ-titulky-by-HanzeST.avi
2016-02-15 18:08 - 2016-02-15 18:08 - 00000000 ____D C:\Users\Admin123\Documents\Heroes of the Storm
2016-02-15 18:07 - 2016-02-15 18:07 - 00000910 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-02-15 18:07 - 2016-02-15 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-02-15 18:05 - 2016-02-15 18:05 - 00000861 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-02-15 18:05 - 2016-02-15 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-02-15 17:58 - 2016-02-21 21:27 - 00000000 ____D C:\Users\Admin123\AppData\Local\Battle.net
2016-02-15 17:58 - 2016-02-21 18:57 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Battle.net
2016-02-15 17:58 - 2016-02-21 18:57 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-15 17:58 - 2016-02-15 17:58 - 00001223 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-02-15 17:58 - 2016-02-15 17:58 - 00000000 ____D C:\Users\Admin123\AppData\Local\Blizzard Entertainment
2016-02-15 17:58 - 2016-02-15 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-02-15 17:58 - 2016-02-15 17:58 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-02-15 17:49 - 2016-02-21 18:57 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-15 17:49 - 2016-02-15 17:49 - 02950200 _____ (Blizzard Entertainment) C:\Users\Admin123\Downloads\Battle.net-Setup.exe
2016-02-15 17:00 - 2016-02-15 17:00 - 00293984 _____ C:\Users\Admin123\Downloads\Screenshot (04-56odp (1)., úno 15, 2016)
2016-02-15 16:58 - 2016-02-15 16:58 - 00293984 _____ C:\Users\Admin123\Downloads\Screenshot (04-56odp., úno 15, 2016)
2016-02-15 15:01 - 2016-02-15 15:01 - 00000000 ____D C:\Users\Admin123\AppData\Local\wf-launcher
2016-02-15 15:01 - 2016-02-15 15:01 - 00000000 ____D C:\ProgramData\GFACE
2016-02-12 19:28 - 2016-02-12 19:28 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2016-02-12 19:27 - 2016-02-12 19:27 - 00002369 _____ C:\Users\Babetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-12 19:27 - 2016-02-12 19:27 - 00001624 _____ C:\Users\Babetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-02-12 19:19 - 2016-02-12 19:19 - 06792320 _____ (Microsoft Corporation) C:\Users\Admin123\Downloads\SkypeClicktoCall.exe
2016-02-11 17:27 - 2016-02-11 17:27 - 00000000 ____D C:\Users\Admin123\Desktop\Nová složka (4)
2016-02-11 17:09 - 2016-02-11 17:10 - 00000000 ____D C:\Users\Admin123\Desktop\Nová složka (3)
2016-02-11 17:06 - 2016-02-11 17:06 - 00000000 ____D C:\Users\Admin123\Desktop\zvuk
2016-02-11 17:06 - 2016-02-11 17:06 - 00000000 ____D C:\Users\Admin123\Desktop\vylet
2016-02-11 17:06 - 2016-02-11 17:06 - 00000000 ____D C:\Users\Admin123\Desktop\sony ericsson
2016-02-11 17:06 - 2016-02-11 17:06 - 00000000 ____D C:\Users\Admin123\Desktop\Paměťová karta Memory Stick
2016-02-11 17:06 - 2016-02-11 17:06 - 00000000 ____D C:\Users\Admin123\Desktop\LG telefon
2016-02-11 17:05 - 2011-09-13 18:29 - 236223590 _____ C:\Users\Admin123\Desktop\vylet.zip
2016-02-11 15:20 - 2016-02-11 15:24 - 1095053256 _____ C:\Users\Admin123\Downloads\2016-02-11-14-31-27929-131499-9fxpc533hzwm2wg9d3vg.tar
2016-02-11 09:37 - 2016-02-11 09:37 - 02449753 _____ C:\Users\Admin123\Desktop\2016-01-31_16.26.39.psd
2016-02-11 09:08 - 2016-02-11 09:08 - 00004791 _____ C:\Users\Admin123\Downloads\AFKKicker.jar
2016-02-10 18:40 - 2016-02-03 20:01 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:40 - 2016-02-03 20:01 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 18:08 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 18:08 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 18:08 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 18:08 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 18:08 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 18:08 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 18:08 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 18:08 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-02-10 18:08 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 18:08 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-10 18:08 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-10 18:08 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 18:08 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-02-10 18:08 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2016-02-10 18:08 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 18:08 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-10 18:08 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-10 18:08 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 18:08 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-02-10 18:08 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-10 18:08 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2016-02-10 18:08 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 18:08 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-02-10 18:08 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-02-10 18:08 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 18:08 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-02-10 18:08 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-02-10 18:08 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 18:08 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 18:08 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-02-10 18:08 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-10 18:08 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-10 18:08 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-02-10 18:08 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassam.dll
2016-02-10 18:08 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 18:08 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-02-10 18:08 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-02-10 18:08 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 18:08 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-10 18:08 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 18:08 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-02-10 18:08 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-10 18:08 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 18:08 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2016-02-10 18:08 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-10 18:08 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-02-10 18:08 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 18:08 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 18:08 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 18:08 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 18:08 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 18:08 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 18:08 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 18:08 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-02-10 18:08 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 18:08 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-10 18:08 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 18:08 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-02-10 18:08 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 18:08 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-02-10 18:08 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 18:08 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 18:08 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 18:08 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-02-10 18:08 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-09 19:58 - 2016-02-09 19:59 - 04669125 _____ C:\Users\Admin123\Downloads\CrystalDiskInfo6_7_5.zip
2016-02-08 15:22 - 2016-02-13 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-02-08 15:22 - 2016-02-08 15:22 - 00000000 ____D C:\Program Files\DIFX
2016-02-08 15:20 - 2016-02-08 15:20 - 63628251 _____ C:\Users\Admin123\Downloads\RemoteLinkSetup.zip
2016-02-08 11:31 - 2016-02-08 11:31 - 00566593 _____ (Things & Stuff ) C:\Users\Admin123\Downloads\TouchpadSetup13.exe
2016-02-08 11:31 - 2016-02-08 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Touchpad Server
2016-02-08 11:31 - 2016-02-08 11:31 - 00000000 ____D C:\Program Files (x86)\Things & Stuff
2016-02-08 11:26 - 2016-02-08 11:26 - 00000000 ____D C:\Users\Admin123\AppData\LocalLow\Adobe
2016-02-08 10:22 - 2016-02-08 10:52 - 00000000 ____D C:\Users\Admin123\Downloads\REC.4.Apocalipsis.2014.BDRip.720p
2016-02-08 10:21 - 2016-02-08 10:21 - 00014937 _____ C:\Users\Admin123\Downloads\[CzT]_REC_4_Apocalipsis_2014_720pLQ_.torrent
2016-02-08 10:08 - 2016-02-08 10:49 - 00000000 ____D C:\Users\Admin123\Downloads\[REC]³ Génesis
2016-02-08 10:04 - 2016-02-08 10:04 - 00014629 _____ C:\Users\Admin123\Downloads\[CzT]_REC_Genesis_2012_.torrent
2016-02-07 10:15 - 2016-02-07 10:15 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\ProductData
2016-02-06 20:56 - 2016-02-06 20:56 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\Raptr
2016-02-06 17:47 - 2016-02-06 17:47 - 00006328 _____ C:\Users\Admin123\Downloads\VipSlot.jar
2016-02-06 15:05 - 2016-02-06 20:16 - 00000027 _____ C:\Users\Admin123\Downloads\NASA-tajne-dokumenty-Darkweb.rar
2016-02-06 14:46 - 2016-02-06 14:54 - 1415747350 _____ C:\Users\Admin123\Downloads\Air.2015.BRRip.XviD.AC3-RiSiNG.avi
2016-02-06 14:41 - 2016-02-06 14:53 - 1634203648 _____ C:\Users\Admin123\Downloads\Automata(2014)Cz.avi
2016-02-06 14:41 - 2016-02-06 14:41 - 00016143 _____ C:\Users\Admin123\Downloads\[CzT]Automata_Automata_2014_CZ_.torrent
2016-02-06 14:41 - 2016-02-06 14:41 - 00014222 _____ C:\Users\Admin123\Downloads\[CzT]Povetri_Air_2015_CZ_.torrent
2016-02-06 14:36 - 2016-02-06 14:37 - 00000000 ____D C:\Users\Admin123\Downloads\San.Andreas.2015.480p.BDRip.XviD.AC3.CZ-HiDE
2016-02-06 14:35 - 2016-02-06 14:46 - 1504266240 _____ C:\Users\Admin123\Downloads\Fantastic.Four.2015.BDRip.XviD.AC3.CZ-GRAcE.avi
2016-02-06 14:35 - 2016-02-06 14:35 - 00015633 _____ C:\Users\Admin123\Downloads\[CzT]San_Andreas_2015_CZ_.torrent
2016-02-06 14:35 - 2016-02-06 14:35 - 00014931 _____ C:\Users\Admin123\Downloads\[CzT]Fantasticka_ctyrka_The_Fantastic_Four_2015_CZ_.torrent
2016-02-06 14:32 - 2016-02-06 14:39 - 1531378240 _____ C:\Users\Admin123\Downloads\Tomorrowland.2015.BRRip.XviD.AC3-RiSiNG.avi
2016-02-06 14:32 - 2016-02-06 14:32 - 00015187 _____ C:\Users\Admin123\Downloads\[CzT]Zeme_zitrka_Tomorrowland_2015_CZ_.torrent
2016-02-06 14:28 - 2016-02-06 14:31 - 00000000 ____D C:\Users\Admin123\Downloads\Avengers.Age.of.Ultron.2015.480p.BDRip.XviD.AC3.CZ-HiDE
2016-02-06 14:27 - 2016-02-06 14:27 - 00021106 _____ C:\Users\Admin123\Downloads\[CzT]Avengers_Age_of_Ultron_2015_CZ_.torrent
2016-02-06 13:35 - 2016-02-06 15:08 - 00000000 ____D C:\Users\Admin123\Downloads\Bleach komplet + 4x movie
2016-02-06 13:34 - 2016-02-06 13:35 - 00000000 ____D C:\Users\Admin123\Downloads\REC
2016-02-06 13:32 - 2016-02-06 13:32 - 00207625 _____ C:\Users\Admin123\Downloads\[CzT]Bleach_4x_film.torrent
2016-02-06 13:31 - 2016-02-06 13:43 - 1541808128 _____ C:\Users\Admin123\Downloads\REC.2.2009.480p.BRRip.XviD.AC3.CZ.avi
2016-02-06 13:30 - 2016-02-06 13:39 - 909764608 _____ C:\Users\Admin123\Downloads\recz.avi
2016-02-06 13:30 - 2016-02-06 13:30 - 00017890 _____ C:\Users\Admin123\Downloads\[CzT]REC.torrent
2016-02-06 13:30 - 2016-02-06 13:30 - 00015280 _____ C:\Users\Admin123\Downloads\[CzT]Rec_2.torrent
2016-02-06 13:29 - 2016-02-06 13:29 - 00014875 _____ C:\Users\Admin123\Downloads\[CzT]REC_Rec_1_2_2007_2009_CZ_.torrent
2016-02-06 13:24 - 2016-02-06 13:27 - 00000000 ____D C:\Users\Admin123\Downloads\Big.Game.2014.BDRip.XviD.CZ-TreZzoR
2016-02-06 13:24 - 2016-02-06 13:24 - 00016685 _____ C:\Users\Admin123\Downloads\[CzT]Sejmi_prezidenta_Big_Game_2014_CZ_.torrent
2016-02-06 13:07 - 2016-02-06 13:15 - 1618517870 _____ C:\Users\Admin123\Downloads\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2016-02-06 13:07 - 2016-02-06 13:07 - 00016165 _____ C:\Users\Admin123\Downloads\[CzT]Terminator_Genisys_2015_CZ_.torrent
2016-02-06 13:06 - 2016-02-06 17:53 - 1655843530 _____ C:\Users\Admin123\Downloads\Oko.dravce-Eagle.Eye.2008.1080p.BluRay.DTS.x264.CZ.dabing.mkv
2016-02-06 13:05 - 2016-02-06 13:05 - 00000000 ____D C:\Users\Admin123\Downloads\MorphVOX Pro v4.3.13 +addons
2016-02-06 12:59 - 2016-02-06 12:59 - 00035267 _____ C:\Users\Admin123\Downloads\[CzT]Oko_Dravce_Eagle_Eye_2008_CZ_EN_1080pHD_.torrent
2016-02-05 21:07 - 2016-02-13 09:56 - 00000000 ____D C:\ProgramData\spotflux
2016-02-05 21:05 - 2016-02-05 21:05 - 00521800 _____ (Spotflux, Inc) C:\Users\Admin123\Downloads\sf-install-web.exe
2016-02-04 21:02 - 2016-02-04 21:02 - 00003101 _____ C:\Users\Admin123\Downloads\banned-players.json
2016-02-04 20:45 - 2016-02-04 21:01 - 2252861440 _____ C:\Users\Admin123\Downloads\2016-02-04-15-31-27929-131499-q4i3rmqzzc3y2ha6smeu.tar
2016-02-04 17:46 - 2016-02-04 17:46 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\ATI
2016-02-04 17:46 - 2016-02-04 17:46 - 00000000 ____D C:\Users\Admin123\AppData\Local\ATI
2016-02-04 17:46 - 2016-02-04 17:46 - 00000000 ____D C:\ProgramData\ATI
2016-02-04 17:25 - 2016-02-04 17:25 - 00004296 _____ C:\Windows\System32\Tasks\AMD Updater
2016-02-04 17:25 - 2016-02-04 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-02-04 17:24 - 2016-02-12 14:12 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Raptr
2016-02-04 17:24 - 2016-02-04 17:25 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-02-04 17:24 - 2016-02-04 17:24 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\library_dir
2016-02-04 17:24 - 2016-02-04 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-02-04 17:20 - 2016-01-30 19:47 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-02-04 17:20 - 2016-01-30 19:21 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-02-04 17:20 - 2016-01-30 19:21 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-02-04 17:20 - 2016-01-30 19:20 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-02-04 17:20 - 2016-01-30 19:20 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-02-04 17:20 - 2016-01-30 19:20 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-02-04 17:20 - 2016-01-30 19:15 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-02-04 17:20 - 2016-01-30 19:11 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-02-04 17:20 - 2016-01-30 19:11 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-02-04 17:20 - 2016-01-30 18:57 - 00865280 _____ (AMD) C:\Windows\system32\coinst_15.30.dll
2016-02-04 17:20 - 2016-01-30 18:34 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-02-04 17:20 - 2016-01-30 18:34 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-02-04 17:20 - 2016-01-30 18:34 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-02-04 17:16 - 2016-02-04 17:18 - 348123264 _____ (AMD Inc.) C:\Users\Admin123\Downloads\non-whql-64bit-radeon-software-crimson-16.1.1-win10-win8.1-win7-jan30.exe
2016-02-04 17:16 - 2016-02-04 17:18 - 322471624 _____ (AMD Inc.) C:\Users\Admin123\Downloads\radeon-crimson-15.12-win10-64bit.exe
2016-02-04 17:15 - 2016-02-04 17:15 - 03579904 _____ C:\Users\Admin123\Downloads\amd pro control center.msi
2016-02-04 17:13 - 2016-02-04 17:13 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Admin123\Downloads\autodetectutility (1).exe
2016-02-04 17:10 - 2016-02-04 17:10 - 03729760 _____ C:\Users\Admin123\Downloads\forge-1.8-11.14.4.1577-installer-win.exe
2016-02-04 17:08 - 2016-02-04 17:08 - 00378154 _____ C:\Users\Admin123\Downloads\ShadersMod-v2.4.12mc1.8 (1).jar
2016-02-04 16:17 - 2016-02-04 16:17 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Screaming Bee
2016-02-04 16:13 - 2016-02-04 16:17 - 00000000 ____D C:\ProgramData\Screaming Bee
2016-02-04 16:13 - 2016-02-04 16:13 - 00002193 _____ C:\Users\Public\Desktop\MorphVOX Pro.lnk
2016-02-04 16:13 - 2016-02-04 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2016-02-04 16:13 - 2016-02-04 16:13 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2016-02-04 16:11 - 2016-02-04 16:15 - 00000000 ____D C:\Users\Admin123\Downloads\Screaming Bee MorphVOX Pro 4.4.9 Build 20443 Deluxe Pack - Cyclonoid
2016-02-04 16:09 - 2016-02-04 16:09 - 00002230 _____ C:\Users\Admin123\Downloads\[CzT]MorphVOX_Pro_4_4_17.torrent
2016-02-04 16:08 - 2016-02-04 16:08 - 00011034 _____ C:\Users\Admin123\Downloads\[CzT]MorphVOX_Pro_4_3_13_addons.torrent
2016-02-04 14:44 - 2016-02-04 14:44 - 00000000 _____ C:\Users\Admin123\Downloads\banlist (1).csv
2016-02-04 14:33 - 2016-02-04 14:33 - 07567544 _____ (IObit ) C:\Users\Admin123\Downloads\defragsetup-pro.exe
2016-02-04 14:33 - 2016-02-04 14:33 - 00001251 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2016-02-04 14:33 - 2015-08-10 14:34 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-02-04 14:06 - 2016-02-04 14:06 - 00008334 _____ C:\Users\Admin123\Downloads\AntiAFK_v2.1.jar
2016-02-01 20:27 - 2016-02-01 20:27 - 00191751 _____ C:\Users\Admin123\Downloads\FinalDeathBot.rar
2016-02-01 20:27 - 2015-02-18 09:34 - 00000000 ____D C:\Users\Admin123\Downloads\FinalDeathBot
2016-02-01 20:23 - 2016-02-01 20:25 - 00001621 _____ C:\Users\Admin123\Desktop\ddd.txt
2016-02-01 20:22 - 2016-02-24 13:39 - 00000000 ____D C:\Users\Admin123\AppData\Local\CrashDumps
2016-02-01 20:21 - 2016-02-01 20:21 - 00651264 _____ (HampoTech) C:\Users\Admin123\Downloads\MCSpambot.exe
2016-02-01 20:03 - 2016-02-01 20:08 - 1080258494 _____ C:\Users\Admin123\Downloads\2016-02-01-18-31-27929-131499-wf8hy6z4tl8jufuhvjax.tar
2016-02-01 18:41 - 2016-02-01 19:01 - 355367028 _____ C:\Users\Admin123\Downloads\Bleach-306.avi
2016-02-01 16:51 - 2016-02-01 16:51 - 00030170 _____ C:\Users\Admin123\Downloads\[CzT]Hotel_Transylvanie_Hotel_Transylvania_2012_CZ_SK_EN_.torrent
2016-02-01 16:50 - 2016-02-01 16:50 - 00014178 _____ C:\Users\Admin123\Downloads\[CzT]Hotel_Transylvanie_2_Hotel_Transylvania_2_2015_CZ_SK_.torrent
2016-01-31 20:52 - 2016-01-31 20:52 - 00348805 _____ C:\Users\Admin123\Downloads\vy-32-inovace-nj.8.a.18-slovesa-se-zmenou-kmenove-samohlasky.pptx
2016-01-31 18:49 - 2016-01-31 18:49 - 42610688 _____ C:\Windows\system32\config\components.iobit
2016-01-31 14:49 - 2016-01-31 14:49 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\Wargaming.net
2016-01-30 21:40 - 2016-01-30 21:40 - 00280792 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-01-30 21:37 - 2016-01-30 21:37 - 00281032 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-01-30 18:52 - 2016-01-30 18:52 - 00000000 ____D C:\Users\Babetka\AppData\Local\TeamViewer
2016-01-30 18:52 - 2016-01-30 18:52 - 00000000 ____D C:\Users\Babetka\AppData\Local\MicrosoftEdge
2016-01-30 18:51 - 2016-01-30 18:51 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\TeamViewer
2016-01-30 15:11 - 2016-02-04 17:24 - 00000000 ____D C:\Program Files (x86)\AMD
2016-01-30 15:11 - 2016-01-30 15:11 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD
2016-01-30 15:09 - 2016-01-30 15:09 - 00927302 _____ C:\Users\Admin123\Downloads\amd_system_monitor.zip
2016-01-30 13:13 - 2016-01-30 13:13 - 40640363 _____ C:\Users\Admin123\Desktop\DSC_0819[1].psd
2016-01-30 13:04 - 2016-01-31 17:16 - 00000000 ___RD C:\Users\Admin123\Creative Cloud Files
2016-01-30 13:04 - 2016-01-31 17:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-30 13:02 - 2016-01-30 13:02 - 00001316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-01-30 13:02 - 2016-01-30 13:02 - 00001304 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-01-30 13:02 - 2016-01-30 13:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-30 12:55 - 2016-01-30 12:55 - 00001099 _____ C:\Users\Admin123\Desktop\Adobe Photoshop CC 2015.lnk
2016-01-30 12:55 - 2016-01-30 12:55 - 00000000 ____D C:\Users\Admin123\Documents\Adobe
2016-01-30 12:55 - 2016-01-30 12:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-01-30 12:53 - 2016-01-30 14:04 - 1249068591 _____ C:\Users\Admin123\Downloads\Mašinka-Tomáš-dily-1-13(Monty).rar
2016-01-30 12:49 - 2016-01-30 12:55 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-01-30 12:49 - 2016-01-30 12:49 - 00000000 ____D C:\Program Files\Adobe
2016-01-30 12:47 - 2016-01-30 13:04 - 00000000 ____D C:\ProgramData\Adobe
2016-01-30 12:00 - 2016-01-30 12:00 - 125224084 _____ C:\Users\Admin123\Downloads\Bleach-300-CZ[480].mkv
2016-01-30 11:43 - 2016-01-30 12:30 - 852732160 _____ C:\Users\Admin123\Downloads\Adobe-Photoshop-CC-2015-(64-bit)-[Uploaded-by-Damo33].rar
2016-01-29 17:49 - 2016-01-29 17:50 - 00000000 ____D C:\Users\Admin123\Desktop\D.A.R
2016-01-29 17:49 - 2016-01-29 17:49 - 08862055 _____ C:\Users\Admin123\Downloads\minecraft_server.16w04a.jar
2016-01-29 14:46 - 2016-01-29 14:46 - 00132778 _____ C:\Users\Admin123\Downloads\Masher.zip
2016-01-28 22:36 - 2016-01-28 22:49 - 146457823 _____ C:\Users\Admin123\Downloads\Aegirs Landing 12-3-2013.zip
2016-01-28 22:02 - 2016-01-28 22:06 - 91354422 _____ C:\Users\Admin123\Downloads\gates_of_immortal.zip
2016-01-28 21:42 - 2013-04-08 20:06 - 00036285 _____ C:\Users\Admin123\Desktop\Medieval Castle by Axianerve.schematic
2016-01-28 21:41 - 2016-01-28 21:41 - 00035903 _____ C:\Users\Admin123\Downloads\Medieval-Castle-by-Axianerve (1).zip
2016-01-28 21:40 - 2016-01-28 21:40 - 00035903 _____ C:\Users\Admin123\Downloads\Medieval-Castle-by-Axianerve.zip
2016-01-28 21:34 - 2016-01-28 21:34 - 00003262 _____ C:\Users\Admin123\Downloads\blacksmith.schematic
2016-01-28 20:08 - 2016-01-28 20:08 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\FileZilla Server
2016-01-28 16:20 - 2016-01-28 16:20 - 00000000 ____D C:\Users\Admin123\Desktop\AuthMe
2016-01-28 16:16 - 2016-01-28 13:08 - 1443758080 _____ C:\Users\Admin123\Desktop\2016-01-28-12-31-27929-131499-u32doi260vmfr3bjep4t
2016-01-28 16:15 - 2016-01-28 16:16 - 825620385 _____ C:\Users\Admin123\Downloads\2016-01-28-12-31-27929-131499-u32doi260vmfr3bjep4t.rar
2016-01-28 16:07 - 2016-01-28 16:12 - 825620385 _____ C:\Users\Admin123\Downloads\2016-01-28-12-31-27929-131499-u32doi260vmfr3bjep4t.tar
2016-01-28 16:03 - 2016-01-28 16:03 - 00009092 _____ C:\Users\Admin123\Downloads\2016-01-28-5.log.gz
2016-01-28 15:57 - 2016-01-28 15:59 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\GHISLER
2016-01-28 15:57 - 2016-01-28 15:57 - 11737680 _____ C:\Users\Admin123\Downloads\tcmd852ax64.exe
2016-01-28 15:57 - 2016-01-28 15:57 - 00000685 _____ C:\Users\Admin123\Desktop\Total Commander 64 bit.lnk
2016-01-28 15:57 - 2016-01-28 15:57 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-01-28 15:57 - 2016-01-28 15:57 - 00000000 ____D C:\totalcmd
2016-01-28 15:52 - 2016-01-29 10:49 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\FileZilla
2016-01-28 15:51 - 2016-01-28 15:51 - 06539752 _____ (Tim Kosse) C:\Users\Admin123\Downloads\FileZilla_3.14.1_win64-setup.exe
2016-01-28 15:51 - 2016-01-28 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-28 15:51 - 2016-01-28 15:51 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-01-28 14:36 - 2016-01-28 14:36 - 00001048 _____ C:\Users\Admin123\Downloads\131499_mysql_db.sql
2016-01-28 14:11 - 2016-01-28 14:11 - 00004423 _____ C:\Users\Admin123\Downloads\config (14).yml
2016-01-28 13:50 - 2016-01-28 13:50 - 00000000 _____ C:\Users\Admin123\Downloads\banlist.csv
2016-01-28 13:12 - 2016-01-28 13:12 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\FileZilla Server
2016-01-28 13:10 - 2016-01-28 13:10 - 02162320 _____ (FileZilla Project) C:\Users\Admin123\Downloads\FileZilla_Server-0_9_54.exe
2016-01-28 13:10 - 2016-01-28 13:10 - 00002178 _____ C:\Users\Public\Desktop\FileZilla Server Interface.lnk
2016-01-28 13:10 - 2016-01-28 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2016-01-28 13:10 - 2016-01-28 13:10 - 00000000 ____D C:\Program Files (x86)\FileZilla Server
2016-01-28 12:58 - 2016-01-28 12:58 - 00140404 _____ C:\Users\Admin123\Downloads\Ultrabans.jar
2016-01-28 11:16 - 2016-01-28 11:16 - 00019515 _____ C:\Users\Admin123\Downloads\BanList.jar
2016-01-28 11:16 - 2016-01-28 11:16 - 00019515 _____ C:\Users\Admin123\Downloads\BanList (1).jar
2016-01-28 11:06 - 2016-01-28 11:11 - 107883996 _____ C:\Users\Admin123\Downloads\Bleach-298-CZ[480].mkv
2016-01-28 10:43 - 2016-01-28 10:58 - 261959836 _____ C:\Users\Admin123\Downloads\Bleach-297.avi
2016-01-28 10:32 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-01-28 10:32 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-28 10:32 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-28 10:32 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-28 10:32 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-01-28 10:32 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-01-28 10:32 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-01-28 10:32 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 10:32 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-28 10:32 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-01-28 10:32 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-01-28 10:32 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-28 10:32 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-01-28 10:32 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-01-28 10:32 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-01-28 10:32 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-01-28 10:32 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-01-28 10:32 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-01-28 10:32 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-01-28 10:32 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-01-28 10:32 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\rasadhlp.dll
2016-01-28 10:32 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2016-01-28 10:32 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\winhttpcom.dll
2016-01-28 10:32 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-01-28 10:32 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\sscoreext.dll
2016-01-28 10:32 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-01-28 10:32 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
2016-01-28 10:32 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2016-01-28 10:32 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\rasautou.exe
2016-01-28 10:32 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2016-01-28 10:32 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-01-28 10:32 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-01-28 10:32 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll
2016-01-28 10:32 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2016-01-28 10:32 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-01-28 10:32 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-01-28 10:32 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-01-28 10:32 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2016-01-28 10:32 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-01-28 10:32 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2016-01-28 10:32 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-28 10:32 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll
2016-01-28 10:32 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2016-01-28 10:32 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 10:32 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-28 10:32 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasadhlp.dll
2016-01-28 10:32 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-01-28 10:32 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2016-01-28 10:32 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-28 10:32 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-01-28 10:32 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttpcom.dll
2016-01-28 10:32 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2016-01-28 10:32 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 10:32 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-01-28 10:32 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2016-01-28 10:32 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2016-01-28 10:32 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-01-28 10:32 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-01-28 10:32 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-01-28 10:32 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-01-28 10:32 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasautou.exe
2016-01-28 10:32 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-28 10:32 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-01-28 10:32 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-28 10:32 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll
2016-01-28 10:32 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2016-01-28 10:32 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-01-28 10:32 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-01-28 10:32 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-01-28 10:32 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-01-28 10:32 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2016-01-28 10:32 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll
2016-01-28 10:32 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-28 10:32 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-01-28 10:32 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-01-28 10:32 - 2016-01-16 06:26 - 00260608 _____ C:\Windows\system32\MTFServer.dll
2016-01-28 10:32 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-01-28 10:32 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2016-01-28 10:32 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-01-28 10:32 - 2016-01-16 06:25 - 00235008 _____ C:\Windows\system32\MTF.dll
2016-01-28 10:32 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-01-28 10:32 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-01-28 10:32 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-01-28 10:32 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-01-28 10:32 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-28 10:32 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-28 10:32 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-01-28 10:32 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-01-28 10:32 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-01-28 10:32 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-01-28 10:32 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2016-01-28 10:32 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-01-28 10:32 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-01-28 10:32 - 2016-01-16 06:19 - 00162816 _____ C:\Windows\SysWOW64\MTF.dll
2016-01-28 10:32 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 10:32 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-28 10:32 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-01-28 10:32 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-01-28 10:32 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-28 10:32 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-01-28 10:32 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-01-28 10:32 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-01-28 10:32 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-01-28 10:30 - 2016-01-28 10:39 - 157733414 _____ C:\Users\Admin123\Downloads\Bleach-296-cz-tit-by-Shini.mkv
2016-01-27 18:21 - 2016-01-27 18:21 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Wargaming.net
2016-01-27 17:45 - 2016-01-27 18:24 - 11057704 _____ (XVM team ) C:\Users\Admin123\Downloads\xvm-6.2.0.1.exe
2016-01-27 17:36 - 2016-01-27 17:36 - 00000818 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-27 17:36 - 2016-01-27 17:36 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-27 17:36 - 2016-01-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-27 17:36 - 2016-01-27 17:36 - 00000000 ____D C:\Games
2016-01-27 17:34 - 2016-01-27 17:34 - 05049384 _____ (Wargaming.net ) C:\Users\Admin123\Downloads\WoT_internet_install_eu.exe
2016-01-27 17:13 - 2016-01-27 17:13 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Ellanet
2016-01-27 17:12 - 2016-01-27 17:12 - 00241251 _____ C:\Users\Admin123\Downloads\MoveMouse_3.4.0.zip
2016-01-27 16:35 - 2016-01-27 16:42 - 127553801 _____ C:\Users\Admin123\Downloads\Bleach-295-cz-tit-by-Shini.mkv
2016-01-27 15:56 - 2016-02-19 23:31 - 00000000 ____D C:\Users\Admin123\Desktop\Nová složka (2)
2016-01-27 15:55 - 2016-01-27 15:56 - 00000000 ____D C:\Users\Admin123\Desktop\Porty
2016-01-27 15:55 - 2016-01-27 15:55 - 00028614 _____ C:\Users\Admin123\Downloads\nc.zip
2016-01-27 15:52 - 2016-01-27 15:52 - 00075267 _____ C:\Users\Admin123\Downloads\nc110.tgz
2016-01-27 15:51 - 2016-01-27 15:51 - 00028614 _____ C:\Users\Admin123\Downloads\Nepotvrzeno 242441.crdownload
2016-01-27 15:39 - 2016-01-27 15:40 - 00000029 _____ C:\Users\Admin123\Downloads\heslo.cmd
2016-01-27 15:29 - 2016-01-27 15:29 - 00507757 _____ C:\Users\Admin123\Downloads\PPR_v1.0.5f.rar
2016-01-27 14:05 - 2016-01-27 14:05 - 00002423 _____ C:\Users\Public\Desktop\IntelProcessor Diagnostic Tool 64bit.lnk
2016-01-27 14:05 - 2016-01-27 14:05 - 00000000 ____D C:\Users\Admin123\AppData\Local\Downloaded Installations
2016-01-27 14:05 - 2016-01-27 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-01-27 14:05 - 2016-01-27 14:05 - 00000000 ____D C:\Program Files\Intel Corporation
2016-01-27 14:02 - 2016-01-27 14:03 - 60153856 _____ C:\Users\Admin123\Downloads\IPDT_Installer_3.0.0.23.W_x86_3.0.0.23.W.MP_x64.exe
2016-01-27 14:02 - 2016-01-27 14:02 - 04953064 _____ (Intel) C:\Users\Admin123\Downloads\Intel Driver Update Utility Installer.exe
2016-01-27 12:46 - 2016-01-27 12:46 - 00004076 _____ C:\Users\Admin123\Downloads\config (13).yml
2016-01-27 10:57 - 2016-01-27 10:57 - 00001437 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-01-26 15:18 - 2016-01-26 15:18 - 00040269 _____ C:\Users\Admin123\Downloads\Ziipzaaps Shaders V2 (Chocapic13 Shaders edit).zip
2016-01-26 15:11 - 2016-01-26 15:11 - 00032756 _____ C:\Users\Admin123\Downloads\KUDA-Shaders v6.1.13 BETA - Medium.zip
2016-01-26 14:58 - 2016-02-24 12:44 - 00000000 ____D C:\Windows\Minidump
2016-01-26 14:49 - 2016-01-26 14:49 - 00044802 _____ C:\Users\Admin123\Downloads\Sildurs Vibrant Shaders v1.13 Medium.zip
2016-01-26 14:41 - 2016-01-26 14:41 - 00378154 _____ C:\Users\Admin123\Downloads\ShadersMod-v2.4.12mc1.8.jar
2016-01-26 13:58 - 2016-01-26 13:58 - 00928554 _____ C:\Users\Admin123\Downloads\MyPet-1.2.2.jar
2016-01-26 13:07 - 2016-01-26 13:07 - 00003878 _____ C:\Users\Admin123\Downloads\permissions (1).yml
2016-01-26 10:45 - 2016-01-26 10:45 - 01344771 _____ C:\Users\Admin123\Downloads\OptiFine_1.8.9_HD_U_H2.jar
2016-01-25 19:24 - 2016-01-25 19:24 - 00001017 _____ C:\Users\Admin123\Downloads\a891e162-05c3-3e84-9bd4-366c0e8436f5.dat
2016-01-25 16:53 - 2016-01-25 16:53 - 00562417 _____ (Shark Labs) C:\Users\Admin123\Downloads\Dic_Czech.exe
2016-01-25 16:52 - 2016-01-26 19:59 - 00000000 ____D C:\Users\Admin123\Documents\ClownfishSoundTemp
2016-01-25 16:43 - 2016-01-25 16:43 - 00000000 ____D C:\Users\Admin123\Documents\Skype Voice Records
2016-01-25 16:43 - 2016-01-25 16:43 - 00000000 ____D C:\Users\Admin123\Documents\Clownfish Avatars
2016-01-25 16:31 - 2016-01-25 16:31 - 00805280 _____ (Shark Labs) C:\Users\Admin123\Downloads\CFSetup417.exe
2016-01-25 16:31 - 2016-01-25 16:31 - 00001970 _____ C:\Users\Public\Desktop\Clownfish.lnk
2016-01-25 16:31 - 2016-01-25 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
2016-01-25 16:31 - 2016-01-25 16:31 - 00000000 ____D C:\Program Files (x86)\Clownfish
2016-01-25 16:28 - 2013-06-06 16:15 - 00181215 _____ C:\Users\Admin123\Desktop\SurvivalGames.jar
2016-01-25 16:27 - 2016-01-25 16:27 - 00865056 _____ C:\Users\Admin123\Downloads\SurvivalGames_0.5.8.42.zip
2016-01-25 16:06 - 2016-01-25 16:06 - 00000345 _____ C:\Users\Admin123\Downloads\config (12).yml
2016-01-25 15:47 - 2016-02-04 17:18 - 00000000 ____D C:\AMD
2016-01-25 15:45 - 2016-01-25 15:45 - 04947168 _____ (Advanced Micro Devices, Inc.) C:\Users\Admin123\Downloads\autodetectutility.exe
2016-01-25 14:49 - 2016-01-25 14:49 - 00040336 _____ C:\Users\Admin123\Downloads\GUIShop_2.1.jar
2016-01-25 14:46 - 2016-01-25 14:46 - 00004131 _____ C:\Users\Admin123\Downloads\config (11).yml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-24 17:39 - 2016-01-17 20:07 - 00000000 __SHD C:\Users\Babetka\IntelGraphicsProfiles
2016-02-24 17:39 - 2016-01-17 20:07 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\IObit
2016-02-24 17:39 - 2015-12-08 15:53 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Skype
2016-02-24 17:39 - 2015-12-05 15:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-24 16:12 - 2015-12-05 14:39 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-24 13:44 - 2015-12-06 11:57 - 00751256 _____ C:\Windows\system32\perfh005.dat
2016-02-24 13:44 - 2015-12-06 11:57 - 00150864 _____ C:\Windows\system32\perfc005.dat
2016-02-24 13:44 - 2015-12-05 12:48 - 01771468 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-24 13:44 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF
2016-02-24 13:38 - 2015-12-08 15:51 - 00000000 __SHD C:\Users\Admin123\IntelGraphicsProfiles
2016-02-24 13:37 - 2015-12-05 12:37 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-24 13:37 - 2015-10-30 07:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-02-24 13:36 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123
2016-02-24 13:27 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\IObit
2016-02-24 13:27 - 2015-12-06 12:36 - 00000000 ____D C:\ProgramData\IObit
2016-02-24 13:27 - 2015-12-06 12:36 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-24 12:47 - 2015-12-09 11:43 - 00002546 _____ C:\Windows\System32\Tasks\SmartDefrag4_Update
2016-02-24 12:44 - 2015-12-19 12:41 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\TeamViewer
2016-02-24 12:44 - 2015-12-19 12:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-24 12:39 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Local\VirtualStore
2016-02-24 11:33 - 2015-12-17 15:53 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0567F68-51CC-46E1-ACD9-A910265D1168}
2016-02-23 21:34 - 2016-01-03 16:57 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\vlc
2016-02-23 18:56 - 2015-12-09 15:52 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\.minecraft
2016-02-23 18:55 - 2015-12-16 12:29 - 00001140 _____ C:\Users\Admin123\Desktop\nativelog.txt
2016-02-23 18:03 - 2015-12-08 21:43 - 00000000 ____D C:\Users\Admin123\AppData\Local\Warframe
2016-02-23 16:44 - 2015-12-28 22:33 - 00001587 _____ C:\Users\Admin123\Desktop\Skype – zástupce.lnk
2016-02-22 22:15 - 2015-12-08 21:41 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\TS3Client
2016-02-21 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\NDF
2016-02-21 17:46 - 2015-12-05 14:29 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-21 17:46 - 2015-12-05 14:29 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-21 17:41 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Local\Google
2016-02-21 17:41 - 2015-12-05 14:29 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-21 17:40 - 2015-12-05 14:29 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-21 17:40 - 2015-12-05 14:29 - 00003760 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-20 14:57 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness
2016-02-19 17:47 - 2015-12-08 20:05 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-19 17:47 - 2015-12-08 20:05 - 00000000 ____D C:\Windows\system32\MRT
2016-02-19 16:22 - 2015-12-05 15:55 - 00000000 ____D C:\ProgramData\Oracle
2016-02-19 16:22 - 2015-12-05 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-19 16:22 - 2015-12-05 15:53 - 00000000 ____D C:\Program Files\Java
2016-02-19 16:21 - 2015-12-09 16:05 - 00000000 ____D C:\Users\Admin123\.oracle_jre_usage
2016-02-19 13:13 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-17 21:26 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache
2016-02-15 15:11 - 2015-12-05 15:26 - 00000000 ____D C:\ProgramData\Skype
2016-02-13 09:57 - 2016-01-22 11:32 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-02-12 20:42 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Local\Packages
2016-02-12 19:54 - 2015-12-16 21:39 - 00000000 ____D C:\Users\Admin123\Documents\Bandicam
2016-02-12 19:27 - 2016-01-17 20:09 - 00000000 ___RD C:\Users\Babetka\OneDrive
2016-02-12 19:26 - 2015-12-05 14:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-12 19:21 - 2015-12-05 15:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-11 21:44 - 2015-10-30 10:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 18:40 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp
2016-02-08 17:24 - 2015-12-16 16:41 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\uTorrent
2016-02-08 08:57 - 2015-10-30 07:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-02-04 17:23 - 2015-12-05 12:48 - 00000000 ____D C:\Program Files\AMD
2016-02-04 14:33 - 2015-12-09 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2016-02-03 16:40 - 2015-12-08 16:18 - 00000000 ____D C:\Users\Admin123\AppData\Local\Steam
2016-01-31 20:30 - 2016-01-17 20:07 - 00000000 ____D C:\Users\Babetka
2016-01-30 21:40 - 2016-01-21 17:14 - 00280792 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-01-30 21:40 - 2016-01-21 17:08 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-01-30 21:37 - 2016-01-21 17:13 - 00000000 ____D C:\Users\Admin123\AppData\Local\PunkBuster
2016-01-30 21:33 - 2015-12-08 16:18 - 00000000 ____D C:\Users\Admin123\Documents\my games
2016-01-30 18:52 - 2016-01-17 20:07 - 00000000 ____D C:\Users\Babetka\AppData\Roaming\Adobe
2016-01-30 13:06 - 2015-12-08 15:51 - 00000000 ____D C:\Users\Admin123\AppData\Roaming\Adobe
2016-01-30 11:38 - 2016-01-22 18:30 - 00000022 _____ C:\Users\Admin123\Downloads\LOIC-1.0.8-binary.zip
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ___SD C:\Windows\system32\F12
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\oobe
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-29 22:36 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr
2016-01-27 11:28 - 2015-12-05 15:27 - 00003392 _____ C:\Windows\System32\Tasks\{02C79275-68AE-4CAA-9BAE-5B9989EBF253}
2016-01-27 10:57 - 2016-01-08 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-01-27 10:56 - 2016-01-22 11:24 - 41171496 _____ (IObit ) C:\Users\Admin123\Downloads\advanced-systemcare-setup.exe
2016-01-25 20:23 - 2016-01-10 18:20 - 00000000 ____D C:\ProgramData\Origin

==================== Files in the root of some directories =======

2016-02-17 19:15 - 2016-02-17 19:15 - 0000112 _____ () C:\Users\Admin123\AppData\Roaming\Předvolby CS6 pro JP2K
2016-02-24 13:35 - 2016-02-24 13:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-15 17:32

==================== End of FRST.txt ============================

[spini11]

Additional:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Admin123 (2016-02-24 17:39:55)
Running from C:\Users\Admin123\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-05 11:43:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin123 (S-1-5-21-583393380-1616411477-220059149-1002 - Administrator - Enabled) => C:\Users\Admin123
Administrator (S-1-5-21-583393380-1616411477-220059149-500 - Administrator - Disabled)
Babetka (S-1-5-21-583393380-1616411477-220059149-1003 - Limited - Enabled) => C:\Users\Babetka
DefaultAccount (S-1-5-21-583393380-1616411477-220059149-503 - Limited - Disabled)
Guest (S-1-5-21-583393380-1616411477-220059149-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.0.206 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Catalyst Control Center Next Localization BR (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0130.1337.24446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
FileZilla Client 3.14.1 (HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.54 - FileZilla Project)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{7DEAECAD-F239-49FF-A6D4-2B3E523A1CA3}) (Version: 3.0.0.23 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.126 - IObit)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{937bb605-1c5b-4716-b9aa-1d15bc5ef283}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{d1c16b5e-882c-437c-9031-9921232aae59}) (Version: latest - ppy Pty Ltd)
PlanetSide 2 (HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Sample Production Bit Checker x64 (HKLM\...\{1FFA19A6-D46D-4993-B39E-394EB92781A4}) (Version: 1.0.7.0 - Intel Corporation)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.2.0.37 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.58.0 - Samsung Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Defrag 4 Pro (HKLM-x32\...\Smart Defrag 4 Pro_is1) (Version: 4.3 - IObit)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Touchpad Server (HKLM-x32\...\Touchpad Server_is1) (Version: 1.3 - Things & Stuff)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XVM verze 6.2.0.1 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.2.0.1 - XVM team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-583393380-1616411477-220059149-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin123\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-583393380-1616411477-220059149-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-583393380-1616411477-220059149-1003_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Babetka\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15E1627C-7C81-42B0-A86C-6F12A59B609C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2016-02-19] (Microsoft Corporation)
Task: {2EBC4229-097D-4410-B63B-977B92DBC82E} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-24] (IObit)
Task: {7062694C-1004-41F2-AFE3-48BA5093DC0B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-01-30] (Advanced Micro Devices, Inc.)
Task: {82C15213-145C-4CF8-A0A9-DF2AB68940AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {9B88A107-D987-4C77-8AEE-9529AD6CBE21} - System32\Tasks\{02C79275-68AE-4CAA-9BAE-5B9989EBF253} => Chrome.exe hxxp://ui.skype.com/ui/0/7.16.0.101/cs/ ... Error=1618
Task: {A34CE546-D208-443A-B462-62D8B9E3C752} - System32\Tasks\Driver Booster SkipUAC (Admin123) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {AC85FD89-8749-4A88-AB97-2505F19D6C23} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-19] (Microsoft Corporation)
Task: {B207188A-8A8B-4584-A917-A77AF161EC47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)
Task: {F0AF88FF-9716-4F59-AC0F-488F0B5FA8F3} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {F302EDC9-7E92-4627-8236-115E17E228DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-01-21 17:08 - 2016-01-30 21:40 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-12-05 14:30 - 2015-11-22 11:47 - 02653816 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-12-05 14:30 - 2015-11-22 11:47 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-01-22 11:31 - 2016-01-22 11:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 21:12 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 21:12 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\Windows\system32\igfxTray.exe
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-02-12 22:13 - 2016-02-12 22:13 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-02-19 13:11 - 2016-02-19 13:11 - 09789952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-01-13 13:11 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 13:11 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 10:32 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 10:32 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-09 11:14 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2016-01-22 11:31 - 2016-01-22 11:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 11:31 - 2016-01-22 11:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00098816 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32api.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00110080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pywintypes27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00364544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pythoncom27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00320512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32com.shell.shell.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00776704 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_hashlib.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01176576 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._core_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00806400 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._gdi_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00816128 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._windows_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01067008 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._controls_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00733184 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._misc_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00682496 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pysqlite2._sqlite.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ctypes.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00119808 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32file.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00108544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32security.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00007168 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\hashobjs_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017920 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\thumbnails_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\usb_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00167936 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32gui.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00018432 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32event.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00046080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_socket.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01208320 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ssl.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00128512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_elementtree.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00127488 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pyexpat.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00013824 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\common.time34.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00036864 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_psutil_windows.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00038912 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32inet.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00525240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\windows._lib_cacheinvalidation.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00011264 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32crypt.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00077312 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._html2.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00027136 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_multiprocessing.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00020480 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_yappi.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00035840 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32process.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00686080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\unicodedata.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00078848 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._animate.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00123392 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._wizard.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00024064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pipe.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00010240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\select.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00025600 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pdh.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017408 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32profile.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00022528 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32ts.pyd
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-05-08 06:08 - 2015-05-08 06:08 - 00151552 _____ () C:\Program Files (x86)\DroidCam\dsd\DroidCam\lib\DroidCam.dll
2015-05-08 06:08 - 2015-05-08 06:08 - 00081920 _____ () C:\Program Files (x86)\DroidCam\dsd\DroidCam\lib\DroidCamFilter.ax
2015-05-08 06:14 - 2015-05-08 06:14 - 00086016 _____ () C:\Program Files (x86)\DroidCam\dsd\DroidCam\lib\DroidCamFilter240p.ax
2016-02-03 16:33 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-03 16:33 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-05 14:58 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-03 16:33 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-03 16:33 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-03 16:33 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-03 16:33 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-03 16:33 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-03 16:33 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-03 16:33 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-05 14:58 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-03 16:33 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-02-03 16:33 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-02-03 16:33 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-02-21 17:46 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-21 17:46 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-21 17:46 - 2016-02-18 05:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-02-23 14:55 - 2016-02-23 14:55 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-583393380-1616411477-220059149-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin123\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-583393380-1616411477-220059149-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: OneDrive => "c:\users\admin123\appdata\local\microsoft\onedrive\onedrive.exe" /background
MSCONFIG\startupreg: Samsung Link => "c:\program files\samsung\samsung link\samsung link tray agent.exe"
MSCONFIG\startupreg: SideSync => c:\program files (x86)\samsung\sidesync4\sidesync.exe
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\StartupApproved\StartupFolder: => "Touchpad Server.lnk"
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_015C5B588226AE512C03D68BD9593816"
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\StartupApproved\Run: => "SideSync"
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\StartupApproved\Run: => "spotflux"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26CEA4AA-40D6-443D-9132-BD26680635FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7214B0F2-12BB-47EC-824B-A39F21B04ED5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B86FD715-7651-46C0-B611-AC038372B84B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5DCFDCF-E756-4412-921A-8D432673BF46}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C864C3EF-B211-40D3-9AD4-C4FC9A7968A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D611DC20-A5BC-4F5B-A722-FBF5E81A9E53}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3BEE7696-B9B3-4198-8B7B-A7BB3B9B693B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DCA0198D-ACA2-46E4-B80D-963B92F02DB4}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6DE429D2-95B4-471D-8645-B0BD0FCACC77}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{DCEF0245-C5A1-47DD-B578-D5CCF35B375F}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BA63FB90-DE5F-48AC-986E-3A696C5CC7B6}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8A80A721-594B-4813-BAB7-2D0512248FE5}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C3EF9DAB-8181-4642-A930-FDD01D4E7F3F}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9351EB70-FC56-4D22-BECB-A814382FE4C0}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6AFFE0FF-1104-4E5C-9A68-0D9882737A05}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{13EB681E-5279-4422-8C23-415060FDB43E}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{EC21066F-0DB1-4240-BBC9-27C0D107288F}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe

[spini11]

FirewallRules: [{F5CBDBA1-192D-4A30-988B-6E955595570D}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{4E8DA85E-E2FF-4911-A17E-1DE5AD378777}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{AED50D0C-108E-4A34-A02F-2760101969DC}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A0C024A8-9652-462F-AEF1-9F08EA2D1B7F}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A8D77353-FD56-45EB-8CDC-71F995BF1502}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{0E921CDF-F019-43EE-A9B2-9FD9FA323D12}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{7D5F5A2B-3D35-488B-AF98-8326F03DF761}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{8C0AEC6E-CA92-4FD3-9C7E-3901820FABF2}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{27B8E21F-B973-45DC-BF2F-7339FD9577EB}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{BA3541B3-1485-4C8C-B3F5-F9B80491F43C}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{E4FCDD30-D8C7-46E5-8FE1-D3C6EB91298D}D:\games1\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\games1\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{7E976B91-16ED-4C5F-A3B5-118A7990BAA0}D:\games1\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\games1\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [{8E9B8704-59A2-429B-AB93-DCE76B504669}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CA5E4154-EB87-40B7-B867-1D50ACAFEBA1}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5380A8EC-C3F7-4960-A777-28CE5F19DBB6}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{FBC04CC9-160B-47EB-A92F-06399DC7538D}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [TCP Query User{361CD95B-7E1E-449F-A6D2-966100628CA1}C:\users\admin123\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin123\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9C594977-C374-46D7-8715-5A4E0E7F2D69}C:\users\admin123\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin123\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D2BA6686-18AE-4239-84F0-DAD2EF0F2E17}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{1F6B3AE4-77FE-468D-B758-B412FA3DD1C4}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{16E44C83-4F52-4068-854F-654309891EFB}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\BLACKHOLE\BLACKHOLE.exe
FirewallRules: [{0A6DB47B-37A2-45B9-B968-572DC188BC70}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\BLACKHOLE\BLACKHOLE.exe
FirewallRules: [{94145A60-014A-43DE-9308-F7AA487EF759}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{0D1BDE16-E7FD-4550-B77A-FEB29A677583}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{919D76C6-F66D-448B-82C5-6575E7C01C5E}D:\games1\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\games1\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{A69FFF07-82B6-49C1-B570-B98A64F54464}D:\games1\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\games1\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{084D8A15-AFDD-4C8F-970D-D3A6A8D9E71E}] => (Allow) C:\Program Files (x86)\DroidCam\dsd\DroidCam\DroidCamApp.exe
FirewallRules: [{EA793CF6-81E4-4183-BFC5-AFEB6F5D4206}] => (Allow) C:\Program Files (x86)\DroidCam\dsd\DroidCam\DroidCamApp.exe
FirewallRules: [TCP Query User{D4808D9C-08B7-4C45-93B1-65F422F1F75E}D:\games1\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\games1\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{FA5C95D5-70F4-438C-9E5E-E12A9F2052CE}D:\games1\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\games1\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{31953A0F-8C83-4AFB-879F-A1CAE521A2F0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C77BA195-F3B5-4B38-AFC5-BE33EC6B1240}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C5FF32D6-F784-4296-8B60-B3EA04DFA7D2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{E9F2B351-26BE-4C9D-B3ED-E61E1C826AA2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1896F8C0-8E22-425D-8762-898F9EEAA35D}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{329A8A38-6109-4D29-BADF-9B0F99C39D03}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{E1DF743F-D53E-4036-880D-E8BA02E2EE1C}] => (Allow) LPort=8743
FirewallRules: [{99F78B05-F9ED-4EBC-8DB0-D71CA713124C}] => (Allow) LPort=8643
FirewallRules: [{6345AF0A-78D3-4358-89C1-98F3F411FF24}] => (Allow) LPort=7676
FirewallRules: [{4C914C8B-6C56-4E41-A1E4-E6A1482FAA19}] => (Allow) LPort=7679
FirewallRules: [{ECDD8D07-208B-4D4E-8CD9-D6177925F71B}] => (Allow) LPort=24234
FirewallRules: [{675366D7-9CD5-49C5-B616-3EC20A497CE9}] => (Allow) LPort=7900
FirewallRules: [{B6D4827C-C286-42F4-9F8B-127A999F80F7}] => (Allow) LPort=1900
FirewallRules: [{09B7C1E1-53A1-4D21-ABF5-75AB6EF6C122}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{EE4990BA-66A6-4B9C-B82E-42D47D0F62CF}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{27D3965C-97D9-4E2F-9C71-20C3190438D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0DE45A66-5FD4-470B-AC7E-84A3F51BBB92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{565AF4F4-FE96-4D7B-9F33-A80FD565FABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3275C49F-4A19-4AA4-A5C3-BB2C4C4684B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{2133FF66-F019-46E0-93AB-17F7244065DF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F3AC31C6-A6AE-40EC-BF64-B33A3446B8D6}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{63434F80-B1EF-4734-8BD4-D048BC68D485}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{107D0004-E424-4587-B854-D8644A71F6E0}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{88BD0F2B-36BA-4BD5-A0B6-7806F266795B}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{9AC0C4A6-4303-4CDC-8BA5-1F6FB0CB73E8}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{EB0AE67A-F3E5-4C2F-8E40-1D6B129E7CF2}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [UDP Query User{EEFD43BA-92EB-4D28-8482-83FD03CE088C}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [{46AD6504-96E8-403C-909C-821154F51D0E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{4E80D59B-AF31-40B7-888E-9823925A5018}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{805C342D-632F-4480-9CED-610322B34E71}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{0C663029-79D1-47F9-8500-C39DC2E5079C}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{CB010416-3713-4000-B4BA-D9CF21C2C008}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{13D424F1-94AD-4630-B5A1-EA1B0E545187}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{939F1BCF-53D7-4311-8C7F-226D4E470F18}] => (Allow) LPort=21
FirewallRules: [{FAA58539-685E-4833-9746-DB735D0558D9}] => (Allow) LPort=21
FirewallRules: [{9EA7DBC0-E19A-4F1E-94DC-1537E252348C}] => (Allow) LPort=14147
FirewallRules: [{088EF721-AF16-4C66-8682-07A58C39C1A8}] => (Allow) LPort=14147
FirewallRules: [{AA7C9C99-3402-4E6E-835A-C9C01A4A214B}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{076B092A-D1B6-434A-9A8E-79E63D39FB6A}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D8C141D4-1399-4BAD-AC44-6CC7623B2D74}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{790445FB-701B-4740-BADB-074FB4236719}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9EC80508-221C-4940-895D-D0DED2FD464F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EFEF7495-9E3C-4B10-B3B6-002E95E5E8FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B3A8423A-66CF-4B0F-9FE5-DDC5675C9512}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4344E718-5829-4E60-995E-C290ADB4F71C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{88656DDA-EB7B-4BD7-8660-299BE4022CF1}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1F0EB1CC-96E8-4B92-BD54-EFA67A301A06}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7925E4F8-048D-4CEB-A7C2-5ACAC9AEB5EB}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{2187A1BD-D344-48F9-B07B-60301E68EEE6}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{9E4E9257-C820-424F-B0CE-FF9BF93BABFD}C:\program files\java\jre1.8.0_72\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_72\bin\javaw.exe
FirewallRules: [UDP Query User{F6771299-A9F4-42C6-AB19-1E9124532452}C:\program files\java\jre1.8.0_72\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_72\bin\javaw.exe
FirewallRules: [TCP Query User{A10AA707-C784-41BF-8931-FC43679AA914}C:\program files (x86)\things & stuff\touchpad server\touchpadserver.exe] => (Allow) C:\program files (x86)\things & stuff\touchpad server\touchpadserver.exe
FirewallRules: [UDP Query User{2DF579C5-30F4-4DC3-AED7-B5204CBD04A7}C:\program files (x86)\things & stuff\touchpad server\touchpadserver.exe] => (Allow) C:\program files (x86)\things & stuff\touchpad server\touchpadserver.exe
FirewallRules: [{55FC6958-081B-423D-B575-3568386839BB}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{C4B31149-F90C-4FD9-9C79-415844A012ED}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{B6DC3A39-ECF0-4FDC-BA80-5D3A5930BBCC}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3217C072-8BBB-45A9-92A3-AF5713C08B57}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2204CC2C-5257-4091-BCF5-67357E40749B}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FCD773A1-BB32-45E6-87CE-10FDE36C516B}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{595DBDB5-A29D-486F-8C8B-37E903EE1910}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [UDP Query User{0B96E646-B832-4D84-A706-1217564C38A2}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [{6AB603CD-E2C2-42C8-AE11-6772C9F4EC8A}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2C7386BA-803E-4610-B915-D6AE8B328FE9}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AF00CB9B-CAE6-4FDE-A2B2-0F37A4753ED4}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{31748008-5F48-42FB-A297-5E76A1AAA55A}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AEC3408E-8A3B-45AD-BA95-D42701A48678}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3863C252-3800-40E5-985B-2198B99DA548}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2FBEDA55-2C89-46F2-ABAE-DCF83D9F0AE2}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8F6045D6-074C-4E0A-B741-00BCB6C7D56B}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9D59FD25-FF02-4EA3-B327-26AC12A34471}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{27D057D8-57E1-4879-AC47-60655EC49A10}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{024B8A6D-8A01-4D81-8F17-560E67750E2A}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{41EB09F0-9BC2-4056-9B80-829D5A59B011}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{86C44C0B-6DC2-48F6-A517-F727CBDA8CD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A504ED2D-740E-415C-AED4-1E1CE412F9AE}D:\games1\hearthstone\hearthstone.exe] => (Allow) D:\games1\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{28C3ECEA-2738-4D56-ADCA-BC8E19D92728}D:\games1\hearthstone\hearthstone.exe] => (Allow) D:\games1\hearthstone\hearthstone.exe
FirewallRules: [{DB8F77E4-E96E-42BF-A2EA-494DD3500B4C}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F910CC6E-3C64-44B5-9C46-0C5414504470}] => (Allow) D:\Games1\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe

==================== Restore Points =========================

21-02-2016 13:04:37 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-02-2016 13:05:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-02-2016 13:11:32 JRT Pre-Junkware Removal
23-02-2016 14:54:44 zoek.exe restore point
24-02-2016 13:29:36 Driver update
24-02-2016 13:31:34 Driver Booster : Bluetooth USB Module

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2016 05:40:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/24/2016 05:40:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/24/2016 05:39:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4557LVV)
Description: Aplikaci Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App se nepovedlo aktivovat, protože došlo k chybě: -2147024770. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/24/2016 05:39:00 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (02/24/2016 01:39:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.10586.0, časové razítko: 0x5632d8f4
Název chybujícího modulu: msvcrt.dll, verze: 7.0.10586.0, časové razítko: 0x5632d79e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073b20
ID chybujícího procesu: 0x105c
Čas spuštění chybující aplikace: 0xDllHost.exe0
Cesta k chybující aplikaci: DllHost.exe1
Cesta k chybujícímu modulu: DllHost.exe2
ID zprávy: DllHost.exe3
Úplný název chybujícího balíčku: DllHost.exe4
ID aplikace související s chybujícím balíčkem: DllHost.exe5

Error: (02/24/2016 01:39:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/24/2016 01:38:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.10586.0, časové razítko: 0x5632d8f4
Název chybujícího modulu: msvcrt.dll, verze: 7.0.10586.0, časové razítko: 0x5632d79e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073cc0
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0xDllHost.exe0
Cesta k chybující aplikaci: DllHost.exe1
Cesta k chybujícímu modulu: DllHost.exe2
ID zprávy: DllHost.exe3
Úplný název chybujícího balíčku: DllHost.exe4
ID aplikace související s chybujícím balíčkem: DllHost.exe5

Error: (02/24/2016 01:37:51 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (02/24/2016 01:36:42 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (02/24/2016 01:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.10586.0, časové razítko: 0x5632d8f4
Název chybujícího modulu: msvcrt.dll, verze: 7.0.10586.0, časové razítko: 0x5632d79e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073cc0
ID chybujícího procesu: 0x203c
Čas spuštění chybující aplikace: 0xDllHost.exe0
Cesta k chybující aplikaci: DllHost.exe1
Cesta k chybujícímu modulu: DllHost.exe2
ID zprávy: DllHost.exe3
Úplný název chybujícího balíčku: DllHost.exe4
ID aplikace související s chybujícím balíčkem: DllHost.exe5


System errors:
=============
Error: (02/24/2016 05:38:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/24/2016 05:38:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/24/2016 01:36:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba User Data Access_3965a byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (02/24/2016 01:36:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba User Data Storage_3965a byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (02/24/2016 01:36:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Contact Data_3965a byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (02/24/2016 01:36:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sync Host_3965a byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (02/24/2016 01:36:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/24/2016 11:28:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:49:35, ‎23.‎02.‎2016) bylo neočekávané.

Error: (02/23/2016 03:16:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4557LVV)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/23/2016 03:16:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4557LVV)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


CodeIntegrity:
===================================
Date: 2016-02-22 11:32:04.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-19 16:18:32.596
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2016-02-19 16:18:32.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2016-02-19 16:18:32.179
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2016-02-19 16:18:32.172
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2016-02-18 21:11:22.634
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-14 11:42:11.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-12 14:09:27.401
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-11 08:50:30.612
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-06 19:06:53.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 53%
Total physical RAM: 8072.27 MB
Available physical RAM: 3739.53 MB
Total Virtual: 10248.27 MB
Available Virtual: 4625.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.53 GB) (Free:180.01 GB) NTFS
Drive d: (Games and other Stuff !) (Fixed) (Total:465.76 GB) (Free:117.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-583393380-1616411477-220059149-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKU\S-1-5-21-583393380-1616411477-220059149-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2016-02-24 13:38 - 2016-02-24 13:38 - 00098816 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32api.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00110080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pywintypes27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00364544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pythoncom27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00320512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32com.shell.shell.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00776704 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_hashlib.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01176576 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._core_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00806400 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._gdi_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00816128 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._windows_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01067008 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._controls_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00733184 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._misc_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00682496 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pysqlite2._sqlite.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ctypes.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00119808 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32file.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00108544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32security.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00007168 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\hashobjs_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017920 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\thumbnails_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\usb_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00167936 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32gui.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00018432 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32event.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00046080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_socket.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01208320 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ssl.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00128512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_elementtree.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00127488 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pyexpat.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00013824 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\common.time34.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00036864 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_psutil_windows.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00038912 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32inet.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00525240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\windows._lib_cacheinvalidation.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00011264 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32crypt.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00077312 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._html2.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00027136 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_multiprocessing.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00020480 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_yappi.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00035840 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32process.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00686080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\unicodedata.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00078848 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._animate.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00123392 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._wizard.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00024064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pipe.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00010240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\select.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00025600 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pdh.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017408 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32profile.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00022528 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32ts.pyd
C:\Users\Admin123\AppData\Local\Temp\_MEI50922
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[spini11]

Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Admin123 (2016-02-25 10:58:20) Run:1
Running from C:\Users\Admin123\Desktop
Loaded Profiles: Admin123 (Available Profiles: Admin123 & Babetka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-583393380-1616411477-220059149-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKU\S-1-5-21-583393380-1616411477-220059149-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2016-02-24 13:38 - 2016-02-24 13:38 - 00098816 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32api.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00110080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pywintypes27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00364544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pythoncom27.dll
2016-02-24 13:38 - 2016-02-24 13:38 - 00320512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32com.shell.shell.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00776704 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_hashlib.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01176576 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._core_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00806400 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._gdi_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00816128 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._windows_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01067008 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._controls_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00733184 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._misc_.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00682496 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pysqlite2._sqlite.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ctypes.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00119808 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32file.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00108544 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32security.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00007168 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\hashobjs_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017920 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\thumbnails_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00088064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\usb_ext.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00167936 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32gui.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00018432 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32event.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00046080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_socket.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 01208320 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ssl.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00128512 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_elementtree.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00127488 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pyexpat.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00013824 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\common.time34.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00036864 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_psutil_windows.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00038912 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32inet.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00525240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\windows._lib_cacheinvalidation.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00011264 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32crypt.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00077312 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._html2.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00027136 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_multiprocessing.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00020480 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_yappi.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00035840 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32process.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00686080 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\unicodedata.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00078848 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._animate.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00123392 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._wizard.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00024064 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pipe.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00010240 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\select.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00025600 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pdh.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00017408 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32profile.pyd
2016-02-24 13:38 - 2016-02-24 13:38 - 00022528 _____ () C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32ts.pyd
C:\Users\Admin123\AppData\Local\Temp\_MEI50922
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-583393380-1616411477-220059149-1002\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32api.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pywintypes27.dll => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pythoncom27.dll => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32com.shell.shell.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_hashlib.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._core_.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._gdi_.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._windows_.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._controls_.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._misc_.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pysqlite2._sqlite.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ctypes.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32file.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32security.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\hashobjs_ext.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\thumbnails_ext.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\usb_ext.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32gui.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32event.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_socket.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_ssl.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_elementtree.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\pyexpat.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\common.time34.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_psutil_windows.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32inet.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\windows._lib_cacheinvalidation.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32crypt.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._html2.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_multiprocessing.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\_yappi.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32process.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\unicodedata.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._animate.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\wx._wizard.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pipe.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\select.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32pdh.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32profile.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922\win32ts.pyd => moved successfully
C:\Users\Admin123\AppData\Local\Temp\_MEI50922 => moved successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net" => key removed successfully
"HKU\S-1-5-21-583393380-1616411477-220059149-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully
EmptyTemp: => 467.4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:58:40 ====

[Orcus]

Odinstaluj IObit Malware Fighter a dodej nový log z HJT + popis problémů.