Kontrola logu - po zavirovanem PC Vyřešeno

[ASKER]

Prosím o kontrolu logu po zavirovanem PC, měl jsem tam toho docela dost tak jestli něco náhodou nezustalo. Děkuju

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:33:08, on 17/04/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
D:\Stažené soubory\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Command Center] D:\MSI PRODUCTS\Command Center_1.0.1.11\StartCommandCenter.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5ddb9c89-060b-4138-a201-3cd8821757dd}: NameServer = 79.121.12.76,78.131.88.174
O17 - HKLM\System\CS1\Services\Tcpip\..\{5ddb9c89-060b-4138-a201-3cd8821757dd}: NameServer = 79.121.12.76,78.131.88.174
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\DDR\MSIDDRService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - D:\MSI PRODUCTS\Command Center_1.0.1.11\SuperIO\MSISuperIOService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OkayFreedom\bin\openvpnserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7900 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[ASKER]

AdwCleaner

# AdwCleaner v5.112 - Log soubor vytvořen 18/04/2016 o 20:10:54
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-17.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Jméno uživatele : PC - lNbP
# Spuštěno z : C:\Users\PC\Desktop\adwcleaner_5.112.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

Složka nalezeno : C:\Users\PC\AppData\Local\Hola

***** [ Soubory ] *****


***** [ DLL ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

Klávesa nalezeno : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
Klávesa nalezeno : HKCU\Software\MozillaPlugins\@hola.org/vlc
Klávesa nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klávesa nalezeno : [x64] HKLM\SOFTWARE\Hola
Klávesa nalezeno : HKU\.DEFAULT\Software\Hola
Klávesa nalezeno : HKU\S-1-5-18\Software\Hola

***** [ Webové prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [1070 bytes] - [18/04/2016 20:10:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1143 bytes] ##########




Malwarebytes

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18/04/2016
Čas skenování: 20:14
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.04.18.05
Databáze rootkitů: v2016.04.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 317343
Uplynulý čas: 2 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jerabina]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[ASKER]

# AdwCleaner v5.112 - Log soubor vytvoren 19/04/2016 o 17:22:16
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-19.4 [Server]
# Operacní systém : Windows 10 Home (X64)
# Jméno uživatele : PC - lNbP
# Spušteno z : C:\Users\PC\Desktop\adwcleaner_5.112.exe
# Volba : Cištení
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

[-] Složka smazáno : C:\Users\PC\AppData\Local\Hola

***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

[-] Klávesa smazáno : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Klávesa smazáno : HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Hola
[-] Klávesa smazáno : HKU\.DEFAULT\Software\Hola

***** [ Webové prohlížece ] *****


*************************

:: "Tracing" odstranených kláves
:: Nastavení Winsock odstraneno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1153 bytes] - [19/04/2016 17:22:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [1226 bytes] - [18/04/2016 20:10:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [1299 bytes] - [19/04/2016 17:21:07]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1372 bytes] ##########


----------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by PC (Administrator) on 19/04/2016 at 17:25:23.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7

Successfully deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut)
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\PC\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)
Successfully deleted: C:\Users\PC\AppData\Roaming\productdata (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/04/2016 at 17:26:35.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


---------------------------------------------------------------------------------------------------


RogueKiller V12.1.3.0 (x64) [Apr 18 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : PC [Administrator]
Started from : C:\Users\PC\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 04/19/2016 17:34:07

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 1.2.3.4 ([United States]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 1.2.3.4 ([United States]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5ddb9c89-060b-4138-a201-3cd8821757dd} | NameServer : 37.220.134.207,46.35.194.231 ([Hungary][Hungary]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{edc1063c-5b28-47c3-bd2c-4fc75c4eacbd} | NameServer : 37.220.134.207,46.35.194.231 ([Hungary][Hungary]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{edc1063c-5b28-47c3-bd2c-4fc75c4eacbd} | DhcpNameServer : 1.2.3.4 ([United States]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5ddb9c89-060b-4138-a201-3cd8821757dd} | NameServer : 37.220.134.207,46.35.194.231 ([Hungary][Hungary]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{edc1063c-5b28-47c3-bd2c-4fc75c4eacbd} | NameServer : 37.220.134.207,46.35.194.231 ([Hungary][Hungary]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{edc1063c-5b28-47c3-bd2c-4fc75c4eacbd} | DhcpNameServer : 1.2.3.4 ([United States]) -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: INTEL SSDSC2BW120A4 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 300 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 616448 | Size: 99 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 819200 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1081344 | Size: 113495 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 233519104 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST2000DM001-1ER164 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 1907600 MB
User = LL1 ... OK
User = LL2 ... OK

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[ASKER]

To s tím RogueKillerem --- tohle nechci smazat, tohle není způsobeno žádným virem ale takhle jsem si to udělal naschvál protože mi to vyhovuje a měl jsem DNS leak při používání VPN. Mám taky problém s nějakým zavirovaným (?) programem od seznamu kterej se spouští pokaždý při spuštění. Je to i v logu tak bych potřeboval poradit jak to smazat aby se to už nikdy nevrátilo.
Děkuju moc za pomoc


Zoek

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by PC on 21/04/2016 at 19:04:10.44.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21/04/2016 19:04:53 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\VPNium deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\PC\AppData\Local\ActiveSync deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\VPNium not found
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\CrashRpt deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================


ZenMate Firewall - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphffohcfcaeoekbkfibilcmmoakhmfc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=28 20785491 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 21/04/2016 at 19:15:37.87 ======================

[ASKER]

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by PC (administrator) on lNbP (21-04-2016 19:18:53)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(MSI) D:\MSI PRODUCTS\Command Center_1.0.1.11\MSIControlService.exe
(MSI) D:\MSI PRODUCTS\Command Center_1.0.1.11\DDR\MSIDDRService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-03-08] (NVIDIA Corporation)
HKLM-x32\...\Run: [Command Center] => D:\MSI PRODUCTS\Command Center_1.0.1.11\StartCommandCenter.exe [830416 2016-02-16] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [Steam] => D:\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] ()
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8473088 2016-03-02] ()
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 1.2.3.4
Tcpip\..\Interfaces\{edc1063c-5b28-47c3-bd2c-4fc75c4eacbd}: [DhcpNameServer] 1.2.3.4

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1956160488-2787499583-196946323-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-21]
CHR Extension: (Dokumenty Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-21]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-21]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-21]
CHR Extension: (Tabulky Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S3 MSIClock_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\ClockGen\MSIClockService.exe [4162512 2016-02-04] (MSI)
S3 MSICOMM_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\MSICommService.exe [2200872 2016-02-01] (MSI)
S3 MSICPU_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\CPU\MSICPUService.exe [4162512 2016-02-04] (MSI)
R2 MSICTL_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\MSIControlService.exe [2013648 2016-02-16] (MSI)
R2 MSIDDR_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\DDR\MSIDDRService.exe [2312144 2016-02-22] (MSI)
S3 MSISMB_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\SMBus\MSISMBService.exe [2073040 2016-02-04] (MSI)
S3 MSISuperIO_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\SuperIO\MSISuperIOService.exe [596944 2016-02-01] (MSI)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files (x86)\OkayFreedom\bin\openvpnserv.exe [37504 2016-03-10] (The OpenVPN Project)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [158272 2015-09-03] (Qualcomm Atheros, Inc.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NTIOLib_MSIDDR_CC; D:\MSI PRODUCTS\Command Center_1.0.1.11\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2016-03-08] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2015-11-10] (The OpenVPN Project)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2016-04-17] (BitDefender S.R.L.)
S3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-21 19:18 - 2016-04-21 19:19 - 00011961 _____ C:\Users\PC\Desktop\FRST.txt
2016-04-21 19:18 - 2016-04-21 19:18 - 00000000 ____D C:\FRST
2016-04-21 19:17 - 2016-04-21 19:18 - 00006803 _____ C:\Users\PC\Desktop\zoek.txt
2016-04-21 19:17 - 2016-04-21 19:17 - 00000000 ____D C:\Users\PC\AppData\Local\ActiveSync
2016-04-21 19:14 - 2016-04-21 19:04 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-04-21 19:04 - 2016-04-21 19:13 - 00000000 ____D C:\zoek_backup
2016-04-21 17:15 - 2016-04-21 17:15 - 00000000 ____D C:\Users\PC\AppData\Roaming\java
2016-04-21 17:12 - 2016-04-21 19:13 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-04-21 17:12 - 2016-04-21 19:13 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-04-21 17:11 - 2016-04-21 17:11 - 00000000 ____D C:\Users\PC\AppData\Roaming\Seznam.cz
2016-04-21 17:11 - 2016-04-21 17:11 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-04-21 17:10 - 2016-04-21 17:38 - 00000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2016-04-21 17:09 - 2016-04-21 17:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-21 17:09 - 2016-04-21 17:09 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\Users\PC\AppData\Roaming\Sun
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Sun
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Oracle
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-21 17:09 - 2016-04-21 17:09 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-19 20:40 - 2016-04-19 20:40 - 02375680 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2016-04-19 20:40 - 2016-04-19 20:40 - 01309184 _____ C:\Users\PC\Desktop\zoek.exe
2016-04-19 20:40 - 2016-04-19 17:20 - 24002120 _____ C:\Users\PC\Desktop\RogueKillerX64.exe
2016-04-19 17:28 - 2016-04-21 18:57 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-19 17:28 - 2016-04-19 17:35 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-18 20:10 - 2016-04-21 18:54 - 00000000 ____D C:\AdwCleaner
2016-04-18 16:08 - 2016-04-18 16:08 - 00002322 _____ C:\Users\Public\Desktop\ToneMaker 1.lnk
2016-04-17 15:54 - 2016-04-17 15:56 - 00000029 _____ C:\WINDOWS\Lic.xxx
2016-04-17 15:54 - 2016-04-17 15:54 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr90.dll
2016-04-17 15:54 - 2016-04-17 15:54 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2016-04-17 15:54 - 2016-04-17 15:54 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp90.dll
2016-04-17 15:54 - 2016-04-17 15:54 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2016-04-17 15:54 - 2016-04-17 15:54 - 00350160 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-04-17 15:54 - 2016-04-17 15:54 - 00156392 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2016-04-17 15:54 - 2016-04-17 15:54 - 00000000 ____D C:\ProgramData\MicroWorld
2016-04-17 13:49 - 2016-04-17 13:49 - 00000000 ____D C:\Users\PC\AppData\Local\Vitalwerks
2016-04-17 13:46 - 2016-04-17 13:58 - 00000000 ____D C:\WINDOWS\install
2016-04-17 12:44 - 2016-04-17 14:09 - 00001206 _____ C:\Users\Public\Desktop\OpenVPN GUI.lnk
2016-04-17 12:44 - 2016-04-17 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-04-17 12:44 - 2016-04-17 12:44 - 00000000 ____D C:\Program Files\TAP-Windows
2016-04-17 12:43 - 2016-04-17 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2016-04-17 00:02 - 2016-04-17 00:02 - 00000000 ____D C:\Users\PC\AppData\Local\Downloaded Installations
2016-04-16 22:39 - 2016-04-16 22:39 - 00002557 _____ C:\WINDOWS\system32\ipconfig_results.txt
2016-04-13 18:44 - 2016-04-13 18:44 - 00044896 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapvyprvpn.sys
2016-04-13 14:03 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 14:03 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 14:03 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:03 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 14:03 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 14:03 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 14:03 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 14:03 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 14:03 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 14:03 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 14:03 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 14:03 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:03 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 14:03 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 14:03 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 14:03 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 14:03 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 14:03 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 14:03 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 14:03 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 14:03 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 14:03 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:03 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 14:03 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 14:03 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 14:03 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 14:03 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 14:03 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 14:03 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 14:03 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 14:03 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 14:03 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 14:03 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 14:03 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 14:03 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 14:03 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 14:03 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 14:03 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 14:03 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 14:03 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 14:03 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 14:03 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 14:03 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 14:03 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 14:03 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 14:03 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 14:03 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 14:03 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 14:03 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 14:03 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 14:03 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 14:03 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 14:03 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 14:03 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 14:03 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 14:03 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 14:03 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 14:03 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 14:03 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 14:03 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 14:03 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 14:03 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 14:03 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 14:03 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 14:03 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 14:03 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 14:03 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 14:03 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 14:03 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 14:03 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 14:03 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 14:03 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 14:03 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 14:03 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 14:03 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 14:03 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 14:03 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 14:03 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 14:03 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 14:03 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 14:03 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 14:03 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 14:03 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:03 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 14:03 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 14:03 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:03 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 14:03 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 14:03 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 14:03 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 14:03 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 14:03 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 14:03 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 14:03 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 14:03 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 14:03 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 14:03 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 14:03 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 14:03 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 14:03 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 14:03 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 14:03 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 14:03 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 14:03 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 14:03 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 14:03 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 14:03 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 14:03 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 14:03 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 14:03 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 14:03 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 14:03 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 14:03 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 14:03 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 14:03 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 14:03 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 14:03 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 14:03 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 14:03 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 14:03 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 14:03 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:03 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 14:03 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 14:03 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 14:03 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 14:03 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 14:03 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 14:03 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 14:03 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 14:03 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 14:03 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 14:03 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 14:03 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 14:03 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 14:03 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 14:03 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 14:03 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 14:03 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 14:03 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 14:03 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 14:03 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 14:03 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 14:03 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 14:03 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 14:03 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 14:03 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 14:03 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 14:03 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 14:03 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 14:03 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 14:03 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 14:03 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 14:03 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 14:03 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 14:03 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 14:03 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 14:03 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 14:03 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 14:03 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 14:03 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 14:03 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 14:03 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 14:03 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 14:03 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 14:03 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 14:03 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 14:03 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 14:03 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 14:03 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 14:03 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 14:03 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 14:03 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 14:03 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 14:03 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 14:03 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 14:03 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 14:03 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 14:03 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 14:03 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 14:03 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 14:03 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 14:03 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 14:03 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 14:03 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 14:03 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 14:03 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:03 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 14:03 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 14:03 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 14:03 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 14:03 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 14:03 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 14:03 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 14:03 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 14:03 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 14:03 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 14:03 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 14:03 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 14:03 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 14:03 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 14:03 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 14:03 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 14:03 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 14:03 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 14:03 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 14:03 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 14:03 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 14:03 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 14:03 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 14:03 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 14:03 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 14:02 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 14:02 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 14:02 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 14:02 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 14:02 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 14:02 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 14:02 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 14:02 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 14:02 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 14:02 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 14:02 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 14:02 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 14:02 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 14:02 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 14:02 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 14:02 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 14:02 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 14:02 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 14:02 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 14:02 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 14:02 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 14:02 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 14:02 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:02 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 14:02 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 14:02 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 14:02 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 14:02 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 14:02 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 14:02 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:02 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 14:02 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 14:02 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 14:02 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 14:02 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 14:02 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 14:02 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 14:02 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 14:02 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 14:02 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 14:02 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 14:02 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 14:02 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 14:02 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 14:02 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 14:02 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 14:02 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 14:02 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 14:02 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 14:02 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 14:02 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 14:02 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 14:02 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 14:02 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 14:02 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 14:02 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 14:02 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 14:02 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 14:02 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 14:02 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 14:02 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 14:02 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 14:02 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 14:02 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 14:02 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 14:02 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 14:02 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 14:02 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-07 22:18 - 2016-04-07 22:18 - 00000000 ____D C:\ProgramData\LockHunter
2016-04-04 18:21 - 2016-04-04 18:21 - 00000000 ____D C:\Users\PC\AppData\Local\mullvad
2016-04-04 17:32 - 2016-04-21 17:12 - 00000000 ____D C:\Users\PC\AppData\Local\Deployment
2016-04-04 17:32 - 2016-04-04 17:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bravotelco llc
2016-04-04 17:32 - 2016-04-04 17:32 - 00000000 ____D C:\Users\PC\AppData\Local\Apps\2.0
2016-04-03 12:36 - 2016-04-03 12:36 - 00807346 _____ C:\Users\PC\Desktop\modul.pptx
2016-04-02 19:44 - 2016-04-02 19:44 - 00000000 ____D C:\Users\PC\AppData\Local\Creative
2016-04-02 19:42 - 2016-04-02 19:42 - 00000159 ___RH C:\WINDOWS\ctfile.rfc
2016-04-02 19:42 - 2016-04-02 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-04-02 19:42 - 2016-04-02 19:42 - 00000000 ____D C:\ProgramData\Creative
2016-04-02 19:42 - 2016-04-02 19:42 - 00000000 ____D C:\Program Files (x86)\Creative
2016-04-02 19:42 - 2015-05-29 17:57 - 00089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2016-04-02 19:42 - 2015-05-29 17:56 - 00366080 _____ C:\WINDOWS\system32\APOMgr64.DLL
2016-04-02 19:42 - 2015-05-29 17:56 - 00074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2016-04-02 19:42 - 2015-05-29 17:54 - 00274944 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2016-04-02 19:42 - 2014-02-21 10:57 - 00041088 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\MBCfg64.dll
2016-04-02 19:42 - 2014-02-21 10:57 - 00038016 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBCfg32.dll
2016-04-02 19:42 - 2014-01-23 17:26 - 00013741 ____N C:\WINDOWS\SysWOW64\MBCfg32.ini
2016-04-02 19:42 - 2014-01-23 17:26 - 00013741 ____N C:\WINDOWS\system32\MBCfg64.ini
2016-04-02 19:42 - 2013-12-24 13:43 - 00375424 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\ChezSC64.DLL
2016-04-02 19:42 - 2013-12-24 13:42 - 00327296 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ChezSC32.DLL
2016-04-02 19:42 - 2013-12-24 13:29 - 00002835 ____N C:\WINDOWS\MBCfg_SP_APOIM.ini
2016-04-02 19:42 - 2013-12-24 13:29 - 00002783 ____N C:\WINDOWS\MBCfg_APOIM.ini
2016-04-02 19:42 - 2013-12-24 13:29 - 00002747 ____N C:\WINDOWS\MBCfg_HP_APOIM.ini
2016-04-02 19:42 - 2013-11-20 11:24 - 00005856 ____N C:\WINDOWS\SysWOW64\MBCfgUninstall32.ini
2016-04-02 19:42 - 2013-11-20 11:24 - 00005856 ____N C:\WINDOWS\system32\MBCfgUninstall64.ini
2016-04-02 19:42 - 2013-04-23 10:54 - 00148096 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\MBCfg64.exe
2016-04-02 19:42 - 2013-04-23 10:53 - 00138880 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBCfg32.exe
2016-04-02 19:42 - 2013-04-23 10:53 - 00015488 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ResDefA.exe
2016-04-02 19:42 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\WINDOWS\Updreg.EXE
2016-04-02 19:41 - 2016-04-17 14:09 - 00000839 _____ C:\Users\Public\Desktop\MSI Command Center.lnk
2016-04-02 19:41 - 2016-04-02 20:01 - 00000000 ____D C:\MSI
2016-04-02 19:41 - 2016-04-02 19:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-02 19:41 - 2016-04-02 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-04-02 19:41 - 2015-08-18 09:51 - 01692840 _____ (MSI) C:\WINDOWS\SysWOW64\muachost.exe
2016-04-02 19:41 - 2013-02-08 11:04 - 00000000 _____ C:\RAMDiskImage.img
2016-04-02 16:47 - 2016-04-10 14:04 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-04-01 19:11 - 2016-04-01 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
2016-04-01 19:11 - 2016-04-01 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Research
2016-04-01 19:11 - 2016-04-01 19:11 - 00000000 ____D C:\Content
2016-04-01 19:09 - 2016-04-01 19:09 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-03-31 20:26 - 2016-03-31 20:26 - 00000053 _____ C:\Users\PC\AppData\Roaming\resetid.vc
2016-03-31 20:26 - 2016-03-31 20:26 - 00000000 ____D C:\Users\PC\AppData\Local\Guavi
2016-03-31 20:26 - 2016-03-31 20:26 - 00000000 _____ C:\Users\PC\AppData\Roaming\programs.vc
2016-03-31 16:47 - 2016-03-31 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2016-03-30 21:32 - 2016-04-08 16:40 - 00073312 _____ (NirSoft) C:\Users\PC\Desktop\cports.exe
2016-03-29 17:38 - 2016-04-17 13:57 - 00001630 _____ C:\WINDOWS\Sandboxie.ini
2016-03-29 17:36 - 2016-03-30 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-03-29 17:36 - 2016-03-29 17:36 - 00000000 ____D C:\Program Files\Sandboxie
2016-03-29 17:20 - 2016-04-21 19:12 - 00007609 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2016-03-29 16:45 - 2016-04-07 19:44 - 00000105 _____ C:\Users\PC\Desktop\leak.txt
2016-03-27 14:06 - 2016-03-27 14:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ____D C:\Users\PC\AppData\Roaming\LockHunter
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ____D C:\Program Files\LockHunter
2016-03-27 00:01 - 2016-03-27 00:12 - 00000000 __SHD C:\Users\Public\DRM
2016-03-26 21:46 - 2016-03-26 21:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\PC Remote
2016-03-26 13:32 - 2016-04-14 01:45 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-03-26 13:30 - 2016-04-13 14:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-26 13:30 - 2016-04-13 14:34 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-26 03:27 - 2016-04-20 20:53 - 00001300 _____ C:\Users\PC\Desktop\LOGIN.lnk
2016-03-26 03:23 - 2016-04-18 16:07 - 00000000 ____D C:\Program Files (x86)\BloodyToneMaker
2016-03-26 03:23 - 2016-04-17 14:09 - 00002094 _____ C:\Users\Public\Desktop\Bloody5.lnk
2016-03-26 03:23 - 2016-04-17 14:09 - 00000901 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-03-26 03:23 - 2016-04-10 13:19 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2016-03-26 03:23 - 2016-03-26 03:23 - 00000000 ____D C:\Users\PC\AppData\Local\Steam
2016-03-26 03:23 - 2016-03-26 03:23 - 00000000 ____D C:\Users\PC\AppData\Local\CEF
2016-03-26 03:23 - 2016-03-26 03:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2016-03-26 03:23 - 2016-03-26 03:23 - 00000000 ____D C:\Program Files (x86)\Bloody5
2016-03-26 03:22 - 2016-04-09 00:30 - 00000000 ____D C:\Users\PC\AppData\Local\TeamSpeak 3 Client
2016-03-26 03:22 - 2016-03-26 03:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2016-03-26 03:22 - 2016-03-26 03:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-03-26 03:22 - 2016-03-26 03:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[ASKER]

2016-03-26 03:21 - 2016-04-17 14:09 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-26 03:21 - 2016-04-17 14:09 - 00001047 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2016-03-26 03:21 - 2016-04-17 14:09 - 00000907 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-26 03:21 - 2016-03-26 03:21 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-03-26 03:21 - 2016-03-26 03:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-26 03:21 - 2016-03-26 03:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-26 03:21 - 2016-03-26 03:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-26 03:21 - 2016-03-26 03:21 - 00000000 ____D C:\Program Files\CCleaner
2016-03-26 03:21 - 2016-03-26 03:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-26 03:21 - 2016-03-10 15:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-26 03:21 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-26 03:21 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-26 03:21 - 2015-10-29 20:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-03-26 03:21 - 2015-10-29 20:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-03-26 03:21 - 2015-10-29 20:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-03-26 03:21 - 2015-10-29 20:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-03-26 03:21 - 2015-10-29 20:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-03-26 03:13 - 2016-03-30 16:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-26 03:13 - 2016-03-30 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-26 03:13 - 2016-03-26 03:13 - 00000000 ____D C:\Program Files\WinRAR
2016-03-26 03:12 - 2016-03-26 03:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-03-26 03:11 - 2016-04-17 14:09 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-26 03:11 - 2016-04-17 14:09 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-26 03:11 - 2016-03-26 03:11 - 00987728 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2016-03-26 03:11 - 2016-03-26 03:11 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-26 03:11 - 2016-03-25 19:02 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2016-03-26 03:10 - 2016-03-26 03:10 - 00001937 _____ C:\Users\PC\Desktop\Tento počítač.lnk
2016-03-26 03:10 - 2016-03-26 03:10 - 00000000 ____D C:\Users\PC\AppData\Local\MicrosoftEdge
2016-03-26 03:09 - 2016-03-26 03:09 - 00000000 ____D C:\Users\PC\AppData\Local\Comms
2016-03-26 03:08 - 2016-03-26 03:08 - 00000000 ___RD C:\Users\PC\OneDrive
2016-03-26 03:08 - 2016-03-26 03:08 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-03-26 03:06 - 2016-04-21 17:14 - 00000000 ____D C:\Users\PC
2016-03-26 03:06 - 2016-04-17 16:32 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2016-03-26 03:06 - 2016-03-26 18:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-26 03:06 - 2016-03-26 03:06 - 00000020 ___SH C:\Users\PC\ntuser.ini
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Soubory cookie
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Šablony
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Poslední
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Okolní tiskárny
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Okolní síť
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Nabídka Start
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Dokumenty
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Documents\Obrázky
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Documents\Hudba
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Documents\Filmy
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\Data aplikací
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 _SHDL C:\Users\PC\AppData\Local\Data aplikací
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 ____D C:\Users\PC\AppData\Local\TileDataLayer
2016-03-26 03:06 - 2016-03-26 03:06 - 00000000 ____D C:\Users\PC\AppData\Local\Publishers
2016-03-26 03:06 - 2016-03-25 19:12 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-03-26 03:04 - 2016-04-19 17:28 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-26 03:01 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-03-26 03:00 - 2016-03-26 03:00 - 00000000 ____D C:\ProgramData\USOShared
2016-03-26 02:59 - 2016-04-21 19:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Šablony
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Poslední
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\Default User
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Users\All Users
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Šablony
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Plocha
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Dokumenty
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\ProgramData\Data aplikací
2016-03-26 02:59 - 2016-03-26 02:59 - 00000000 _SHDL C:\Documents and Settings
2016-03-26 02:58 - 2016-04-21 19:15 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-26 02:58 - 2016-03-25 18:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-26 02:58 - 2016-03-25 18:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-26 02:58 - 2016-03-25 18:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-26 02:58 - 2016-03-08 08:42 - 06371384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-03-26 02:58 - 2016-03-08 08:42 - 02992576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-03-26 02:58 - 2016-03-08 08:42 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-03-26 02:58 - 2016-03-08 08:42 - 01264064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-03-26 02:58 - 2016-03-08 08:42 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-03-26 02:58 - 2016-03-08 08:42 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-03-26 02:58 - 2016-03-07 06:22 - 06203411 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-03-26 02:57 - 2016-04-17 11:32 - 00203336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-26 02:57 - 2016-03-26 02:57 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-26 00:17 - 2016-04-21 19:15 - 00003114 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-03-26 00:17 - 2016-03-26 00:17 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-03-26 00:17 - 2016-03-26 00:17 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-03-25 23:30 - 2016-04-17 14:09 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-03-25 23:12 - 2016-03-25 23:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2016-03-25 22:49 - 2016-03-25 22:49 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-03-25 22:49 - 2016-02-25 12:32 - 04307704 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-03-25 22:49 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-03-25 22:49 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-03-25 22:39 - 2016-03-25 22:39 - 00000000 ____D C:\Users\PC\Downloads\Gameforge Live
2016-03-25 20:27 - 2016-04-21 14:40 - 00001154 _____ C:\Users\PC\Desktop\Cheat Engine.lnk
2016-03-25 20:27 - 2016-04-17 16:30 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\Users\PC\Documents\My Cheat Tables
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5
2016-03-25 20:25 - 2016-04-21 14:19 - 00001950 _____ C:\Users\PC\Desktop\CyberGhost 5.lnk
2016-03-25 20:25 - 2016-03-25 20:28 - 00000000 ____D C:\Users\PC\AppData\Local\CyberGhost
2016-03-25 20:25 - 2016-03-25 20:28 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-03-25 20:25 - 2016-03-25 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-03-25 20:09 - 2016-03-25 20:10 - 00000000 ____D C:\Users\PC\AppData\LocalLow\IObit
2016-03-25 20:09 - 2016-03-25 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-03-25 19:34 - 2016-03-31 17:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Notepad++
2016-03-25 19:34 - 2016-03-25 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-03-25 19:34 - 2016-03-25 19:34 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-03-25 19:31 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-03-25 19:31 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-03-25 19:31 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-03-25 19:31 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-03-25 19:31 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-03-25 19:31 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-03-25 19:31 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-03-25 19:31 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-03-25 19:31 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-03-25 19:31 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-03-25 19:31 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-03-25 19:31 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-03-25 19:31 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-03-25 19:31 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-03-25 19:31 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-03-25 19:31 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-03-25 19:31 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-03-25 19:31 - 2009-03-09 16:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-03-25 19:31 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-03-25 19:31 - 2009-03-09 16:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-03-25 19:30 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-03-25 19:30 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-03-25 19:30 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-03-25 19:30 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-03-25 19:30 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-03-25 19:30 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-03-25 19:30 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-03-25 19:30 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-03-25 19:30 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-03-25 19:30 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-03-25 19:30 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-03-25 19:30 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-03-25 19:30 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-03-25 19:30 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-03-25 19:30 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-03-25 19:30 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-03-25 19:30 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-03-25 19:30 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-03-25 19:30 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-03-25 19:30 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-03-25 19:30 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-03-25 19:30 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-03-25 19:30 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-03-25 19:30 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-03-25 19:30 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-03-25 19:30 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-03-25 19:30 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-03-25 19:30 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-03-25 19:30 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-03-25 19:30 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-03-25 19:30 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-03-25 19:30 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-03-25 19:30 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-03-25 19:30 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-03-25 19:30 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-03-25 19:30 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-03-25 19:30 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-03-25 19:30 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-03-25 19:30 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-03-25 19:30 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-03-25 19:30 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-03-25 19:30 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-03-25 19:30 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-03-25 19:30 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-03-25 19:30 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-03-25 19:30 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-03-25 19:30 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-03-25 19:30 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-03-25 19:30 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-03-25 19:30 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-03-25 19:30 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-03-25 19:30 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-03-25 19:30 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-03-25 19:30 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-03-25 19:30 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-03-25 19:30 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-03-25 19:30 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-03-25 19:30 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-03-25 19:30 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-03-25 19:30 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-03-25 19:30 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-03-25 19:30 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-03-25 19:30 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-03-25 19:30 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-03-25 19:30 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-03-25 19:30 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-03-25 19:30 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-03-25 19:30 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-03-25 19:30 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-03-25 19:30 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-03-25 19:30 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-03-25 19:30 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-03-25 19:30 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-03-25 19:30 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-03-25 19:30 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-03-25 19:30 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-03-25 19:30 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-03-25 19:30 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-03-25 19:30 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-03-25 19:30 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-03-25 19:30 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-03-25 19:30 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-03-25 19:30 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-03-25 19:30 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-03-25 19:30 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-03-25 19:30 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-03-25 19:30 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-03-25 19:30 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-03-25 19:30 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-03-25 19:30 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-03-25 19:30 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-03-25 19:30 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-03-25 19:30 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-03-25 19:30 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-03-25 19:30 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-03-25 19:30 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-03-25 19:30 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-03-25 19:30 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-03-25 19:30 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-03-25 19:30 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-03-25 19:30 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-03-25 19:30 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-03-25 19:30 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-03-25 19:30 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-03-25 19:30 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-03-25 19:30 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-03-25 19:30 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-03-25 19:30 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-03-25 19:21 - 2016-04-02 19:55 - 00002410 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-03-25 19:21 - 2016-03-31 16:47 - 00000000 ____D C:\Program Files\ParkControl
2016-03-25 19:04 - 2016-04-18 16:35 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2016-03-25 18:59 - 2016-03-25 18:59 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2016-03-25 18:50 - 2016-04-20 17:34 - 00001744 _____ C:\Users\PC\Desktop\Wireshark.lnk
2016-03-25 18:50 - 2016-04-17 14:09 - 00001871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2016-03-25 18:50 - 2016-04-17 14:09 - 00001607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2016-03-25 18:50 - 2016-03-25 18:50 - 00000000 ____D C:\Users\PC\AppData\Roaming\Wireshark
2016-03-25 18:50 - 2016-03-25 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-03-25 18:50 - 2016-03-25 18:50 - 00000000 ____D C:\Program Files\Wireshark
2016-03-25 18:50 - 2016-03-25 18:50 - 00000000 ____D C:\Program Files (x86)\WinPcap
2016-03-25 18:49 - 2016-03-30 16:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-03-25 18:49 - 2016-03-25 18:49 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2016-03-25 18:36 - 2016-04-21 18:56 - 00001797 _____ C:\Users\PC\Desktop\Internet Explorer.lnk
2016-03-25 18:34 - 2016-04-21 16:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 18:32 - 2016-04-20 15:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2016-03-25 18:32 - 2016-03-25 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-25 18:32 - 2016-03-25 18:32 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-25 18:31 - 2016-03-25 18:33 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2016-03-25 18:31 - 2016-03-25 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-25 18:31 - 2016-03-25 18:31 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2016-03-25 18:31 - 2016-03-08 08:05 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-25 18:31 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-03-25 18:31 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-03-25 18:31 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-03-25 18:31 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-03-25 18:31 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-03-25 18:31 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-03-25 18:30 - 2016-03-08 12:27 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-03-25 18:30 - 2016-03-08 12:27 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-03-25 18:30 - 2016-03-08 08:42 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-03-25 18:30 - 2016-03-08 08:42 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 42968120 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 37609528 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 22971960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 21322480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 20863920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 18906048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 17732960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 17368424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 17325400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 14226864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 10547128 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 08657936 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 03681672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 03259176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 02613696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 02257344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436451.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436451.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00955328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00885184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00784640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00750016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00692160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00678704 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00571912 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00545632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00346560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-03-25 18:29 - 2016-03-08 12:27 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-03-25 18:29 - 2016-03-08 12:27 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-03-25 18:29 - 2016-03-08 12:27 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-03-25 18:29 - 2016-03-08 12:27 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-03-25 17:57 - 2016-03-25 17:57 - 00000000 _____ C:\Recovery.txt
2016-03-25 17:56 - 2016-03-26 01:15 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-25 17:56 - 2016-03-25 17:56 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-25 17:56 - 2016-03-25 17:56 - 00000000 ____D C:\WINDOWS\Setup
2016-03-25 17:56 - 2016-03-25 17:56 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-03-25 17:54 - 2016-04-19 17:28 - 00754114 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-25 17:54 - 2016-04-19 17:28 - 00154546 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-25 17:54 - 2016-03-26 03:21 - 00000000 ____D C:\WINDOWS\OCR
2016-03-25 17:54 - 2016-03-25 17:54 - 00296654 _____ C:\WINDOWS\system32\perfi005.dat
2016-03-25 17:54 - 2016-03-25 17:54 - 00038682 _____ C:\WINDOWS\system32\perfd005.dat
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\cs
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\cs
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\0409
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\MSBuild
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-25 17:54 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-25 17:52 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-25 17:52 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-25 17:51 - 2016-04-17 15:54 - 00000114 _____ C:\WINDOWS\win.ini
2016-03-25 17:51 - 2016-04-17 15:26 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-03-25 17:51 - 2016-04-17 14:09 - 00000000 ____D C:\WINDOWS\Performance
2016-03-25 17:51 - 2016-04-17 11:28 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-25 17:51 - 2016-04-15 23:10 - 00000000 ____D C:\WINDOWS\rescache
2016-03-25 17:51 - 2016-04-13 21:50 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-25 17:51 - 2016-04-13 21:50 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-25 17:51 - 2016-04-13 21:50 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-03-25 17:51 - 2016-04-13 21:50 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-25 17:51 - 2016-04-09 16:18 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-25 17:51 - 2016-04-08 12:18 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 __RSD C:\WINDOWS\Media
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\WINDOWS\Provisioning
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-25 17:51 - 2016-03-26 18:15 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-25 17:51 - 2016-03-26 13:30 - 00000000 ____D C:\WINDOWS\appcompat
2016-03-25 17:51 - 2016-03-26 03:23 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-03-25 17:51 - 2016-03-26 03:06 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-03-25 17:51 - 2016-03-26 03:06 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-03-25 17:51 - 2016-03-26 03:01 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-25 17:51 - 2016-03-26 03:00 - 00000000 ____D C:\ProgramData\USOPrivate
2016-03-25 17:51 - 2016-03-26 02:59 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-25 17:51 - 2016-03-26 02:59 - 00000000 ____D C:\Program Files\Windows NT
2016-03-25 17:51 - 2016-03-26 02:58 - 00000000 ____D C:\WINDOWS\Help
2016-03-25 17:51 - 2016-03-25 17:57 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\setup
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\system32\Com
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\IME
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-03-25 17:51 - 2016-03-25 17:54 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Web
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Vss
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\tracing
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\TAPI
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SystemResources
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SystemApps
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\ras
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\IME
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\ias
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\System
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SKB
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\security
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\schemas
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\SchCache
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Resources
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Registration
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\PLA
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\InputMethod
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Globalization
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Cursors
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\Branding
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\addins
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\Program Files\Common Files\Services
2016-03-25 17:51 - 2016-03-25 17:51 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-03-25 17:51 - 2016-03-25 17:50 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-03-25 17:51 - 2016-03-25 17:50 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-03-25 17:51 - 2016-03-25 17:50 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-03-25 17:51 - 2016-03-25 17:50 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-03-25 17:51 - 2016-03-25 17:50 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-03-25 17:51 - 2016-03-25 17:50 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-03-25 17:51 - 2016-03-25 17:50 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-03-25 17:51 - 2016-03-25 17:50 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-03-25 17:51 - 2016-03-25 17:50 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-03-25 17:51 - 2016-03-25 17:50 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-03-25 17:51 - 2016-03-25 17:50 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-03-25 17:51 - 2016-03-25 17:50 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-03-25 17:51 - 2016-03-25 17:50 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-03-25 17:51 - 2016-03-25 17:50 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-03-25 17:51 - 2016-03-25 17:50 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-03-25 17:51 - 2016-03-25 17:50 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-03-25 17:51 - 2016-03-25 17:50 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-03-25 17:51 - 2016-03-25 17:50 - 00000219 _____ C:\WINDOWS\system.ini
2016-03-25 17:50 - 2016-04-20 21:43 - 00000000 ____D C:\WINDOWS\INF
2016-03-25 17:46 - 2016-04-13 14:38 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-25 17:43 - 2016-04-21 19:15 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 17:43 - 2016-04-17 15:25 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-25 17:43 - 2016-03-25 17:54 - 00000000 ____D C:\WINDOWS\servicing
2016-03-25 17:43 - 2016-03-25 17:51 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-03-25 17:43 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-03-25 17:40 - 2016-03-25 17:57 - 00000000 ___HD C:\$SysReset

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-17 14:09 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-04-17 14:09 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-04-17 14:09 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-04-17 14:09 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-04-17 14:09 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-04-17 13:47 - 2005-04-08 04:16 - 00000000 ___HD C:\Users\PC\AppData\Roaming\50AF023C

==================== Files in the root of some directories =======

2016-03-31 20:26 - 2016-03-31 20:26 - 0000000 _____ () C:\Users\PC\AppData\Roaming\programs.vc
2016-03-31 20:26 - 2016-03-31 20:26 - 0000053 _____ () C:\Users\PC\AppData\Roaming\resetid.vc
2016-03-29 17:20 - 2016-04-21 19:12 - 0007609 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-18 20:40

==================== End of FRST.txt ============================

[ASKER]

addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by PC (2016-04-21 19:19:21)
Running from C:\Users\PC\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-26 01:05:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1956160488-2787499583-196946323-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1956160488-2787499583-196946323-503 - Limited - Disabled)
Guest (S-1-5-21-1956160488-2787499583-196946323-501 - Limited - Disabled)
PC (S-1-5-21-1956160488-2787499583-196946323-1001 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Alan Wake (HKLM\...\Steam App 108710) (Version: - Remedy Entertainment)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Lucius (HKLM\...\Steam App 218640) (Version: - Shiver Games)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mirror's Edge (HKLM\...\Steam App 17410) (Version: - DICE)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.11 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.10-I603 (HKLM\...\OpenVPN) (Version: 2.3.10-I603 - )
Ovládací panel NVIDIA 364.51 (Version: 364.51 - NVIDIA Corporation) Hidden
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.8 - Bitsum)
Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
Seznam Software (HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\SeznamInstall) (Version: - Seznam.cz)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
ToneMaker 1 (HKLM-x32\...\BloodyToneMaker) (Version: 16.03.0001 - Bloody)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 2.0.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.2 - The Wireshark developer community, hxxps://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E9536F2-7D94-44CA-BAD0-9116236D76B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {94651085-B95B-4DCA-A084-52E435978F20} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {B71A89FF-B49B-4296-A43E-CF49C8F44286} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [2016-03-29] (Bitsum LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\PC\Desktop\LOGIN.lnk -> D:\LOGIN.bat ()

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-26 02:58 - 2016-03-08 08:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 14:03 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:03 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-21 17:11 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\25378libfoxloader-x64.dll
2016-02-21 23:38 - 2016-02-21 23:38 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-17 21:28 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 14:02 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 14:03 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 14:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 14:03 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 14:03 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-18 16:07 - 2016-03-02 12:17 - 08473088 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-04-18 16:07 - 2013-11-06 11:09 - 10891783 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
2016-04-21 17:11 - 2013-05-16 15:25 - 01062472 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe
2016-04-21 17:11 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-04-21 17:11 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-04-18 16:07 - 2014-01-10 18:48 - 04260352 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2016-04-21 17:11 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-04-21 17:11 - 2015-11-19 23:17 - 00845824 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2016-04-21 17:11 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\PC\AppData\Roaming\Seznam.cz\bin\25374libfoxloader.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-03-25 17:51 - 2016-04-21 19:05 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1956160488-2787499583-196946323-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 1.2.3.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1956160488-2787499583-196946323-1001\...\StartupApproved\Run: => "VPNCheck"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{10FAF6B7-9A9D-4DC0-B2B6-742AF4A6B858}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{D1F7671B-1092-4AA9-A8D0-EEA7C0F28608}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{91E0DAD9-252B-45E3-80C9-1AD4BB3121B1}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EDFC51B4-2255-4165-B20C-FE3DDFA3BA7C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E7C80B8-C434-4877-B334-153C5CF1AE49}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{6E64ECA6-2138-4A23-B67C-CD54B3FCC816}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{580BB12B-2975-4C7C-9902-4E89371AD9BA}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C4A4311D-B65D-44E1-AAFC-79B8B2A7F1E1}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DC377387-16A4-42DE-9E3D-15BA236DEF5B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{21541037-AE5B-493C-A615-03D68CC4C233}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{52AB1C10-8669-4E1D-83A7-9097191FBD1D}] => (Allow) D:\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{AA775506-C513-469D-ADE8-D57AED481EBE}] => (Allow) D:\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{15DC8896-FD09-4A7F-AB16-D2C16F3948DF}] => (Allow) LPort=27006
FirewallRules: [{23CF29EB-387D-4EB6-91E4-E33524F4F488}] => (Allow) LPort=27006
FirewallRules: [{D6C29AD5-6013-47E1-AE9B-48F47F22DC6C}] => (Allow) D:\Steam\steamapps\common\Lucius\Lucius.exe
FirewallRules: [{EC123662-1E78-457C-AB69-849446B25AB6}] => (Allow) D:\Steam\steamapps\common\Lucius\Lucius.exe
FirewallRules: [{8F478DBD-7A45-499C-BE1C-5A26C78D9F16}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8C7D9890-26B2-4E81-B2A4-1BA4FFF9ABD2}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9E555255-236A-44D5-A26D-FCD249D19EDA}] => (Allow) D:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{52E5E5BB-4867-4B14-B6A4-240C5B991E2F}] => (Allow) D:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{A912A8BD-8D09-491A-BDAE-40D852CA931C}] => (Allow) D:\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{DD914693-45BE-48FA-86E8-73FC47402ECC}] => (Allow) D:\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{CD23DB6E-BC6F-47A7-AD8E-34275D0D7242}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B4EEDEA0-E19F-4BBB-BBC4-E492D1C7E7A9}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7A573EC4-12F8-4DCD-999D-25547B209C7B}] => (Allow) C:\Users\PC\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
FirewallRules: [{297DFD99-3204-4651-AA52-880FE6406E33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4A949097-3B0B-41AB-A0F6-17AB7F9DAE63}D:\hry\secondl\slvoice.exe] => (Allow) D:\hry\secondl\slvoice.exe
FirewallRules: [UDP Query User{6FD0A326-CE64-4A27-8284-BDD4DADEED95}D:\hry\secondl\slvoice.exe] => (Allow) D:\hry\secondl\slvoice.exe
FirewallRules: [TCP Query User{D49E646B-D04B-4576-9FF0-277B7587EDD3}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{A421ECD3-1027-4A3F-B9B6-8A43E95413ED}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{2FD64AB8-B5DE-4668-949B-33B2C0B18CC7}] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{5BAAE5A0-1680-4957-9892-6F9394575E1F}] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe

==================== Restore Points =========================

02-04-2016 19:42:00 Installed Sound Blaster Cinema 2
13-04-2016 14:34:41 Windows Update
17-04-2016 00:13:03 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
19-04-2016 17:25:23 JRT Pre-Junkware Removal
21-04-2016 18:55:29 JRT Pre-Junkware Removal
21-04-2016 19:04:47 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2016 07:04:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/21/2016 06:55:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/19/2016 05:25:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/17/2016 04:40:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastSvc.exe, verze: 11.2.2732.0, časové razítko: 0x57067fcf
Název chybujícího modulu: combase.dll, verze: 10.0.10586.103, časové razítko: 0x56a84cbb
Kód výjimky: 0xc0000005
Posun chyby: 0x0009ecdf
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0xAvastSvc.exe0
Cesta k chybující aplikaci: AvastSvc.exe1
Cesta k chybujícímu modulu: AvastSvc.exe2
ID zprávy: AvastSvc.exe3
Úplný název chybujícího balíčku: AvastSvc.exe4
ID aplikace související s chybujícím balíčkem: AvastSvc.exe5

Error: (04/17/2016 04:14:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program notepad.exe verze 10.0.10586.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1bb4

Čas spuštění: 01d198b34f24ac7e

Čas ukončení: 1

Cesta k aplikaci: C:\Windows\syswow64\notepad.exe

ID hlášení: a234d675-04a6-11e6-8b80-daaabbfb4d9e

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/17/2016 04:09:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/17/2016 03:56:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mexe.com verze 14.0.202.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: fbc

Čas spuštění: 01d198b099798475

Čas ukončení: 4

Cesta k aplikaci: C:\Users\PC\AppData\Local\Temp\mexe.com

ID hlášení: 38606287-04a4-11e6-8b80-daaabbfb4d9e

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/17/2016 03:50:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/17/2016 03:50:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/17/2016 12:17:00 PM) (Source: OpenVPNService) (EventID: 0) (User: )
Description: OpenVPNService error: 0StartServiceCtrlDispatcher failed.


System errors:
=============
Error: (04/21/2016 07:15:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_3323b0e byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/21/2016 07:15:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (04/21/2016 07:13:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/21/2016 07:13:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/21/2016 07:13:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/21/2016 07:13:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/21/2016 07:13:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/21/2016 06:55:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (04/21/2016 06:14:54 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (04/21/2016 06:14:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_2cd2168 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-04-13 21:52:10.508
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-01 19:11:00.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-31 06:38:25.350
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-26 17:16:52.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-26 12:32:50.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-25 23:29:43.977
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-25 17:30:22.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-26 02:05:17.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-26 01:58:08.576
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 17%
Total physical RAM: 8140.3 MB
Available physical RAM: 6684.68 MB
Total Virtual: 9420.3 MB
Available Virtual: 7991.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.83 GB) (Free:86.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:1862.89 GB) (Free:1777.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
SearchScopes: HKU\S-1-5-21-1956160488-2787499583-196946323-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Odinstaluj:
MWAV
pokud tam máš..

C:\WINDOWS\install podívej se , co je v té složce.

Stáhni si Security Check by screen317 z některého odkazu
http://www.bleepingcomputer.com/download/securitycheck/
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

[ASKER]

FRST ---
Fix result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by PC (2016-04-21 20:29:26) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
SearchScopes: HKU\S-1-5-21-1956160488-2787499583-196946323-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKU\S-1-5-21-1956160488-2787499583-196946323-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\Users\Public\DRM => ":احتضان" ADS removed successfully.
EmptyTemp: => 829.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:29:30 ====





MWAV jsem v PC měl ale už ho tam nemam (aspon myslím)

v C:\WINDOWS\install nemám vůbec nic


security :

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 91
Java version 32-bit out of Date!
Google Chrome (49.0.2623.110)
Google Chrome (49.0.2623.112)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````