Prosím o kontrolu logu Vyřešeno

[RP8]

Mám podezření, jestli to doopravdy musel někdo nainstalovat ručně na můj počítač, tak mám jen jednoho podezřelého (pokud nás někdo nevykradl nebo nepřiletěli ufouni). Heslo jsem změnila a nejspíš přikročím i k bios heslu a možná i k tomu locknutí HDD (už jsem domluvená s člověkem, který to umí a můžu mu věřit)

[Reklama]

[jaro3]

To je správné.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[RP8]

Když jsem se pokusila ComboFix spustit, tak mi vyskočila hláška: Compofix is not meant to run in 'Compatibility Mode'. The program shall now exit. Někde jsem vygooglila, že je nekompatibilní s windows 8.1, ale těžko říct, zda se tomu dá věřit.

[RP8]

Ještě jsem se chtěla zeptat...je nějaká šance, že se mi to fakt dostalo do počítače "samo" (tedy bez zavinění někoho, kdo byl v kontaktu s počítačem)? Můj podezřelý tvrdí, že jsem si určitě něco stáhla a že se to prostě stává. Ale v době, kdy byla vytvořena složka jsem u počítače nebyla (počítač byl doma a já několik hodin před tím i potom mimo domov). Jde to nějak z toho logu poznat? I když mě nenapadá, jak by se to mohlo samo nainstalovat, když byl vypnutý počítač...asi jsem zbytečně naivní.

[proofer]

Pokud byl Pc vypnutý tak je nesmysl aby se tam něco stáhlo

[jaro3]

Na 100% to tam někdo nainstaloval...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.




Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[RP8]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Romana (administrator) on ROPUŠKA on 10-07-2014 18:50:26
Running from C:\Users\Romana\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-09-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-841785141-1410990556-160275754-1001\...\Run: [GoogleChromeAutoLaunch_218ACEC8D45A638E1CA3C5005808A2D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-841785141-1410990556-160275754-1001\...\Run: [speedfan.exe] => C:\Program Files (x86)\SpeedFan\speedfan.exe [4683768 2013-03-15] (Almico Software (www.almico.com))
Startup: C:\Users\Romana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-05]

Chrome:
=======
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-07]
CHR Extension: (Disk Google) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-07]
CHR Extension: (YouTube) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-07]
CHR Extension: (avast! Online Security) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-07]
CHR Extension: (Peněženka Google) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-07]
CHR Extension: (Gmail) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-03]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-03] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-05] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [1290016 2013-09-25] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 SKLProService; F:\x\Crack + Patch\rsasws.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [79488 2006-10-03] (RICOH Company, Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-10 18:50 - 2014-07-10 18:50 - 00014058 _____ () C:\Users\Romana\Desktop\FRST.txt
2014-07-10 18:50 - 2014-07-10 18:50 - 00000000 ____D () C:\FRST
2014-07-10 18:49 - 2014-07-10 18:49 - 02084352 _____ (Farbar) C:\Users\Romana\Desktop\FRST64.exe
2014-07-10 18:45 - 2014-07-10 18:45 - 00000818 _____ () C:\Windows\PFRO.log
2014-07-10 18:41 - 2014-07-10 18:42 - 00088668 _____ () C:\Users\Romana\Documents\cc_20140710_184151.reg
2014-07-10 18:37 - 2014-07-10 18:37 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 18:37 - 2014-07-10 18:37 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 18:37 - 2014-07-10 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-10 18:37 - 2014-07-10 18:37 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 18:36 - 2014-07-10 18:36 - 04812672 _____ (Piriform Ltd) C:\Users\Romana\Downloads\ccsetup415.exe
2014-07-10 18:36 - 2014-07-10 18:36 - 04812672 _____ (Piriform Ltd) C:\Users\Romana\Downloads\ccsetup415 (1).exe
2014-07-08 21:45 - 2014-07-08 21:45 - 05216105 _____ (Swearware) C:\Users\Romana\Desktop\ComboFix (1).exe
2014-07-07 23:22 - 2014-07-07 23:22 - 00002487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-07 23:22 - 2014-07-07 23:22 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-07 22:18 - 2014-07-07 22:18 - 00030336 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-07 21:53 - 2014-07-10 18:39 - 00000000 ____D () C:\Users\Romana\AppData\Local\CrashDumps
2014-07-07 13:05 - 2014-07-07 13:05 - 05328984 _____ () C:\Users\Romana\Desktop\RogueKillerX64.exe
2014-07-07 12:46 - 2014-07-07 12:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-07 11:57 - 2014-07-07 11:57 - 00000712 _____ () C:\Users\Romana\Desktop\JRT.txt
2014-07-07 11:46 - 2014-07-07 11:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-07 11:43 - 2014-07-07 22:29 - 00000000 ____D () C:\Users\Romana\Downloads\logy
2014-07-07 11:21 - 2014-07-07 11:21 - 01016261 _____ (Thisisu) C:\Users\Romana\Desktop\JRT.exe
2014-07-06 21:42 - 2014-07-06 21:42 - 00003371 _____ () C:\Users\Romana\Downloads\text.txt
2014-07-06 21:34 - 2014-07-10 18:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 21:34 - 2014-07-06 21:34 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 21:34 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-06 21:34 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-06 21:34 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-06 21:24 - 2014-07-06 21:25 - 01346519 _____ () C:\Users\Romana\Desktop\AdwCleaner.exe
2014-07-06 21:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-06 21:14 - 2014-07-07 11:40 - 00000000 ____D () C:\AdwCleaner
2014-07-06 21:13 - 2014-07-06 20:10 - 01346519 _____ () C:\Users\Romana\Desktop\adwcleaner_3.214.exe
2014-07-06 20:11 - 2014-07-06 20:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Romana\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-06 20:10 - 2014-07-06 20:10 - 01346519 _____ () C:\Users\Romana\Downloads\adwcleaner_3.214.exe
2014-07-06 20:10 - 2014-07-06 20:10 - 00050688 _____ (Atribune.org) C:\Users\Romana\Downloads\ATF-Cleaner.exe
2014-07-06 20:09 - 2014-07-06 20:09 - 00448512 _____ (OldTimer Tools) C:\Users\Romana\Downloads\TFC.exe
2014-07-06 17:54 - 2014-07-07 14:22 - 00010735 _____ () C:\Users\Romana\Downloads\hijackthis.log
2014-07-06 17:50 - 2014-07-06 17:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Romana\Downloads\HijackThis.exe
2014-07-06 10:40 - 2014-07-06 10:40 - 00757598 _____ () C:\Users\Romana\Downloads\TL-WR841N_V8_datasheet.zip
2014-07-05 18:26 - 2014-07-05 18:26 - 00000000 _____ () C:\asc_rdflag
2014-07-05 12:47 - 2014-07-10 18:47 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForRomana.job
2014-07-05 12:47 - 2014-07-05 12:47 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRomana
2014-07-05 12:45 - 2014-07-05 12:45 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 22:01 - 2014-07-03 22:01 - 00029603 _____ () C:\Users\Romana\Downloads\[www.seedpeer.me] Onmyouza Full Discography.SEEDPEER.torrent
2014-07-03 19:05 - 2014-07-07 18:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-03 19:05 - 2014-07-03 19:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-03 19:05 - 2014-07-03 19:05 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-02 13:36 - 2014-07-06 21:30 - 00000047 _____ () C:\Windows\SysWOW64\windows.ini
2014-07-02 13:32 - 2009-05-13 19:35 - 00258352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2014-07-02 13:32 - 2009-05-13 19:35 - 00050688 _____ (Stardock.Net, Inc) C:\Windows\SysWOW64\wbhelp2.dll
2014-07-02 13:32 - 2009-05-13 19:35 - 00028160 _____ (Neil Banfield) C:\Windows\SysWOW64\anim.dll
2014-06-29 11:06 - 2014-06-29 11:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2014-06-29 11:06 - 2014-06-29 11:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2014-06-29 10:15 - 2014-06-29 10:15 - 00022016 ___SH () C:\Users\Romana\Downloads\Thumbs.db
2014-06-28 13:27 - 2014-06-28 13:27 - 00000000 ____D () C:\Users\Romana\AppData\Roaming\Stardock
2014-06-28 13:27 - 2014-06-28 13:27 - 00000000 ____D () C:\ProgramData\Stardock
2014-06-27 21:06 - 2014-06-27 21:06 - 00393748 _____ () C:\Users\Romana\Downloads\Nakjang_et_al_microsporidia_protein_fam.zip
2014-06-22 13:34 - 2014-06-22 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-06-22 13:34 - 2014-06-22 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-06-20 21:21 - 2014-06-27 09:59 - 00000000 _____ () C:\sparkraw.log
2014-06-20 21:20 - 2014-06-20 21:20 - 00000000 ___HD () C:\GrandeDevice
2014-06-20 21:20 - 2011-03-31 07:47 - 00023040 _____ () C:\Windows\system32\xrhr1alm.dll
2014-06-20 21:20 - 2011-03-23 11:37 - 00256512 _____ (Xerox) C:\Windows\system32\xrhr1ausb.dll
2014-06-19 18:26 - 2014-06-19 18:26 - 00000024 _____ () C:\Users\Romana\AppData\Roaming\temp.ini
2014-06-16 15:20 - 2014-07-07 18:39 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROPUŠKA-Romana Ropuška
2014-06-15 19:43 - 2014-06-15 19:43 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 04190208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-15 19:43 - 2014-06-15 19:43 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-15 19:43 - 2014-06-15 19:43 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00418136 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-06-15 19:43 - 2014-06-15 19:43 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-15 19:42 - 2014-06-15 19:42 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-13 12:56 - 2014-05-31 07:13 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 12:56 - 2014-05-31 07:13 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 16:33 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 16:33 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 16:33 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 16:33 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 16:33 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 16:33 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 16:33 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 16:33 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 16:33 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 16:33 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 16:33 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 16:33 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 16:33 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 16:33 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 16:33 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 16:33 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 16:33 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 16:33 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 16:33 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 16:33 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 16:33 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 16:33 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 16:33 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 16:33 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 16:33 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 16:33 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 16:33 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 16:33 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 16:33 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 16:33 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 16:33 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 16:33 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 16:33 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-11 16:33 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:33 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:33 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-11 16:33 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-11 16:33 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-11 16:33 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-11 16:33 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 16:33 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 16:32 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-11 16:32 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-11 16:32 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-11 16:32 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-11 16:32 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-11 16:32 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-11 16:32 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-11 16:32 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-11 16:32 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-11 16:32 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-11 16:32 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-11 16:32 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-11 16:32 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-11 16:32 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-11 16:32 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-11 16:32 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-11 16:32 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-11 16:32 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-11 16:32 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-11 16:32 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-11 16:32 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-11 16:32 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-11 16:32 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-11 16:32 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-11 16:32 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-11 16:32 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-11 16:32 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-11 16:32 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-11 16:32 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-11 16:32 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-11 16:32 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-11 16:32 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-11 16:32 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-11 16:32 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-11 16:32 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-11 16:32 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-11 16:32 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-11 16:32 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-11 16:32 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-11 16:32 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-11 16:32 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-11 16:32 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-11 16:32 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-11 16:32 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-11 16:32 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-11 16:32 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-11 16:32 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-11 16:32 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-11 16:32 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-11 16:32 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-11 16:32 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-11 16:32 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-11 16:32 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-11 16:32 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 16:32 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-11 16:32 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-11 16:32 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-11 16:32 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-11 16:32 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-11 16:32 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-11 16:32 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-11 16:32 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-11 16:32 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 16:32 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-11 16:32 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-11 16:32 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-11 16:32 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-11 16:32 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-11 16:32 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-11 16:32 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-11 16:32 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-11 16:32 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-11 16:32 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-11 16:32 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-11 16:32 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-11 16:32 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-11 16:32 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-11 16:32 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-11 16:32 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-11 16:32 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-11 16:32 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-11 16:32 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-11 16:32 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-11 16:32 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-11 16:32 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-11 16:32 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-11 16:32 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-11 16:32 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-11 16:32 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-06-11 16:32 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-11 16:32 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-06-11 16:32 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-11 16:32 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-06-11 16:32 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-11 16:32 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-11 16:32 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-11 16:32 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-11 16:32 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-11 16:32 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-11 16:32 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-11 16:32 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-11 16:32 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-11 16:32 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-11 16:32 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-11 16:32 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-11 16:32 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-11 16:32 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 16:32 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-11 16:32 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-11 16:32 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-11 16:32 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 16:32 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-11 16:32 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-11 16:32 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-11 16:32 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-11 16:32 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-11 16:32 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-11 16:32 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-10 17:39 - 2014-06-10 17:39 - 00000000 ____D () C:\Users\Romana\Documents\Vlastní šablony Office
2014-06-10 14:49 - 2014-06-10 14:49 - 00000000 ____D () C:\Windows\Tasks\TaskDisabled
2014-06-10 09:38 - 2014-06-10 09:38 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-10 09:38 - 2014-06-10 09:38 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-10 09:38 - 2014-06-10 09:38 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll

[RP8]

pokračování



==================== One Month Modified Files and Folders =======

2014-07-10 18:50 - 2014-07-10 18:50 - 00014058 _____ () C:\Users\Romana\Desktop\FRST.txt
2014-07-10 18:50 - 2014-07-10 18:50 - 00000000 ____D () C:\FRST
2014-07-10 18:50 - 2013-09-30 06:20 - 00005430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 18:50 - 2013-09-30 05:57 - 01093182 _____ () C:\Windows\system32\perfh005.dat
2014-07-10 18:50 - 2013-09-30 05:57 - 00264316 _____ () C:\Windows\system32\perfc005.dat
2014-07-10 18:49 - 2014-07-10 18:49 - 02084352 _____ (Farbar) C:\Users\Romana\Desktop\FRST64.exe
2014-07-10 18:48 - 2014-07-06 21:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 18:48 - 2014-06-06 09:26 - 00059904 ___SH () C:\Users\Romana\Desktop\Thumbs.db
2014-07-10 18:48 - 2014-06-05 12:32 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-10 18:48 - 2014-06-05 12:32 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-10 18:48 - 2014-06-05 12:19 - 00000000 __RDO () C:\Users\Romana\SkyDrive
2014-07-10 18:47 - 2014-07-05 12:47 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForRomana.job
2014-07-10 18:46 - 2014-06-05 13:45 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-10 18:45 - 2014-07-10 18:45 - 00000818 _____ () C:\Windows\PFRO.log
2014-07-10 18:45 - 2014-06-05 12:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-10 18:45 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-10 18:45 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-10 18:44 - 2014-06-05 12:12 - 01172913 _____ () C:\Windows\WindowsUpdate.log
2014-07-10 18:42 - 2014-07-10 18:41 - 00088668 _____ () C:\Users\Romana\Documents\cc_20140710_184151.reg
2014-07-10 18:42 - 2014-06-05 12:32 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-10 18:39 - 2014-07-07 21:53 - 00000000 ____D () C:\Users\Romana\AppData\Local\CrashDumps
2014-07-10 18:38 - 2014-06-05 12:23 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841785141-1410990556-160275754-1001
2014-07-10 18:37 - 2014-07-10 18:37 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 18:37 - 2014-07-10 18:37 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 18:37 - 2014-07-10 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-10 18:37 - 2014-07-10 18:37 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 18:36 - 2014-07-10 18:36 - 04812672 _____ (Piriform Ltd) C:\Users\Romana\Downloads\ccsetup415.exe
2014-07-10 18:36 - 2014-07-10 18:36 - 04812672 _____ (Piriform Ltd) C:\Users\Romana\Downloads\ccsetup415 (1).exe
2014-07-10 18:36 - 2014-06-05 12:26 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2730F3A-FA3B-46BF-BE32-628E1AA0320D}
2014-07-10 18:35 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-08 21:45 - 2014-07-08 21:45 - 05216105 _____ (Swearware) C:\Users\Romana\Desktop\ComboFix (1).exe
2014-07-07 23:22 - 2014-07-07 23:22 - 00002487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-07 23:22 - 2014-07-07 23:22 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-07 23:22 - 2014-06-05 16:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-07 23:22 - 2014-06-05 16:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-07 23:01 - 2014-06-05 12:17 - 00000000 ____D () C:\Users\Romana
2014-07-07 22:29 - 2014-07-07 11:43 - 00000000 ____D () C:\Users\Romana\Downloads\logy
2014-07-07 22:29 - 2014-06-05 13:30 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-07-07 22:18 - 2014-07-07 22:18 - 00030336 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-07 18:39 - 2014-06-16 15:20 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROPUŠKA-Romana Ropuška
2014-07-07 18:19 - 2014-07-03 19:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-07 17:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-07 14:22 - 2014-07-06 17:54 - 00010735 _____ () C:\Users\Romana\Downloads\hijackthis.log
2014-07-07 13:05 - 2014-07-07 13:05 - 05328984 _____ () C:\Users\Romana\Desktop\RogueKillerX64.exe
2014-07-07 12:47 - 2013-08-22 16:44 - 00476992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-07 12:46 - 2014-07-07 12:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-07 11:57 - 2014-07-07 11:57 - 00000712 _____ () C:\Users\Romana\Desktop\JRT.txt
2014-07-07 11:46 - 2014-07-07 11:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-07 11:40 - 2014-07-06 21:14 - 00000000 ____D () C:\AdwCleaner
2014-07-07 11:21 - 2014-07-07 11:21 - 01016261 _____ (Thisisu) C:\Users\Romana\Desktop\JRT.exe
2014-07-07 11:20 - 2014-06-05 16:09 - 00000296 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2014-07-06 21:42 - 2014-07-06 21:42 - 00003371 _____ () C:\Users\Romana\Downloads\text.txt
2014-07-06 21:34 - 2014-07-06 21:34 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 21:34 - 2014-07-06 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 21:32 - 2014-06-05 16:27 - 00000000 ____D () C:\Users\Romana\Documents\Lexicon
2014-07-06 21:30 - 2014-07-02 13:36 - 00000047 _____ () C:\Windows\SysWOW64\windows.ini
2014-07-06 21:25 - 2014-07-06 21:24 - 01346519 _____ () C:\Users\Romana\Desktop\AdwCleaner.exe
2014-07-06 20:11 - 2014-07-06 20:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Romana\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-06 20:10 - 2014-07-06 21:13 - 01346519 _____ () C:\Users\Romana\Desktop\adwcleaner_3.214.exe
2014-07-06 20:10 - 2014-07-06 20:10 - 01346519 _____ () C:\Users\Romana\Downloads\adwcleaner_3.214.exe
2014-07-06 20:10 - 2014-07-06 20:10 - 00050688 _____ (Atribune.org) C:\Users\Romana\Downloads\ATF-Cleaner.exe
2014-07-06 20:09 - 2014-07-06 20:09 - 00448512 _____ (OldTimer Tools) C:\Users\Romana\Downloads\TFC.exe
2014-07-06 18:14 - 2014-06-06 22:01 - 00000000 ____D () C:\UT2004
2014-07-06 18:05 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Romana\AppData\Local\ABBYY
2014-07-06 18:05 - 2014-06-05 15:12 - 00000000 ____D () C:\ProgramData\ABBYY
2014-07-06 18:05 - 2014-06-05 15:12 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 11
2014-07-06 17:53 - 2014-06-05 12:18 - 00000000 ____D () C:\Users\Romana\AppData\Local\VirtualStore
2014-07-06 17:50 - 2014-07-06 17:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Romana\Downloads\HijackThis.exe
2014-07-06 12:21 - 2014-06-05 13:47 - 00000000 ____D () C:\Users\Romana\Documents\Anki
2014-07-06 11:52 - 2014-06-05 12:18 - 00000000 ____D () C:\Users\Romana\AppData\Local\Packages
2014-07-06 10:40 - 2014-07-06 10:40 - 00757598 _____ () C:\Users\Romana\Downloads\TL-WR841N_V8_datasheet.zip
2014-07-05 18:26 - 2014-07-05 18:26 - 00000000 _____ () C:\asc_rdflag
2014-07-05 18:26 - 2014-06-05 18:36 - 71282688 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-07-05 18:26 - 2014-06-05 18:36 - 00344064 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-07-05 18:26 - 2014-06-05 18:36 - 00073728 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-07-05 18:26 - 2014-06-05 18:36 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-07-05 13:27 - 2014-06-05 16:10 - 00000000 ____D () C:\Users\Romana\AppData\Roaming\uTorrent
2014-07-05 13:27 - 2014-06-05 15:50 - 00000000 ____D () C:\Users\Romana\AppData\Roaming\Winamp
2014-07-05 12:47 - 2014-07-05 12:47 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRomana
2014-07-05 12:47 - 2014-06-05 12:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-05 12:47 - 2014-06-05 12:56 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-05 12:45 - 2014-07-05 12:45 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 22:01 - 2014-07-03 22:01 - 00029603 _____ () C:\Users\Romana\Downloads\[www.seedpeer.me] Onmyouza Full Discography.SEEDPEER.torrent
2014-07-03 19:05 - 2014-07-03 19:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-03 19:05 - 2014-07-03 19:05 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-03 19:05 - 2014-06-05 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-03 19:05 - 2014-06-05 12:40 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-03 19:05 - 2014-06-05 12:40 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-03 19:05 - 2014-06-05 12:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-02 23:48 - 2014-06-05 15:44 - 00000000 ____D () C:\Users\Romana\AppData\Local\Last.fm
2014-07-02 17:07 - 2014-06-05 13:41 - 00000000 ____D () C:\The KMPlayer
2014-06-29 11:06 - 2014-06-29 11:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2014-06-29 11:06 - 2014-06-29 11:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2014-06-29 10:15 - 2014-06-29 10:15 - 00022016 ___SH () C:\Users\Romana\Downloads\Thumbs.db
2014-06-28 13:27 - 2014-06-28 13:27 - 00000000 ____D () C:\Users\Romana\AppData\Roaming\Stardock
2014-06-28 13:27 - 2014-06-28 13:27 - 00000000 ____D () C:\ProgramData\Stardock
2014-06-27 21:06 - 2014-06-27 21:06 - 00393748 _____ () C:\Users\Romana\Downloads\Nakjang_et_al_microsporidia_protein_fam.zip
2014-06-27 09:59 - 2014-06-20 21:21 - 00000000 _____ () C:\sparkraw.log
2014-06-22 14:31 - 2014-06-05 22:48 - 00000204 _____ () C:\Users\Romana\Desktop\resty z vlaku.txt
2014-06-22 14:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-22 13:34 - 2014-06-22 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-06-22 13:34 - 2014-06-22 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-06-20 21:20 - 2014-06-20 21:20 - 00000000 ___HD () C:\GrandeDevice
2014-06-20 21:14 - 2014-06-05 12:53 - 00000000 ____D () C:\Users\Romana\AppData\Local\Hewlett-Packard
2014-06-20 13:13 - 2014-06-05 13:49 - 00000000 ____D () C:\Users\Romana\AppData\Local\Microsoft Help
2014-06-20 11:37 - 2014-06-05 12:32 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:37 - 2014-06-05 12:32 - 00003704 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 18:26 - 2014-06-19 18:26 - 00000024 _____ () C:\Users\Romana\AppData\Roaming\temp.ini
2014-06-16 12:40 - 2014-06-07 17:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-16 12:39 - 2014-06-07 17:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-15 23:26 - 2014-06-05 16:15 - 00000000 ___RD () C:\Users\Romana\Podcasts
2014-06-15 23:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-06-15 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-06-15 22:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-15 19:43 - 2014-06-15 19:43 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 04190208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-15 19:43 - 2014-06-15 19:43 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-15 19:43 - 2014-06-15 19:43 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00418136 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-15 19:43 - 2014-06-15 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-06-15 19:43 - 2014-06-15 19:43 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-06-15 19:43 - 2014-06-15 19:43 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-15 19:43 - 2014-06-15 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-15 19:42 - 2014-06-15 19:42 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 11:07 - 2014-06-05 15:39 - 00000800 _____ () C:\Users\Romana\Desktop\Stopky – zástupce.lnk
2014-06-10 17:39 - 2014-06-10 17:39 - 00000000 ____D () C:\Users\Romana\Documents\Vlastní šablony Office
2014-06-10 17:32 - 2014-06-05 17:19 - 00000000 ____D () C:\Program Files (x86)\ClustalX2
2014-06-10 15:14 - 2014-06-05 17:19 - 00000000 ____D () C:\Program Files (x86)\GeneDoc
2014-06-10 14:49 - 2014-06-10 14:49 - 00000000 ____D () C:\Windows\Tasks\TaskDisabled
2014-06-10 09:38 - 2014-06-10 09:38 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-10 09:38 - 2014-06-10 09:38 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-10 09:38 - 2014-06-10 09:38 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-06-10 09:38 - 2014-06-10 09:38 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-03 09:34

==================== End Of Log ============================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Romana at 2014-07-10 18:51:08
Running from C:\Users\Romana\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.502.68015 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.502.68015 - ABBYY) Hidden
ActivePerl 5.18.2 Build 1802 (64-bit) (HKLM\...\{6EE26068-81F2-4389-8B79-52C7371C1BA6}) (Version: 5.18.1802 - ActiveState)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
ClustalX2 (HKLM-x32\...\{136F3A0B-5783-47AC-8DB7-1611ED879FA1}) (Version: 2.1 - University College Dublin)
DeepBurner 1.9.0.228 (HKLM-x32\...\{F0A8E94F-1AD1-4428-873E-36CEEABA5FED}_is1) (Version: 1.9.0.228 - Astonsoft Ltd.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GeneDoc (HKLM-x32\...\GeneDoc) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - )
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Rise of Nations Gold (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Microsoft SharePoint Designer MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft X MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 327.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.31 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 327.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.31 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2731 - NVIDIA Corporation) Hidden
NVIDIA WMI 2.14.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.14.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 327.31 (Version: 327.31 - NVIDIA Corporation) Hidden
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.124 - PandoraTV)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TreeView 1.6.6 (HKLM-x32\...\{0681606A-13CD-4365-9B19-684B577FA9E9}_is1) (Version: - Rod Page)
Wakan 1.67 (HKLM-x32\...\Wakan) (Version: 1.67 - Filip Kabrt)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points =========================

23-06-2014 19:41:22 Naplánovaný kontrolní bod
02-07-2014 07:29:46 Naplánovaný kontrolní bod
03-07-2014 17:04:11 avast! antivirus system restore point
06-07-2014 16:04:25 Removed ABBYY FineReader 11.

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04592AA7-44B9-4E62-9DC6-D8DA20BAE2ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08D0D704-226A-489E-9C17-D12B4AACC6F5} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-06-05] (IObit)
Task: {0912088E-6F45-451C-A94C-5217066B29B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {25B647E1-F17F-4B83-BDD2-84C31468C734} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ROPUŠKA-Romana Ropuška => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2B3BBF10-6307-49F0-ADEA-32D88E7407EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {2B4156EE-5381-41F4-95F3-652FE9D3A80F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46A34C9F-31C8-4654-AA0B-315B12C80A77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: {470A0D92-879D-46B2-94E5-87D58B811E32} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {522EDCF6-0E8A-4D99-B8CB-93E8C940EE3D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5F02C97A-40AF-4AD3-855C-DBC375B13F36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6958B11E-8700-4259-869A-9CC4E238B752} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-03] (AVAST Software)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6ED0D5AB-25E7-42FE-805D-6A5CC72BDE61} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AEDA4CF-0C22-4669-9492-466CF6973868} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-16] (Microsoft Corporation)
Task: {81B8378B-596C-440E-AA32-AA36C5B04069} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A2894CB6-A0CC-4690-ADD4-F497E863ADC4} - System32\Tasks\HPCeeScheduleForRomana => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A8C025B8-FCCF-459B-BE83-D6258DBEA84C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: {AA94E995-CFB1-4AD6-B4C3-404D63207365} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {AC52FF16-D0A8-42F4-81E9-CD4FD1E32677} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {BB9A8185-4C4E-4166-8D9A-C1BB515D3F58} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BF1B0266-2A3A-4CBB-A2E2-B2A083FCD4D9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F83B25DC-AABD-45A2-8A7B-A80C11D7425E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRomana.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2014-06-20 21:20 - 2011-03-31 07:47 - 00023040 _____ () C:\Windows\System32\xrhr1aLM.DLL
2014-06-06 14:49 - 2014-06-06 14:49 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-03 19:05 - 2014-07-03 19:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-10 18:39 - 2014-07-10 18:39 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14071000\algo.dll
2014-07-03 19:05 - 2014-07-03 19:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Romana\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Bonus.SSR.FR11 => "c:\program files (x86)\abbyy finereader 11\bonus.screenshotreader.exe" /autorun
MSCONFIG\startupreg: Zune Launcher => c:\program files\zune\zunelauncher.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/07/2014 11:00:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (07/10/2014 06:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2014 06:45:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Run software as a Windows service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (07/07/2014 11:02:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/07/2014 11:02:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Run software as a Windows service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (07/07/2014 10:55:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/07/2014 10:55:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Run software as a Windows service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (07/07/2014 10:55:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:16:51, ‎7. ‎7. ‎2014) bylo neočekávané.

Error: (07/07/2014 10:17:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/07/2014 10:16:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Run software as a Windows service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (07/07/2014 10:16:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:50:23, ‎7. ‎7. ‎2014) bylo neočekávané.


Microsoft Office Sessions:
=========================
Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/10/2014 06:50:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/07/2014 11:16:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/07/2014 11:07:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (07/07/2014 11:00:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 8119.38 MB
Available physical RAM: 6668.75 MB
Total Pagefile: 9399.38 MB
Available Pagefile: 7338.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.04 GB) (Free:68.14 GB) NTFS
Drive d: () (Fixed) (Total:343.75 GB) (Free:53.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 447 GB) (Disk ID: CCC384DB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=103 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[RP8]

ComboFix se mi nepodařilo odinstalovat, kdy jsem ho hledala dle návodu, tak to nebylo nalezeno (on se mi totiž ani nespustil, hned naskočila hláška, že to nejde)

Nemohl ten keylogger i nějak poškodit hardware? Poslední dobou se mi přehřívá a vypíná notebook a nelze na něm pracovat (do deseti minut se pokaždé vypne). Problémy s přehříváním měl i předtím, ale nikdy ne tak hrozné (sice už je dávno po záruce, ale napadlo mě, že se to časově zhruba shoduje s nainstalování keyloggeru)

[jaro3]

Keylogger nepoškozuje HW , on ho potřebuje
Taky se snaží vůbec nevytěžovat CPU..

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) ->
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
C:\Users\Romana\Desktop\ComboFix (1).exe
C:\Users\Romana\Downloads\ccsetup415 (1).exe

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Problém s Dropboxem , chce to přeinstalovat..

S2 SKLProService; F:\x\Crack + Patch\rsasws.exe [X] to by měla smazat..

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\SysWOW64\windows.ini

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Stáhni si Slim Drivers

Pomůže ti najít a aktualizovat ovladače..

Nebo:
http://www.driverupdate.net/index.php

[RP8]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-07-2014
Ran by Romana at 2014-07-13 22:30:24 Run:1
Running from C:\Users\Romana\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) ->
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
C:\Users\Romana\Desktop\ComboFix (1).exe
C:\Users\Romana\Downloads\ccsetup415 (1).exe
*****************

'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) ->'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) ->'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect' => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll" => not found.
C:\Users\Romana\Desktop\ComboFix (1).exe => Moved successfully.
C:\Users\Romana\Downloads\ccsetup415 (1).exe => Moved successfully.

==== End of Fixlog ====



https://www.virustotal.com/cs/file/31fc ... 405285166/

[jaro3]

Stáhni si zde DelFix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.