V každom prehliadači mám ten istý problém, niektoré web stránky nejdú otvoriť, kliknem a ostane len biela stránka. Niekedy sa stane že niektorá stránka nejde skolovať kolečkom na myši ale iba posuvníkom.
Dám sem log z FRST64 a potom z RSIT
takže FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Peťo (administrator) on HP (15-05-2017 13:09:05)
Running from C:\Users\Peťo\Downloads
Loaded Profiles: Peťo (Available Profiles: Peťo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CryptoMill Technologies Ltd.) C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [393320 2017-03-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CryptoMill Refresh] => C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2017-03-08] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-29] (Google Inc.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {0dbe0e12-1db3-11e7-b43b-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615751-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615756-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
ShellIconOverlayIdentifiers-x32: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-11-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5D34EF48-5425-47B2-A080-3A7048311097}: [DhcpNameServer] 192.168.88.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default [2017-05-15]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\wybjuohb.default -> google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\wybjuohb.default -> hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q=
FF Extension: (Bing Extension) - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\Extensions\bingsearch.full@microsoft.com [2015-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-06-17] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-29] (DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/?mkt=en-US&pc=__PARAM__
CHR Profile: C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default [2017-05-15]
CHR Extension: (Prezentácie Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabuľky Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (HP Client Security Manager) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-30]
CHR HKU\S-1-5-21-315758732-1186768704-838511381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-03-29]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CreoService; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1927640 2014-03-25] (CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-04-04] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2624856 2017-03-09] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344168 2017-03-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132848 2017-03-09] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-03-09] (ESET)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\windows\System32\drivers\iaStorF.sys [28008 2013-09-21] (Intel Corporation)
R3 IceKore; C:\windows\System32\DRIVERS\IceKore.sys [411608 2013-11-14] (CryptoMill Technologies Inc.)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [109272 2017-05-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-15] (Malwarebytes)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-02-04] (WinMagic Inc.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-02-04] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-02-04] (WinMagic Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-15 13:09 - 2017-05-15 13:10 - 00019903 _____ C:\Users\Peťo\Downloads\FRST.txt
2017-05-15 13:04 - 2017-05-15 13:09 - 00000000 ____D C:\FRST
2017-05-15 13:03 - 2017-05-15 13:03 - 02429952 _____ (Farbar) C:\Users\Peťo\Downloads\FRST64.exe
2017-05-15 11:39 - 2017-05-15 11:39 - 00001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-15 11:39 - 2017-05-09 16:37 - 00077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-05-15 11:27 - 2017-05-15 11:27 - 63035592 _____ (Malwarebytes ) C:\Users\Peťo\Downloads\mb3-setup-consumer-3.1.2.1733.exe
2017-05-15 11:24 - 2017-05-15 12:56 - 00251832 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-15 11:24 - 2017-05-15 11:24 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2017-05-15 08:36 - 2017-05-15 12:02 - 3657722094 _____ C:\Users\Peťo\Downloads\Last-Days-In-The-Desert-(2015)-Cz-Titulky-v-Obraze---Moviestyl.avi
2017-05-14 16:11 - 2017-05-14 16:36 - 449752479 _____ C:\Users\Peťo\Downloads\Legion.S01E01.HDTV.x264-FLEET.mkv
2017-05-14 12:27 - 2017-05-14 15:58 - 3709622755 _____ C:\Users\Peťo\Downloads\To.the.Wonder.2012.720p.WEB-DL.DD5.1.H.264-CtrlHD.mkv
2017-05-14 12:26 - 2017-05-14 13:50 - 1497602726 _____ C:\Users\Peťo\Downloads\Knight-of-Cups-(2015)-hdrip.sub.español.avi
2017-05-13 15:26 - 2017-05-13 16:22 - 997515136 _____ C:\Users\Peťo\Downloads\Žít-svůj-život---Vivre-sa-vie--Film-en-douze-tableaux-1962,-CZ-tit.avi
2017-05-13 12:30 - 2017-05-13 15:19 - 2964234685 _____ C:\Users\Peťo\Downloads\Easy-Rider-1969-BluRay-1080p-DD5.1-x265-D3FiL3R[PRiME][majo0007].mkv
2017-05-13 11:55 - 2017-05-13 13:33 - 1746570942 _____ C:\Users\Peťo\Downloads\Scarecrow-(1973)-eng-DVDRip.x264.-CZsub-JrK.mkv
2017-05-12 11:19 - 2017-05-12 14:21 - 3199723107 _____ C:\Users\Peťo\Downloads\Strom-života-(The-Tree-of-Life)-ENG-Dabing+CZ-Titulky-(2011)-720p-Bluray-Kvalita.mkv
2017-05-11 13:19 - 2017-05-11 15:09 - 1953084322 _____ C:\Users\Peťo\Downloads\The.New.World.2005.EXTENDED.Bluray.1080p.x264.YIFY.mp4
2017-05-11 11:31 - 2017-05-11 12:45 - 1336577767 _____ C:\Users\Peťo\Downloads\Gravity.2013.1080p.BluRay.CZ.titulky.mkv
2017-05-11 09:31 - 2017-05-11 09:31 - 05257208 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-05-10 17:02 - 2017-05-10 17:41 - 680730760 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E04_CZ.avi
2017-05-10 15:28 - 2017-05-10 16:06 - 654115098 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E03_CZ.avi
2017-05-10 15:07 - 2017-05-14 18:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (9)
2017-05-10 05:19 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 05:19 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 05:19 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 05:19 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 05:19 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 05:18 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-05-10 05:18 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-05-10 05:18 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-05-10 05:18 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-05-10 05:18 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-05-10 05:18 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 05:18 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-05-10 05:18 - 2017-04-28 02:14 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-05-10 05:18 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-05-10 05:18 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-05-10 05:18 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-05-10 05:18 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-05-10 05:18 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 05:18 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2017-05-10 05:18 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2017-05-10 05:18 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-05-10 05:18 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-05-10 05:18 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 05:18 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-05-10 05:18 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-05-10 05:18 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-05-10 05:18 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-05-10 05:18 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-05-10 05:18 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 05:18 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-05-10 05:18 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-05-10 05:18 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-05-10 05:18 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-05-10 05:18 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-05-10 05:18 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 05:18 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 05:18 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-05-10 05:18 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-05-10 05:18 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-05-10 05:18 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 05:18 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-05-10 05:18 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-05-10 05:18 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 05:18 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 05:18 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-05-10 05:18 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-05-10 05:18 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-05-10 05:18 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 05:18 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-05-10 05:18 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-05-10 05:18 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
2017-05-10 05:18 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2017-05-10 05:18 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\plasrv.exe
2017-05-10 05:18 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2017-05-10 05:18 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2017-05-10 05:18 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-05-10 05:18 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-05-10 05:10 - 2017-05-10 07:27 - 2457953209 _____ C:\Users\Peťo\Downloads\The.Revenant.2015.1080p.BluRay.CZ.titulky.mkv
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\Program Files\ESET
2017-05-09 16:58 - 2017-05-09 16:58 - 03139200 _____ (ESET) C:\Users\Peťo\Downloads\eset_nod32_antivirus_live_installer (1).exe
2017-05-06 19:04 - 2017-05-11 08:01 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (8)
2017-04-26 11:40 - 2017-04-26 11:40 - 00243827 _____ C:\Users\Peťo\Documents\dda.pdf
2017-04-22 16:42 - 2017-05-09 21:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (7)
2017-04-20 09:20 - 2017-04-20 10:37 - 1240357866 _____ C:\Users\Peťo\Downloads\The.Crown.S01E01.720p.WEBRip.X264-DEFLATE.mkv
2017-04-19 15:31 - 2017-04-21 10:26 - 00000000 ____D C:\Users\Peťo\Desktop\repas
2017-04-19 08:03 - 2017-04-19 12:20 - 4084624461 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E06.Cities.1080p.x264.mkv
2017-04-18 15:04 - 2017-04-18 20:25 - 4091896122 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E05.Grasslands.1080p.x264.mkv
2017-04-17 18:37 - 2017-04-17 19:11 - 579196824 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E04.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:48 - 2017-04-16 12:26 - 526065440 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E03.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:12 - 2017-04-16 11:47 - 525967822 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E02.720p.BluRay.CZ.titulky.mkv
2017-04-16 10:02 - 2017-04-16 10:38 - 527673360 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E01.720p.BluRay.CZ.titulky.mkv
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-15 13:08 - 2014-11-11 11:58 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-05-15 13:02 - 2009-07-14 07:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-15 13:02 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-15 13:02 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-15 13:02 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2017-05-15 12:57 - 2017-03-08 18:44 - 00000000 __SHD C:\Users\Peťo\IntelGraphicsProfiles
2017-05-15 12:57 - 2014-06-17 07:53 - 00000000 ____D C:\ProgramData\PDFC
2017-05-15 12:55 - 2014-11-13 07:03 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job
2017-05-15 12:55 - 2014-11-11 11:58 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-05-15 12:55 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-15 12:36 - 2016-11-18 12:37 - 00000000 ____D C:\Users\Peťo\AppData\LocalLow\Mozilla
2017-05-15 12:14 - 2014-11-13 07:03 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job
2017-05-15 12:09 - 2016-01-15 13:05 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\vlc
2017-05-15 11:39 - 2014-12-26 11:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-15 11:26 - 2017-03-10 20:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-15 11:24 - 2017-03-10 20:38 - 00000000 ____D C:\Users\Peťo\Desktop\mbar
2017-05-15 09:09 - 2014-11-13 09:52 - 00003942 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{9F65086F-7083-4DD7-9A67-72C7B5FF57D1}
2017-05-15 07:54 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.001
2017-05-14 19:52 - 2015-01-04 18:44 - 00000000 ____D C:\ProgramData\Adobe
2017-05-14 19:52 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\Adobe
2017-05-14 09:15 - 2017-03-15 08:49 - 00003180 _____ C:\windows\System32\Tasks\HPCeeScheduleForPeťo
2017-05-14 09:15 - 2017-03-15 08:49 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPeťo.job
2017-05-14 08:23 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.002
2017-05-14 06:43 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.003
2017-05-13 06:49 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.004
2017-05-12 12:30 - 2016-12-31 11:40 - 00000000 ____D C:\Users\Peťo\Desktop\somariny
2017-05-12 09:22 - 2014-06-17 07:52 - 00000225 _____ C:\windows\CryptoMill_CreoService.005
2017-05-12 09:13 - 2015-06-20 17:04 - 00000000 ____D C:\Users\Peťo\AppData\Local\Adobe
2017-05-11 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2017-05-11 09:51 - 2015-06-20 17:05 - 00004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 09:51 - 2015-06-20 17:04 - 00803320 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 09:51 - 2015-06-20 17:04 - 00144888 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 09:51 - 2015-06-20 17:04 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 09:31 - 2015-06-20 17:04 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-10 16:14 - 2009-07-14 06:45 - 00349856 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 16:12 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 15:43 - 2013-12-03 22:26 - 00765656 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-05-10 15:40 - 2014-12-18 07:35 - 00000000 ____D C:\windows\system32\MRT
2017-05-10 15:38 - 2014-12-18 07:35 - 156335152 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-07 06:27 - 2014-11-11 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 14:06 - 2016-11-18 09:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-30 15:11 - 2016-12-12 19:34 - 00000000 ____D C:\Users\Peťo\Desktop\vianoce
2017-04-28 12:54 - 2015-02-04 23:09 - 00003368 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae
2017-04-28 12:54 - 2015-02-04 23:09 - 00003240 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91
2017-04-26 11:41 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Local\PDFC
2017-04-21 09:52 - 2016-11-18 12:59 - 00000000 ____D C:\Users\Peťo\Desktop\FAKTURY
2017-04-15 07:18 - 2009-07-14 07:08 - 00032514 _____ C:\windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2015-11-08 21:33 - 2015-11-08 21:33 - 0000017 _____ () C:\Users\Peťo\AppData\Local\resmon.resmoncfg
2015-10-16 10:04 - 2015-10-16 10:04 - 0000000 _____ () C:\Users\Peťo\AppData\Local\{77571600-889B-4461-80A8-A2E9C8F9FE93}
2014-06-17 07:43 - 2014-06-17 07:44 - 8884526 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-06-17 07:53 - 2014-06-17 07:53 - 1279268 _____ () C:\ProgramData\hpdam_install_log.txt
2014-06-17 07:53 - 2017-03-08 17:47 - 0698650 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2014-06-17 07:52 - 2014-06-17 07:52 - 0049150 _____ () C:\ProgramData\HPTrustCircles_Install_Log.txt
2015-01-04 17:10 - 2015-01-04 17:10 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-13 07:39
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu
Naposledy upravil(a) petob dne 15 kvě 2017 12:43, celkem upraveno 1 x.
Re: Prosím o kontrolu logu
Addition.txt z frst
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Peťo (15-05-2017 13:11:03)
Running from C:\Users\Peťo\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-11 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-315758732-1186768704-838511381-500 - Administrator - Disabled)
Guest (S-1-5-21-315758732-1186768704-838511381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-315758732-1186768704-838511381-1003 - Limited - Enabled)
Peťo (S-1-5-21-315758732-1186768704-838511381-1002 - Administrator - Enabled) => C:\Users\Peťo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{00DEA78C-D2CA-635C-D0FD-96B9F895116A}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET NOD32 Antivirus (HKLM\...\{BCD5814C-7C82-47BA-B791-312D5BAB4006}) (Version: 10.1.204.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.4.1811 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9FE8AC0F-4A69-4418-AD2F-8CB34CE3259B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.7.27 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{23544215-E6E6-448B-B6E9-6268D5B3E74D}) (Version: 3.5.0.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{7561C06A-7797-4462-A7C3-86F45AE901CF}) (Version: 8.7.4 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.14.41 - HP Inc.)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{37E3A1F1-0034-4851-8FAD-9452C9EB8390}) (Version: 12.6.14.19 - HP Inc.)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Trust Circles (HKLM-x32\...\HP Trust Circles) (Version: 8.3.12.18693 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4280 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Malwarebytes verzia 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 sk)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.74.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-315758732-1186768704-838511381-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2BAAE1DE-98F7-473D-9172-7CD1C0071E10} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {379CC7CD-C335-4E53-8DD5-18D201DEDE38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {3A240BBE-6DD8-41A2-82FD-9DC45B521210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {72F24B90-E781-4803-8F7E-A97F5DF7FFF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7AAE3A65-888C-4162-BE69-739A6D7EDD92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {7B89473E-5D07-4C96-80AF-7F464B9733B2} - System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {830FA163-E175-4DF1-AE6F-E41EB4C5257D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {852AB1A3-5393-42A4-BF12-E349A6492202} - System32\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9825A738-E545-493F-929D-693E235B5471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {B46F90CC-39DA-4132-8268-CAA884E4DA80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {B874510E-A349-49E9-BF04-BE96FFE541BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {D29453EA-C59B-43C0-8AB9-9D28B47C9ECD} - System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8AA2E3A-7588-4A82-B772-1EE502AB9E31} - System32\Tasks\HPCeeScheduleForPeťo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {DAECB8A0-57D6-489D-9798-5F2A5DF0853A} - System32\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F2B4BAA5-CA68-47E8-9A1F-E8334C67C362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForPeťo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Box offer for HP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_*&pf=cmdt&s=Box_50GB&tp=dticon
==================== Loaded Modules (Whitelisted) ==============
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2014-11-11 22:14 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-06-26 15:52 - 2014-06-26 15:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2016-11-25 08:16 - 2016-11-25 08:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2014-06-17 07:50 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 00:48 - 2013-08-06 00:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-09-07 08:28 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 08:28 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Peťo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5411DCE-58AE-4348-B830-B661C6B7F791}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65F6ED9E-08A9-42EA-A552-A0D82678F885}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EFF0497C-9D1A-496D-9C6B-A8E6A9E20D3D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{47CE2F85-94F2-4168-89BE-37567214DA69}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6FFB97AB-20CF-4FDF-B5AB-B4A46241E538}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EBC6FA5F-195A-46DA-AA4C-0560CFBB2B9B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C749EB7F-AFA9-4CD6-ACF5-1469F7FBC29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E8B8A520-6EE0-499F-B0E1-3FCF8960C5FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D6A505B-B04E-4790-8AE2-C45CAF50A338}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C1C4620-FD04-4ED6-ADC0-996BEBDB4ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4955658-A1AE-46F3-A8E7-EBCF46FDE133}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74BD05DC-8E3E-4B9D-AF63-93941485DD54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8E676F7-5EFA-45DD-A9A3-E82E92E71F64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{90FE3CDD-68F9-421B-9734-7C3A7CA89215}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0BF74D82-A463-49A1-A29C-D5C0A411D584}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{F5FB05A9-BD65-4FDD-8D8A-5DC18BEE6AD4}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [{80762143-9604-4FC3-B9D1-CD8062EDFF99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65E2518C-E381-4E05-BF42-CE64783A61CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BEB075E2-BBA8-4DA4-9175-857A2CB04412}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C1E1A8BE-7938-4D63-B515-7A4BEC634F8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFDC3A3B-FCC2-4FBD-AA8A-BB9F014FAFDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6869EC5-941A-4579-BDC5-1172BD9C83BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B57ECA07-4E78-46FF-869E-C5C5C2688902}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68E50523-AFB7-4670-A264-F022BDAB48AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-05-2017 08:34:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2017 01:02:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 01:02:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:24:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:24:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:06:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: hpasset.exe, verzia: 3.0.11.1, časová značka: 0x5822ce27
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.23796, časová značka: 0x59028db3
Kód výnimky: 0xc0000374
Odstup chyby: 0x000ce8fb
Identifikácia chybného procesu: 0x16a4
Čas spustenia chybnej aplikácie: 0x01d2cd62d8b43e86
Cesta chybnej aplikácie: C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\hpasset.exe
Cesta chybného modulu: C:\windows\SysWOW64\ntdll.dll
Identifikácia hlásenia: 1936c001-3956-11e7-b16f-a0d3c14032ca
Error: (05/15/2017 08:07:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (05/15/2017 08:04:40 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Object reference not set to an instance of an object.
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (05/15/2017 08:00:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 08:00:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/14/2017 11:15:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
System errors:
=============
Error: (05/15/2017 12:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.
Error: (05/15/2017 12:56:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).
Error: (05/13/2017 07:52:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 12 Media Server Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/12/2017 06:15:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (05/12/2017 04:26:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 12 Media Server Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/11/2017 09:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.
Error: (05/11/2017 09:00:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).
CodeIntegrity:
===================================
Date: 2017-04-17 09:01:08.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.870
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 4024.17 MB
Available physical RAM: 1901.54 MB
Total Virtual: 8046.52 MB
Available Virtual: 5633.53 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:918.97 GB) (Free:779.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.44 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3AE8120)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Peťo (15-05-2017 13:11:03)
Running from C:\Users\Peťo\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-11 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-315758732-1186768704-838511381-500 - Administrator - Disabled)
Guest (S-1-5-21-315758732-1186768704-838511381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-315758732-1186768704-838511381-1003 - Limited - Enabled)
Peťo (S-1-5-21-315758732-1186768704-838511381-1002 - Administrator - Enabled) => C:\Users\Peťo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{00DEA78C-D2CA-635C-D0FD-96B9F895116A}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET NOD32 Antivirus (HKLM\...\{BCD5814C-7C82-47BA-B791-312D5BAB4006}) (Version: 10.1.204.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.4.1811 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9FE8AC0F-4A69-4418-AD2F-8CB34CE3259B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.7.27 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{23544215-E6E6-448B-B6E9-6268D5B3E74D}) (Version: 3.5.0.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{7561C06A-7797-4462-A7C3-86F45AE901CF}) (Version: 8.7.4 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.14.41 - HP Inc.)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{37E3A1F1-0034-4851-8FAD-9452C9EB8390}) (Version: 12.6.14.19 - HP Inc.)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Trust Circles (HKLM-x32\...\HP Trust Circles) (Version: 8.3.12.18693 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4280 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Malwarebytes verzia 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 sk)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.74.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-315758732-1186768704-838511381-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2BAAE1DE-98F7-473D-9172-7CD1C0071E10} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {379CC7CD-C335-4E53-8DD5-18D201DEDE38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {3A240BBE-6DD8-41A2-82FD-9DC45B521210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {72F24B90-E781-4803-8F7E-A97F5DF7FFF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7AAE3A65-888C-4162-BE69-739A6D7EDD92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {7B89473E-5D07-4C96-80AF-7F464B9733B2} - System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {830FA163-E175-4DF1-AE6F-E41EB4C5257D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {852AB1A3-5393-42A4-BF12-E349A6492202} - System32\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9825A738-E545-493F-929D-693E235B5471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {B46F90CC-39DA-4132-8268-CAA884E4DA80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {B874510E-A349-49E9-BF04-BE96FFE541BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {D29453EA-C59B-43C0-8AB9-9D28B47C9ECD} - System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8AA2E3A-7588-4A82-B772-1EE502AB9E31} - System32\Tasks\HPCeeScheduleForPeťo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {DAECB8A0-57D6-489D-9798-5F2A5DF0853A} - System32\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F2B4BAA5-CA68-47E8-9A1F-E8334C67C362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForPeťo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Box offer for HP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_*&pf=cmdt&s=Box_50GB&tp=dticon
==================== Loaded Modules (Whitelisted) ==============
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2014-11-11 22:14 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-06-26 15:52 - 2014-06-26 15:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2016-11-25 08:16 - 2016-11-25 08:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2014-06-17 07:50 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 00:48 - 2013-08-06 00:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-09-07 08:28 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 08:28 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Peťo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5411DCE-58AE-4348-B830-B661C6B7F791}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65F6ED9E-08A9-42EA-A552-A0D82678F885}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EFF0497C-9D1A-496D-9C6B-A8E6A9E20D3D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{47CE2F85-94F2-4168-89BE-37567214DA69}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6FFB97AB-20CF-4FDF-B5AB-B4A46241E538}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EBC6FA5F-195A-46DA-AA4C-0560CFBB2B9B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C749EB7F-AFA9-4CD6-ACF5-1469F7FBC29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E8B8A520-6EE0-499F-B0E1-3FCF8960C5FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D6A505B-B04E-4790-8AE2-C45CAF50A338}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C1C4620-FD04-4ED6-ADC0-996BEBDB4ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4955658-A1AE-46F3-A8E7-EBCF46FDE133}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74BD05DC-8E3E-4B9D-AF63-93941485DD54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8E676F7-5EFA-45DD-A9A3-E82E92E71F64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{90FE3CDD-68F9-421B-9734-7C3A7CA89215}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0BF74D82-A463-49A1-A29C-D5C0A411D584}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{F5FB05A9-BD65-4FDD-8D8A-5DC18BEE6AD4}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [{80762143-9604-4FC3-B9D1-CD8062EDFF99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65E2518C-E381-4E05-BF42-CE64783A61CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BEB075E2-BBA8-4DA4-9175-857A2CB04412}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C1E1A8BE-7938-4D63-B515-7A4BEC634F8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFDC3A3B-FCC2-4FBD-AA8A-BB9F014FAFDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6869EC5-941A-4579-BDC5-1172BD9C83BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B57ECA07-4E78-46FF-869E-C5C5C2688902}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68E50523-AFB7-4670-A264-F022BDAB48AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-05-2017 08:34:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2017 01:02:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 01:02:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:24:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:24:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 12:06:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: hpasset.exe, verzia: 3.0.11.1, časová značka: 0x5822ce27
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.23796, časová značka: 0x59028db3
Kód výnimky: 0xc0000374
Odstup chyby: 0x000ce8fb
Identifikácia chybného procesu: 0x16a4
Čas spustenia chybnej aplikácie: 0x01d2cd62d8b43e86
Cesta chybnej aplikácie: C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\hpasset.exe
Cesta chybného modulu: C:\windows\SysWOW64\ntdll.dll
Identifikácia hlásenia: 1936c001-3956-11e7-b16f-a0d3c14032ca
Error: (05/15/2017 08:07:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (05/15/2017 08:04:40 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Object reference not set to an instance of an object.
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (05/15/2017 08:00:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 08:00:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/14/2017 11:15:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
System errors:
=============
Error: (05/15/2017 12:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.
Error: (05/15/2017 12:56:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).
Error: (05/13/2017 07:52:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 12 Media Server Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/13/2017 06:52:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (05/12/2017 06:15:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (05/12/2017 04:26:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 12 Media Server Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/11/2017 09:00:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.
Error: (05/11/2017 09:00:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).
CodeIntegrity:
===================================
Date: 2017-04-17 09:01:08.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.870
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 4024.17 MB
Available physical RAM: 1901.54 MB
Total Virtual: 8046.52 MB
Available Virtual: 5633.53 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:918.97 GB) (Free:779.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.44 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3AE8120)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)
==================== End of Addition.txt ============================
Naposledy upravil(a) petob dne 15 kvě 2017 12:43, celkem upraveno 1 x.
Re: Prosím o kontrolu logu
log z RSIT
Logfile of random's system information tool 1.16 (written by random/random)
Run by Peťo at 2017-05-15 13:30:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 798 GB (85%) free of 941 GB
Total RAM: 4024 MB (48% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:36:23, on 15. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Peťo_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: HP Trust Circles Service (CreoService) - CryptoMill Technologies Ltd. - C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12673 bytes
====== Enumerating Processes ======
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPSP
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\windows\system32\taskhost.exe
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\windows\system32\Dwm.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\igfxEM.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-676fcbac-5425-44d4-bf1c-a7448569eb0d -SystemEventPortName:HostProcess-8b4c509e-201f-4d87-8948-6a13d76d252b -IoCancelEventPortName:HostProcess-36f5fa38-b66e-421d-a198-dc3f6d928a98 -NonStateChangingEventPortName:HostProcess-165f789f-f395-47a9-a2ad-473257e5d796 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95d30459-0aca-405a-817e-7db044aa3061 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Peťo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x6ab57dc8,0x6ab57dbc,0x6ab57dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5928 --on-initialized-event-handle=328 --parent-handle=336 /prefetch:6
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2208 --primordial-pipe-token=E7C4B5E125DEADCF1A041558C71E64EC --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-gpu-rasterization --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-gpu-compositing --service-request-channel-token=E7C4B5E125DEADCF1A041558C71E64EC --renderer-client-id=11 --mojo-platform-channel-handle=4716 /prefetch:1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2208 --disable-direct-composition --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1" --gpu-driver-bug-workarounds=7,10,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6771 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.152.0.0 --gpu-driver-date=8-30-2013 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --service-request-channel-token=755847B150E7A9284027A841754A51A0 --mojo-platform-channel-handle=3868 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\notepad.exe
C:\windows\system32\notepad.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2208 --primordial-pipe-token=CA895B82E2E85318971AA741241154C1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-gpu-rasterization --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-gpu-compositing --service-request-channel-token=CA895B82E2E85318971AA741241154C1 --renderer-client-id=47 --mojo-platform-channel-handle=5848 /prefetch:1
"C:\Users\Peťo\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForPeťo.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPeťo (null)
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\HPCeeScheduleForPeťo - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPeťo (null)
C:\windows\system32\tasks\User_Feed_Synchronization-{9F65086F-7083-4DD7-9A67-72C7B5FF57D1} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default
prefs.js - "browser.startup.homepage" - "google.com"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U303DF&PC=U303&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions\
bingsearch.full@microsoft.com
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\addons.json
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions.json
HP Client Security Manager - extension - dpmaxz_ng@jetpack - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
Bing Extension - extension - bingsearch.full@microsoft.com - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions\bingsearch.full@microsoft.com
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\features\{a58c1969-e30a-4c0e-8c62-6a1fdaf00ab6}\shield-recipe-client@mozilla.org.xpi
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\pluginreg.dat
=========Google Chrome=========
C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gpdjojdkbbmdfjfahjcgigfpmkopogic 0 Tlačidlo Uložiť na Pintereste 2.0.8
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 0 HP Client Security Manager 1.3.0.5851
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nfedoihopcjdfjihhhojdclnfdgomdho 2 Bing Homepage & Search Engine 0.0.0.8
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5717.116.0.4
Homepage:
default_search_provider.search_url:
C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06 440680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06 416104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2017-03-08 393320]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-07-27 7194840]
""= []
"CryptoMill Refresh"=C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-08-31 389120]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-03-29 941912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2017-03-08 296208]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-31 766208]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-06-26 2312408]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2017-02-15 1193728]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-05-15 13:30:02 ----D---- C:\rsit
2017-05-15 13:04:59 ----D---- C:\FRST
2017-05-15 11:39:46 ----A---- C:\windows\system32\drivers\mbae64.sys
2017-05-15 11:39:34 ----D---- C:\Program Files\Malwarebytes
2017-05-15 11:24:47 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2017-05-15 11:24:28 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2017-05-11 09:31:04 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2017-05-10 15:42:00 ----SHD---- C:\Config.Msi
2017-05-10 05:19:03 ----A---- C:\windows\system32\mshtml.dll
2017-05-10 05:19:02 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-05-10 05:19:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-05-10 05:19:01 ----A---- C:\windows\system32\ieframe.dll
2017-05-10 05:19:00 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-05-10 05:19:00 ----A---- C:\windows\system32\wininet.dll
2017-05-10 05:19:00 ----A---- C:\windows\system32\jscript9.dll
2017-05-10 05:18:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\win32k.sys
2017-05-10 05:18:59 ----A---- C:\windows\system32\urlmon.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\ole32.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\ntoskrnl.exe
2017-05-10 05:18:59 ----A---- C:\windows\system32\iertutil.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-05-10 05:18:58 ----A---- C:\windows\system32\drivers\tcpip.sys
2017-05-10 05:18:58 ----A---- C:\windows\system32\crypt32.dll
2017-05-10 05:18:58 ----A---- C:\windows\system32\advapi32.dll
2017-05-10 05:18:57 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2017-05-10 05:18:57 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2017-05-10 05:18:57 ----A---- C:\windows\system32\pla.dll
2017-05-10 05:18:57 ----A---- C:\windows\system32\oleaut32.dll
2017-05-10 05:18:57 ----A---- C:\windows\system32\drivers\srv.sys
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\crypt32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\advapi32.dll
2017-05-10 05:18:56 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\pla.dll
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-05-10 05:18:55 ----A---- C:\windows\system32\pdh.dll
2017-05-10 05:18:55 ----A---- C:\windows\system32\ieetwcollector.exe
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\srv2.sys
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\fastfat.sys
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\exfat.sys
2017-05-10 05:18:54 ----A---- C:\windows\SYSWOW64\pdh.dll
2017-05-10 05:18:54 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\vbscript.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\rpcss.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2017-05-10 05:18:54 ----A---- C:\windows\system32\msfeeds.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\iedkcs32.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\drivers\tdx.sys
2017-05-10 05:18:54 ----A---- C:\windows\system32\drivers\afd.sys
2017-05-10 05:18:53 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\ntdll.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\MshtmlDac.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\jscript.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\netio.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\ksecdd.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\oleres.dll
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\ntdll.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\oleres.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\gdi32.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2017-05-10 05:18:50 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-05-10 05:18:50 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\comcat.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\webcheck.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\plasrv.exe
2017-05-10 05:18:49 ----A---- C:\windows\system32\mshtmlmedia.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\mshtmled.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\ie4uinit.exe
2017-05-10 05:18:49 ----A---- C:\windows\system32\dxtrans.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\comcat.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\certcli.dll
2017-05-10 05:18:48 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2017-05-10 05:18:48 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\rpcrt4.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\lsasrv.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\kerberos.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\ieui.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\ieapfltr.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-05-10 05:18:47 ----A---- C:\windows\system32\smss.exe
2017-05-10 05:18:47 ----A---- C:\windows\system32\schannel.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\kernel32.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\dxtmsft.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\drivers\srvnet.sys
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\wow64win.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\winsrv.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\occache.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\msrating.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\jscript9diag.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\cdosys.dll
2017-05-10 05:18:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\srcore.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\ncrypt.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\msv1_0.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\KernelBase.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\jsproxy.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2017-05-10 05:18:45 ----A---- C:\windows\system32\cryptsvc.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\msrating.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wow64.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wintrust.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wdigest.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\TSpkg.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\sspicli.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\inseng.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\ieUnatt.exe
2017-05-10 05:18:44 ----A---- C:\windows\system32\cryptnet.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\conhost.exe
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\occache.dll
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\rpchttp.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\ieetwproxystub.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\bcrypt.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\wdigest.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\schannel.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\inseng.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\cdosys.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\iesetup.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-05-10 05:18:42 ----A---- C:\windows\system32\csrsrv.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\wintrust.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\wow64cpu.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\sspisrv.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\srclient.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\setbcdlocale.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\secur32.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\lsass.exe
2017-05-10 05:18:41 ----A---- C:\windows\system32\iernonce.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\drivers\appid.sys
2017-05-10 05:18:41 ----A---- C:\windows\system32\cryptbase.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\appidsvc.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\appidapi.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\srclient.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\kernel32.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\iesetup.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\iernonce.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\credssp.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\appidapi.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\rstrui.exe
2017-05-10 05:18:40 ----A---- C:\windows\system32\ntvdm64.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\credssp.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\appidpolicyconverter.exe
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\wow32.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\secur32.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\auditpol.exe
2017-05-10 05:18:39 ----A---- C:\windows\system32\cdd.dll
2017-05-10 05:18:39 ----A---- C:\windows\system32\auditpol.exe
2017-05-10 05:18:39 ----A---- C:\windows\system32\appidcertstorecheck.exe
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18:36 ----A---- C:\windows\SYSWOW64\setup16.exe
2017-05-10 05:18:36 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2017-05-10 05:18:36 ----A---- C:\windows\system32\apisetschema.dll
2017-05-10 05:18:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\user.exe
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\tzres.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\msaudite.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\instnm.exe
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\tzres.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\msobjs.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\msaudite.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\adtschema.dll
2017-05-10 05:18:33 ----A---- C:\windows\system32\ieetwcollectorres.dll
2017-05-09 17:03:06 ----D---- C:\ProgramData\ESET
2017-05-09 17:03:06 ----D---- C:\Program Files\ESET
====== List of files/folders modified in the last 1 month ======
2017-05-15 13:36:22 ----D---- C:\Program Files\trend micro
2017-05-15 13:26:19 ----D---- C:\windows\Temp
2017-05-15 13:17:32 ----D---- C:\windows\system32\config
2017-05-15 13:11:27 ----D---- C:\Windows
2017-05-15 13:02:24 ----D---- C:\windows\System32
2017-05-15 13:02:24 ----D---- C:\windows\inf
2017-05-15 13:02:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-05-15 12:57:01 ----D---- C:\ProgramData\PDFC
2017-05-15 12:09:01 ----D---- C:\Users\Peťo\AppData\Roaming\vlc
2017-05-15 11:39:46 ----D---- C:\windows\system32\drivers
2017-05-15 11:39:34 ----RD---- C:\Program Files
2017-05-15 11:39:34 ----D---- C:\ProgramData\Malwarebytes
2017-05-15 11:26:26 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-15 11:21:34 ----D---- C:\windows\debug
2017-05-15 11:12:22 ----D---- C:\windows\Prefetch
2017-05-15 11:12:20 ----D---- C:\windows\system32\Tasks
2017-05-14 21:31:23 ----SHD---- C:\System Volume Information
2017-05-14 19:52:32 ----D---- C:\Users\Peťo\AppData\Roaming\Adobe
2017-05-14 19:52:32 ----D---- C:\ProgramData\Adobe
2017-05-11 23:19:24 ----RSD---- C:\windows\assembly
2017-05-11 09:54:59 ----D---- C:\windows\rescache
2017-05-11 09:51:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-05-11 09:51:22 ----D---- C:\windows\system32\Macromed
2017-05-11 09:31:07 ----D---- C:\windows\SYSWOW64\Macromed
2017-05-11 09:31:04 ----D---- C:\windows\SysWOW64
2017-05-10 17:18:12 ----D---- C:\windows\Microsoft.NET
2017-05-10 16:15:49 ----D---- C:\windows\winsxs
2017-05-10 16:12:11 ----D---- C:\windows\SYSWOW64\migration
2017-05-10 16:12:11 ----D---- C:\Program Files\Internet Explorer
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\sk-SK
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\en-US
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\cs-CZ
2017-05-10 16:12:10 ----D---- C:\windows\system32\sk-SK
2017-05-10 16:12:10 ----D---- C:\windows\system32\migration
2017-05-10 16:12:10 ----D---- C:\windows\system32\cs-CZ
2017-05-10 16:12:10 ----D---- C:\windows\PolicyDefinitions
2017-05-10 16:12:09 ----D---- C:\windows\system32\en-US
2017-05-10 16:12:09 ----D---- C:\windows\AppPatch
2017-05-10 16:12:08 ----D---- C:\windows\system32\Boot
2017-05-10 16:12:08 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-10 15:45:20 ----SHD---- C:\windows\Installer
2017-05-10 15:45:19 ----D---- C:\ProgramData\Microsoft Help
2017-05-10 15:43:10 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2017-05-10 15:40:43 ----D---- C:\windows\system32\catroot2
2017-05-10 15:40:19 ----D---- C:\windows\system32\MRT
2017-05-10 15:38:00 ----AC---- C:\windows\system32\MRT.exe
2017-05-10 09:15:59 ----D---- C:\windows\Tasks
2017-05-09 17:03:43 ----D---- C:\windows\system32\DriverStore
2017-05-09 17:03:06 ----HD---- C:\ProgramData
2017-05-07 06:27:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 14:06:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-05-06 14:06:45 ----RD---- C:\Program Files (x86)
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\windows\system32\drivers\iaStorA.sys [2013-09-21 630632]
R0 iaStorF;iaStorF; C:\windows\system32\drivers\iaStorF.sys [2013-09-21 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\windows\system32\drivers\iusb3hcs.sys [2017-03-08 22800]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2017-03-09 132848]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2017-03-09 178056]
R1 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2017-03-09 77224]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2013-08-31 12528640]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2013-08-31 618496]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 IceKore;IceKore; C:\windows\system32\DRIVERS\IceKore.sys [2013-11-14 411608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2017-03-08 4918160]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2013-07-31 3564376]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2017-03-08 388880]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\windows\system32\DRIVERS\iusb3xhc.sys [2017-03-08 799504]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2017-05-15 251832]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-08-13 125952]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-08-15 881880]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbccgpfilter.sys [2016-11-25 18816]
S3 mbamchameleon;mbamchameleon; \??\C:\windows\system32\drivers\mbamchameleon.sys [2017-05-15 109272]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2016-11-25 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Android USB Driver; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2013-08-31 239616]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CreoService;HP Trust Circles Service; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [2014-03-25 1927640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-03-09 2624856]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-06-26 1842904]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2016-11-25 192200]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2017-03-08 344168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-08-13 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-08-13 405976]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2017-02-15 1719552]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-19 246488]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11 271864]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2017-03-08 279144]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-11-13 1233592]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-04-16 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-06 173512]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-11-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
Logfile of random's system information tool 1.16 (written by random/random)
Run by Peťo at 2017-05-15 13:30:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 798 GB (85%) free of 941 GB
Total RAM: 4024 MB (48% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:36:23, on 15. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Peťo_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: HP Trust Circles Service (CreoService) - CryptoMill Technologies Ltd. - C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12673 bytes
====== Enumerating Processes ======
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPSP
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\windows\system32\taskhost.exe
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\windows\system32\Dwm.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\igfxEM.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-676fcbac-5425-44d4-bf1c-a7448569eb0d -SystemEventPortName:HostProcess-8b4c509e-201f-4d87-8948-6a13d76d252b -IoCancelEventPortName:HostProcess-36f5fa38-b66e-421d-a198-dc3f6d928a98 -NonStateChangingEventPortName:HostProcess-165f789f-f395-47a9-a2ad-473257e5d796 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95d30459-0aca-405a-817e-7db044aa3061 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Peťo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x6ab57dc8,0x6ab57dbc,0x6ab57dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5928 --on-initialized-event-handle=328 --parent-handle=336 /prefetch:6
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2208 --primordial-pipe-token=E7C4B5E125DEADCF1A041558C71E64EC --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-gpu-rasterization --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-gpu-compositing --service-request-channel-token=E7C4B5E125DEADCF1A041558C71E64EC --renderer-client-id=11 --mojo-platform-channel-handle=4716 /prefetch:1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2208 --disable-direct-composition --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1" --gpu-driver-bug-workarounds=7,10,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6771 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.152.0.0 --gpu-driver-date=8-30-2013 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --service-request-channel-token=755847B150E7A9284027A841754A51A0 --mojo-platform-channel-handle=3868 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\notepad.exe
C:\windows\system32\notepad.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2208 --primordial-pipe-token=CA895B82E2E85318971AA741241154C1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-gpu-rasterization --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-gpu-compositing --service-request-channel-token=CA895B82E2E85318971AA741241154C1 --renderer-client-id=47 --mojo-platform-channel-handle=5848 /prefetch:1
"C:\Users\Peťo\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForPeťo.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPeťo (null)
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\HPCeeScheduleForPeťo - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPeťo (null)
C:\windows\system32\tasks\User_Feed_Synchronization-{9F65086F-7083-4DD7-9A67-72C7B5FF57D1} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default
prefs.js - "browser.startup.homepage" - "google.com"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U303DF&PC=U303&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions\
bingsearch.full@microsoft.com
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\addons.json
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions.json
HP Client Security Manager - extension - dpmaxz_ng@jetpack - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
Bing Extension - extension - bingsearch.full@microsoft.com - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\extensions\bingsearch.full@microsoft.com
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\features\{a58c1969-e30a-4c0e-8c62-6a1fdaf00ab6}\shield-recipe-client@mozilla.org.xpi
C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\pluginreg.dat
=========Google Chrome=========
C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension gpdjojdkbbmdfjfahjcgigfpmkopogic 0 Tlačidlo Uložiť na Pintereste 2.0.8
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 0 HP Client Security Manager 1.3.0.5851
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nfedoihopcjdfjihhhojdclnfdgomdho 2 Bing Homepage & Search Engine 0.0.0.8
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5717.116.0.4
Homepage:
default_search_provider.search_url:
C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06 440680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06 416104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2017-03-08 393320]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-07-27 7194840]
""= []
"CryptoMill Refresh"=C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-08-31 389120]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-03-29 941912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2017-03-08 296208]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-31 766208]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-06-26 2312408]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2017-02-15 1193728]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-05-15 13:30:02 ----D---- C:\rsit
2017-05-15 13:04:59 ----D---- C:\FRST
2017-05-15 11:39:46 ----A---- C:\windows\system32\drivers\mbae64.sys
2017-05-15 11:39:34 ----D---- C:\Program Files\Malwarebytes
2017-05-15 11:24:47 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2017-05-15 11:24:28 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2017-05-11 09:31:04 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2017-05-10 15:42:00 ----SHD---- C:\Config.Msi
2017-05-10 05:19:03 ----A---- C:\windows\system32\mshtml.dll
2017-05-10 05:19:02 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-05-10 05:19:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-05-10 05:19:01 ----A---- C:\windows\system32\ieframe.dll
2017-05-10 05:19:00 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-05-10 05:19:00 ----A---- C:\windows\system32\wininet.dll
2017-05-10 05:19:00 ----A---- C:\windows\system32\jscript9.dll
2017-05-10 05:18:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\win32k.sys
2017-05-10 05:18:59 ----A---- C:\windows\system32\urlmon.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\ole32.dll
2017-05-10 05:18:59 ----A---- C:\windows\system32\ntoskrnl.exe
2017-05-10 05:18:59 ----A---- C:\windows\system32\iertutil.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-05-10 05:18:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-05-10 05:18:58 ----A---- C:\windows\system32\drivers\tcpip.sys
2017-05-10 05:18:58 ----A---- C:\windows\system32\crypt32.dll
2017-05-10 05:18:58 ----A---- C:\windows\system32\advapi32.dll
2017-05-10 05:18:57 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2017-05-10 05:18:57 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2017-05-10 05:18:57 ----A---- C:\windows\system32\pla.dll
2017-05-10 05:18:57 ----A---- C:\windows\system32\oleaut32.dll
2017-05-10 05:18:57 ----A---- C:\windows\system32\drivers\srv.sys
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\crypt32.dll
2017-05-10 05:18:56 ----A---- C:\windows\SYSWOW64\advapi32.dll
2017-05-10 05:18:56 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\pla.dll
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-05-10 05:18:55 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-05-10 05:18:55 ----A---- C:\windows\system32\pdh.dll
2017-05-10 05:18:55 ----A---- C:\windows\system32\ieetwcollector.exe
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\srv2.sys
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\fastfat.sys
2017-05-10 05:18:55 ----A---- C:\windows\system32\drivers\exfat.sys
2017-05-10 05:18:54 ----A---- C:\windows\SYSWOW64\pdh.dll
2017-05-10 05:18:54 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\vbscript.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\rpcss.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2017-05-10 05:18:54 ----A---- C:\windows\system32\msfeeds.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\iedkcs32.dll
2017-05-10 05:18:54 ----A---- C:\windows\system32\drivers\tdx.sys
2017-05-10 05:18:54 ----A---- C:\windows\system32\drivers\afd.sys
2017-05-10 05:18:53 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\ntdll.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\MshtmlDac.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\jscript.dll
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\netio.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\ksecdd.sys
2017-05-10 05:18:53 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\oleres.dll
2017-05-10 05:18:51 ----A---- C:\windows\SYSWOW64\ntdll.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\oleres.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\gdi32.dll
2017-05-10 05:18:51 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2017-05-10 05:18:50 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-05-10 05:18:50 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\comcat.dll
2017-05-10 05:18:49 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\webcheck.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\plasrv.exe
2017-05-10 05:18:49 ----A---- C:\windows\system32\mshtmlmedia.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\mshtmled.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\ie4uinit.exe
2017-05-10 05:18:49 ----A---- C:\windows\system32\dxtrans.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\comcat.dll
2017-05-10 05:18:49 ----A---- C:\windows\system32\certcli.dll
2017-05-10 05:18:48 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2017-05-10 05:18:48 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\rpcrt4.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\lsasrv.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\kerberos.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\ieui.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\ieapfltr.dll
2017-05-10 05:18:48 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-05-10 05:18:47 ----A---- C:\windows\system32\smss.exe
2017-05-10 05:18:47 ----A---- C:\windows\system32\schannel.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\kernel32.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\dxtmsft.dll
2017-05-10 05:18:47 ----A---- C:\windows\system32\drivers\srvnet.sys
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2017-05-10 05:18:46 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\wow64win.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\winsrv.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\occache.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\msrating.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\jscript9diag.dll
2017-05-10 05:18:46 ----A---- C:\windows\system32\cdosys.dll
2017-05-10 05:18:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\srcore.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\ncrypt.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\msv1_0.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\KernelBase.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\jsproxy.dll
2017-05-10 05:18:45 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2017-05-10 05:18:45 ----A---- C:\windows\system32\cryptsvc.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\msrating.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2017-05-10 05:18:44 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wow64.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wintrust.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\wdigest.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\TSpkg.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\sspicli.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\inseng.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\ieUnatt.exe
2017-05-10 05:18:44 ----A---- C:\windows\system32\cryptnet.dll
2017-05-10 05:18:44 ----A---- C:\windows\system32\conhost.exe
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\occache.dll
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2017-05-10 05:18:43 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\rpchttp.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\ieetwproxystub.dll
2017-05-10 05:18:43 ----A---- C:\windows\system32\bcrypt.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\wdigest.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\schannel.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\inseng.dll
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2017-05-10 05:18:42 ----A---- C:\windows\SYSWOW64\cdosys.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\iesetup.dll
2017-05-10 05:18:42 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-05-10 05:18:42 ----A---- C:\windows\system32\csrsrv.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\wintrust.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2017-05-10 05:18:41 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\wow64cpu.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\sspisrv.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\srclient.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\setbcdlocale.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\secur32.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\lsass.exe
2017-05-10 05:18:41 ----A---- C:\windows\system32\iernonce.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\drivers\appid.sys
2017-05-10 05:18:41 ----A---- C:\windows\system32\cryptbase.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\appidsvc.dll
2017-05-10 05:18:41 ----A---- C:\windows\system32\appidapi.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\srclient.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\kernel32.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\iesetup.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\iernonce.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\credssp.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2017-05-10 05:18:40 ----A---- C:\windows\SYSWOW64\appidapi.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\rstrui.exe
2017-05-10 05:18:40 ----A---- C:\windows\system32\ntvdm64.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\credssp.dll
2017-05-10 05:18:40 ----A---- C:\windows\system32\appidpolicyconverter.exe
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18:39 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\wow32.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\secur32.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2017-05-10 05:18:39 ----A---- C:\windows\SYSWOW64\auditpol.exe
2017-05-10 05:18:39 ----A---- C:\windows\system32\cdd.dll
2017-05-10 05:18:39 ----A---- C:\windows\system32\auditpol.exe
2017-05-10 05:18:39 ----A---- C:\windows\system32\appidcertstorecheck.exe
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18:38 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18:37 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18:36 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18:36 ----A---- C:\windows\SYSWOW64\setup16.exe
2017-05-10 05:18:36 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2017-05-10 05:18:36 ----A---- C:\windows\system32\apisetschema.dll
2017-05-10 05:18:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\user.exe
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\tzres.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\msaudite.dll
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\instnm.exe
2017-05-10 05:18:35 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\tzres.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\msobjs.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\msaudite.dll
2017-05-10 05:18:35 ----A---- C:\windows\system32\adtschema.dll
2017-05-10 05:18:33 ----A---- C:\windows\system32\ieetwcollectorres.dll
2017-05-09 17:03:06 ----D---- C:\ProgramData\ESET
2017-05-09 17:03:06 ----D---- C:\Program Files\ESET
====== List of files/folders modified in the last 1 month ======
2017-05-15 13:36:22 ----D---- C:\Program Files\trend micro
2017-05-15 13:26:19 ----D---- C:\windows\Temp
2017-05-15 13:17:32 ----D---- C:\windows\system32\config
2017-05-15 13:11:27 ----D---- C:\Windows
2017-05-15 13:02:24 ----D---- C:\windows\System32
2017-05-15 13:02:24 ----D---- C:\windows\inf
2017-05-15 13:02:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-05-15 12:57:01 ----D---- C:\ProgramData\PDFC
2017-05-15 12:09:01 ----D---- C:\Users\Peťo\AppData\Roaming\vlc
2017-05-15 11:39:46 ----D---- C:\windows\system32\drivers
2017-05-15 11:39:34 ----RD---- C:\Program Files
2017-05-15 11:39:34 ----D---- C:\ProgramData\Malwarebytes
2017-05-15 11:26:26 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-15 11:21:34 ----D---- C:\windows\debug
2017-05-15 11:12:22 ----D---- C:\windows\Prefetch
2017-05-15 11:12:20 ----D---- C:\windows\system32\Tasks
2017-05-14 21:31:23 ----SHD---- C:\System Volume Information
2017-05-14 19:52:32 ----D---- C:\Users\Peťo\AppData\Roaming\Adobe
2017-05-14 19:52:32 ----D---- C:\ProgramData\Adobe
2017-05-11 23:19:24 ----RSD---- C:\windows\assembly
2017-05-11 09:54:59 ----D---- C:\windows\rescache
2017-05-11 09:51:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-05-11 09:51:22 ----D---- C:\windows\system32\Macromed
2017-05-11 09:31:07 ----D---- C:\windows\SYSWOW64\Macromed
2017-05-11 09:31:04 ----D---- C:\windows\SysWOW64
2017-05-10 17:18:12 ----D---- C:\windows\Microsoft.NET
2017-05-10 16:15:49 ----D---- C:\windows\winsxs
2017-05-10 16:12:11 ----D---- C:\windows\SYSWOW64\migration
2017-05-10 16:12:11 ----D---- C:\Program Files\Internet Explorer
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\sk-SK
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\en-US
2017-05-10 16:12:10 ----D---- C:\windows\SYSWOW64\cs-CZ
2017-05-10 16:12:10 ----D---- C:\windows\system32\sk-SK
2017-05-10 16:12:10 ----D---- C:\windows\system32\migration
2017-05-10 16:12:10 ----D---- C:\windows\system32\cs-CZ
2017-05-10 16:12:10 ----D---- C:\windows\PolicyDefinitions
2017-05-10 16:12:09 ----D---- C:\windows\system32\en-US
2017-05-10 16:12:09 ----D---- C:\windows\AppPatch
2017-05-10 16:12:08 ----D---- C:\windows\system32\Boot
2017-05-10 16:12:08 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-10 15:45:20 ----SHD---- C:\windows\Installer
2017-05-10 15:45:19 ----D---- C:\ProgramData\Microsoft Help
2017-05-10 15:43:10 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2017-05-10 15:40:43 ----D---- C:\windows\system32\catroot2
2017-05-10 15:40:19 ----D---- C:\windows\system32\MRT
2017-05-10 15:38:00 ----AC---- C:\windows\system32\MRT.exe
2017-05-10 09:15:59 ----D---- C:\windows\Tasks
2017-05-09 17:03:43 ----D---- C:\windows\system32\DriverStore
2017-05-09 17:03:06 ----HD---- C:\ProgramData
2017-05-07 06:27:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 14:06:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-05-06 14:06:45 ----RD---- C:\Program Files (x86)
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\windows\system32\drivers\iaStorA.sys [2013-09-21 630632]
R0 iaStorF;iaStorF; C:\windows\system32\drivers\iaStorF.sys [2013-09-21 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\windows\system32\drivers\iusb3hcs.sys [2017-03-08 22800]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2017-03-09 132848]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2017-03-09 178056]
R1 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2017-03-09 77224]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2013-08-31 12528640]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2013-08-31 618496]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 IceKore;IceKore; C:\windows\system32\DRIVERS\IceKore.sys [2013-11-14 411608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2017-03-08 4918160]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2013-07-31 3564376]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2017-03-08 388880]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\windows\system32\DRIVERS\iusb3xhc.sys [2017-03-08 799504]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2017-05-15 251832]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-08-13 125952]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-08-15 881880]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbccgpfilter.sys [2016-11-25 18816]
S3 mbamchameleon;mbamchameleon; \??\C:\windows\system32\drivers\mbamchameleon.sys [2017-05-15 109272]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2016-11-25 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Android USB Driver; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2013-08-31 239616]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CreoService;HP Trust Circles Service; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [2014-03-25 1927640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-03-09 2624856]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-06-26 1842904]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2016-11-25 192200]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2017-03-08 344168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-08-13 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-08-13 405976]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2017-02-15 1719552]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-19 246488]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11 271864]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2017-03-08 279144]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-11-13 1233592]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-04-16 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-06 173512]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-11-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Krasny den Vam preju 
Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 100.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne.
Odinstalujte
V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 100.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne. Odinstalujte - Microsoft Security Essentials
V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan (Skenovani), pote na Clean (Cisteni)
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu
Dakujem
tu je log z adw
# AdwCleaner v6.046 - *Logfile created 15/05/2017 *at 21:15:30
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-15.1 [*Local]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Peťo - HP
# *Running from : C:\Users\Peťo\Downloads\adwcleaner_6.046.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2049 *Bytes] - [07/11/2015 21:01:04]
C:\AdwCleaner\AdwCleaner[C2].txt - [1231 *Bytes] - [15/05/2017 21:03:31]
C:\AdwCleaner\AdwCleaner[C3].txt - [929 *Bytes] - [15/05/2017 21:15:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1903 *Bytes] - [07/11/2015 20:00:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [1903 *Bytes] - [07/11/2015 20:36:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [1410 *Bytes] - [15/05/2017 21:03:10]
C:\AdwCleaner\AdwCleaner[S4].txt - [1557 *Bytes] - [15/05/2017 21:15:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1298 *Bytes] ##########
tu je log z adw
# AdwCleaner v6.046 - *Logfile created 15/05/2017 *at 21:15:30
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-15.1 [*Local]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Peťo - HP
# *Running from : C:\Users\Peťo\Downloads\adwcleaner_6.046.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2049 *Bytes] - [07/11/2015 21:01:04]
C:\AdwCleaner\AdwCleaner[C2].txt - [1231 *Bytes] - [15/05/2017 21:03:31]
C:\AdwCleaner\AdwCleaner[C3].txt - [929 *Bytes] - [15/05/2017 21:15:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1903 *Bytes] - [07/11/2015 20:00:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [1903 *Bytes] - [07/11/2015 20:36:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [1410 *Bytes] - [15/05/2017 21:03:10]
C:\AdwCleaner\AdwCleaner[S4].txt - [1557 *Bytes] - [15/05/2017 21:15:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1298 *Bytes] ##########
Re: Prosím o kontrolu logu
Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
- spuste dvojklikem a extrahujte na plochu
- kliknete na Next
- aktualizujte virovou databazi klikem na Update a pokracujte na Next
- vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 20 minut)
- zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
- kliknete na Cleanup a souhlaste s restartem - Yes
- obsah logu ulozene na plose v mbar\mbar-log-2017-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu
no tento mbar nenašiel žiadny malware takže mi nedal ani možnosť cleanup a teda ani log.
ja som si ho teraz odtialto stiahol ale už jeden mám a ked som pred tým scanoval počítač cez neho tak sa ako keby zasekol, vypisoval tam niečo ako partition is not bootable, not active a tak.
a mimochodom pozrel som aj tie stranky ktore pred tym nešli otvoriť a ostavali iba biele. teraz už išli
ja som si ho teraz odtialto stiahol ale už jeden mám a ked som pred tým scanoval počítač cez neho tak sa ako keby zasekol, vypisoval tam niečo ako partition is not bootable, not active a tak.
a mimochodom pozrel som aj tie stranky ktore pred tym nešli otvoriť a ostavali iba biele. teraz už išli
Re: Prosím o kontrolu logu
Firma Malwarebytes ma sirsi portfolio antimalwarovych nastroju, ale kazdy detekuje neco jineho. Ocividne si pletete MBAR (Malwarebytes Anti-rootkit), ktery jste prave pouzil, s MBAM (Malwarebytes Anti-malware), ktery jiz v PC mate nainstalovany a o jehoz skenu take mluvite. To nicemu nevadi, jen uvadim informace na pravou miru. Zkusime vyexportovat logy z MBAMu - spustte MBAM -> zalozka History -> Application Logs -> tam pohledejte Scan Log -> pokud nejaky takovy bude, dvakrat na nej poklepejte -> Export a ulozte jako .txt.
- Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
- archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
- ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
- log vlozte do dalsi odpovedi (Ctrl + V)
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu
naozaj mame na mysli ten isty
vyzera takto
http://techdows.com/wp-content/uploads/ ... ogress.png
a mam ho stiahnuty odtialto
https://www.malwarebytes.com/antirootkit/
kazdopadne vcera som nenasiel z neho log dnes uz ale ano
tu je zo včera
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.05.15.06
rootkit: v2017.04.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18665
Peťo :: HP [administrator]
15. 5. 2017 21:44:30
mbar-log-2017-05-15 (21-44-30).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 389014
Time elapsed: 12 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
vyzera takto
http://techdows.com/wp-content/uploads/ ... ogress.png
a mam ho stiahnuty odtialto
https://www.malwarebytes.com/antirootkit/
kazdopadne vcera som nenasiel z neho log dnes uz ale ano
tu je zo včera
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.05.15.06
rootkit: v2017.04.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18665
Peťo :: HP [administrator]
15. 5. 2017 21:44:30
mbar-log-2017-05-15 (21-44-30).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 389014
Time elapsed: 12 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu logu
pre istotu sem dam aj log z mbam a potom z toho crystal discu
takze mbam log
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 16.05.17
Čas skenovania: 6:18
Súbor denníka: Nový textový dokument (6).txt
Správca: Áno
-Údaje o softvéri-
Verzia: 3.1.2.1733
Verzia súčastí: 1.0.122
Aktualizovať verziu balíka: 1.0.1949
Licencia: Zadarmo
-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: HP\Pe\u00c5\u00a5o
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 450404
Zistené hrozby: 0
(Nezistili sa nijaké škodlivé položky)
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 3 min, 27 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
takze mbam log
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 16.05.17
Čas skenovania: 6:18
Súbor denníka: Nový textový dokument (6).txt
Správca: Áno
-Údaje o softvéri-
Verzia: 3.1.2.1733
Verzia súčastí: 1.0.122
Aktualizovať verziu balíka: 1.0.1949
Licencia: Zadarmo
-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: HP\Pe\u00c5\u00a5o
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 450404
Zistené hrozby: 0
(Nezistili sa nijaké škodlivé položky)
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 3 min, 27 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Re: Prosím o kontrolu logu
crystal disc
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2017/05/16 6:45:24
-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Chipset Family SATA AHCI Controller [ATA]
- WDC WD10EZEX-60M2NA0 SCSI Disk Device
- hp DVD-RAM SW830 SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD10EZEX-60M2NA0 : 1000,2 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD10EZEX-60M2NA0
----------------------------------------------------------------------------
Model : WDC WD10EZEX-60M2NA0
Firmware : 01.01A01
Serial Number : WD-WCC3F5165387
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 9536 hours
Power On Count : 4374 count
Temperature : 29 C (84 F)
Health Status : Good
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 174 173 _21 0000000008E3 Spin-Up Time
04 _96 _96 __0 00000000113E Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _87 _87 __0 000000002540 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _96 _96 __0 000000001116 Power Cycle Count
B7 100 100 __0 000000000000 Vendor Specific
B8 100 100 _97 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BE _71 _63 _40 00001D16001D Airflow Temperature
C0 200 200 __0 00000000002E Power-off Retract Count
C1 199 199 __0 000000001126 Load/Unload Cycle Count
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4333 4635 3136 3533 3837
020: 0000 0000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 455A 4558 2D36 304D 324E 4130 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 2008
070: 0000 0000 0000 0000 0000 001F 850E 0026 00CC 004C
080: 03FE 001F 706B 7C61 4123 7069 BC41 4123 203F 003D
090: 003D 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B4E6 F52D 0000 0000 0000 0000 0000 0000 0000 40DC
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 6DB0 7470 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F2A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 AE AD E3 08 00 00 00 00 00 04 32 00 60 60 3E
020: 11 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 57 57 40 25 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 16 11 00 00 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 47 3F 1D 00 16 1D 00 00 00 C0 32 00 C8 C8 2E
0B0: 00 00 00 00 00 00 C1 32 00 C7 C7 26 11 00 00 00
0C0: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0E0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 29 88 2C 01 5B
170: 03 00 01 67 02 76 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3C
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2017/05/16 6:45:24
-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Chipset Family SATA AHCI Controller [ATA]
- WDC WD10EZEX-60M2NA0 SCSI Disk Device
- hp DVD-RAM SW830 SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD10EZEX-60M2NA0 : 1000,2 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD10EZEX-60M2NA0
----------------------------------------------------------------------------
Model : WDC WD10EZEX-60M2NA0
Firmware : 01.01A01
Serial Number : WD-WCC3F5165387
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 9536 hours
Power On Count : 4374 count
Temperature : 29 C (84 F)
Health Status : Good
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 174 173 _21 0000000008E3 Spin-Up Time
04 _96 _96 __0 00000000113E Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _87 _87 __0 000000002540 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _96 _96 __0 000000001116 Power Cycle Count
B7 100 100 __0 000000000000 Vendor Specific
B8 100 100 _97 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BE _71 _63 _40 00001D16001D Airflow Temperature
C0 200 200 __0 00000000002E Power-off Retract Count
C1 199 199 __0 000000001126 Load/Unload Cycle Count
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4333 4635 3136 3533 3837
020: 0000 0000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 455A 4558 2D36 304D 324E 4130 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 2008
070: 0000 0000 0000 0000 0000 001F 850E 0026 00CC 004C
080: 03FE 001F 706B 7C61 4123 7069 BC41 4123 203F 003D
090: 003D 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B4E6 F52D 0000 0000 0000 0000 0000 0000 0000 40DC
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 6DB0 7470 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F2A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 AE AD E3 08 00 00 00 00 00 04 32 00 60 60 3E
020: 11 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 57 57 40 25 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 16 11 00 00 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 47 3F 1D 00 16 1D 00 00 00 C0 32 00 C8 C8 2E
0B0: 00 00 00 00 00 00 C1 32 00 C7 C7 26 11 00 00 00
0C0: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0E0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 29 88 2C 01 5B
170: 03 00 01 67 02 76 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3C
Re: Prosím o kontrolu logu
Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Peťo (administrator) on HP (16-05-2017 11:06:09)
Running from C:\Users\Peťo\Downloads
Loaded Profiles: Peťo (Available Profiles: Peťo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CryptoMill Technologies Ltd.) C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Peťo\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [393320 2017-03-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CryptoMill Refresh] => C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2017-03-08] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {0dbe0e12-1db3-11e7-b43b-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615751-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615756-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
ShellIconOverlayIdentifiers-x32: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-11-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5D34EF48-5425-47B2-A080-3A7048311097}: [DhcpNameServer] 192.168.88.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default [2017-05-16]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\wybjuohb.default -> google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\wybjuohb.default -> hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q=
FF Extension: (Bing Extension) - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\Extensions\bingsearch.full@microsoft.com [2015-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-06-17] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-29] (DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/?mkt=en-US&pc=__PARAM__
CHR Profile: C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default [2017-05-16]
CHR Extension: (Prezentácie Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabuľky Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (HP Client Security Manager) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKU\S-1-5-21-315758732-1186768704-838511381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-03-29]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CreoService; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1927640 2014-03-25] (CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-04-04] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2624856 2017-03-09] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344168 2017-03-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132848 2017-03-09] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-03-09] (ESET)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\windows\System32\drivers\iaStorF.sys [28008 2013-09-21] (Intel Corporation)
R3 IceKore; C:\windows\System32\DRIVERS\IceKore.sys [411608 2013-11-14] (CryptoMill Technologies Inc.)
R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-16] (Malwarebytes)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-02-04] (WinMagic Inc.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-02-04] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-02-04] (WinMagic Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-16 11:04 - 2017-05-16 11:04 - 02429952 _____ (Farbar) C:\Users\Peťo\Downloads\FRST64 (1).exe
2017-05-16 10:41 - 2017-05-16 10:41 - 477726548 _____ C:\Users\Peťo\Downloads\Birdman.2014.m-1080p.BluRay.x264.AC3.CZ.mkv (1).crdownload
2017-05-16 07:02 - 2017-05-16 07:02 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\Google
2017-05-16 06:45 - 2017-05-16 06:46 - 00008012 _____ C:\Users\Peťo\Desktop\Nový textový dokument (7).txt
2017-05-16 06:41 - 2017-05-16 06:41 - 04669119 _____ C:\Users\Peťo\Downloads\CrystalDiskInfo6_7_5.zip
2017-05-16 06:36 - 2017-05-16 06:38 - 00001562 _____ C:\Users\Peťo\Desktop\Nový textový dokument (6).txt
2017-05-15 21:43 - 2017-05-15 21:43 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Peťo\Downloads\mbar-1.09.3.1001 (1).exe
2017-05-15 20:54 - 2017-05-15 20:55 - 04102600 _____ C:\Users\Peťo\Downloads\adwcleaner_6.046.exe
2017-05-15 13:30 - 2017-05-15 13:36 - 00000000 ____D C:\rsit
2017-05-15 13:26 - 2017-05-15 13:26 - 01329152 _____ C:\Users\Peťo\Downloads\RSITx64.exe
2017-05-15 13:11 - 2017-05-15 13:12 - 00031454 _____ C:\Users\Peťo\Downloads\Addition.txt
2017-05-15 13:09 - 2017-05-16 11:06 - 00019015 _____ C:\Users\Peťo\Downloads\FRST.txt
2017-05-15 13:04 - 2017-05-16 11:06 - 00000000 ____D C:\FRST
2017-05-15 13:03 - 2017-05-15 13:03 - 02429952 _____ (Farbar) C:\Users\Peťo\Downloads\FRST64.exe
2017-05-15 11:39 - 2017-05-15 11:39 - 00001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-15 11:39 - 2017-05-09 16:37 - 00077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-05-15 11:27 - 2017-05-15 11:27 - 63035592 _____ (Malwarebytes ) C:\Users\Peťo\Downloads\mb3-setup-consumer-3.1.2.1733.exe
2017-05-15 11:24 - 2017-05-16 10:07 - 00251832 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-15 11:24 - 2017-05-15 21:44 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2017-05-15 08:36 - 2017-05-15 12:02 - 3657722094 _____ C:\Users\Peťo\Downloads\Last-Days-In-The-Desert-(2015)-Cz-Titulky-v-Obraze---Moviestyl.avi
2017-05-14 16:11 - 2017-05-14 16:36 - 449752479 _____ C:\Users\Peťo\Downloads\Legion.S01E01.HDTV.x264-FLEET.mkv
2017-05-14 12:27 - 2017-05-14 15:58 - 3709622755 _____ C:\Users\Peťo\Downloads\To.the.Wonder.2012.720p.WEB-DL.DD5.1.H.264-CtrlHD.mkv
2017-05-14 12:26 - 2017-05-14 13:50 - 1497602726 _____ C:\Users\Peťo\Downloads\Knight-of-Cups-(2015)-hdrip.sub.español.avi
2017-05-13 15:26 - 2017-05-13 16:22 - 997515136 _____ C:\Users\Peťo\Downloads\Žít-svůj-život---Vivre-sa-vie--Film-en-douze-tableaux-1962,-CZ-tit.avi
2017-05-13 12:30 - 2017-05-13 15:19 - 2964234685 _____ C:\Users\Peťo\Downloads\Easy-Rider-1969-BluRay-1080p-DD5.1-x265-D3FiL3R[PRiME][majo0007].mkv
2017-05-13 11:55 - 2017-05-13 13:33 - 1746570942 _____ C:\Users\Peťo\Downloads\Scarecrow-(1973)-eng-DVDRip.x264.-CZsub-JrK.mkv
2017-05-12 11:19 - 2017-05-12 14:21 - 3199723107 _____ C:\Users\Peťo\Downloads\Strom-života-(The-Tree-of-Life)-ENG-Dabing+CZ-Titulky-(2011)-720p-Bluray-Kvalita.mkv
2017-05-11 11:31 - 2017-05-11 12:45 - 1336577767 _____ C:\Users\Peťo\Downloads\Gravity.2013.1080p.BluRay.CZ.titulky.mkv
2017-05-11 09:31 - 2017-05-11 09:31 - 05257208 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-05-10 17:02 - 2017-05-10 17:41 - 680730760 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E04_CZ.avi
2017-05-10 15:28 - 2017-05-10 16:06 - 654115098 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E03_CZ.avi
2017-05-10 15:07 - 2017-05-14 18:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (9)
2017-05-10 05:19 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 05:19 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 05:19 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 05:19 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 05:19 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 05:18 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-05-10 05:18 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-05-10 05:18 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-05-10 05:18 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-05-10 05:18 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-05-10 05:18 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 05:18 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-05-10 05:18 - 2017-04-28 02:14 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-05-10 05:18 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-05-10 05:18 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-05-10 05:18 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-05-10 05:18 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-05-10 05:18 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 05:18 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2017-05-10 05:18 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2017-05-10 05:18 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-05-10 05:18 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-05-10 05:18 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 05:18 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-05-10 05:18 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-05-10 05:18 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-05-10 05:18 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-05-10 05:18 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-05-10 05:18 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 05:18 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-05-10 05:18 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-05-10 05:18 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-05-10 05:18 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-05-10 05:18 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-05-10 05:18 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 05:18 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 05:18 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-05-10 05:18 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-05-10 05:18 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-05-10 05:18 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 05:18 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-05-10 05:18 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-05-10 05:18 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 05:18 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 05:18 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-05-10 05:18 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-05-10 05:18 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-05-10 05:18 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 05:18 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-05-10 05:18 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-05-10 05:18 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
2017-05-10 05:18 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2017-05-10 05:18 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\plasrv.exe
2017-05-10 05:18 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2017-05-10 05:18 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2017-05-10 05:18 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-05-10 05:18 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-05-10 05:10 - 2017-05-10 07:27 - 2457953209 _____ C:\Users\Peťo\Downloads\The.Revenant.2015.1080p.BluRay.CZ.titulky.mkv
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\Program Files\ESET
2017-05-09 16:58 - 2017-05-09 16:58 - 03139200 _____ (ESET) C:\Users\Peťo\Downloads\eset_nod32_antivirus_live_installer (1).exe
2017-05-06 19:04 - 2017-05-11 08:01 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (8)
2017-04-26 11:40 - 2017-04-26 11:40 - 00243827 _____ C:\Users\Peťo\Documents\dda.pdf
2017-04-22 16:42 - 2017-05-09 21:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (7)
2017-04-20 09:20 - 2017-04-20 10:37 - 1240357866 _____ C:\Users\Peťo\Downloads\The.Crown.S01E01.720p.WEBRip.X264-DEFLATE.mkv
2017-04-19 15:31 - 2017-04-21 10:26 - 00000000 ____D C:\Users\Peťo\Desktop\repas
2017-04-19 08:03 - 2017-04-19 12:20 - 4084624461 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E06.Cities.1080p.x264.mkv
2017-04-18 15:04 - 2017-04-18 20:25 - 4091896122 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E05.Grasslands.1080p.x264.mkv
2017-04-17 18:37 - 2017-04-17 19:11 - 579196824 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E04.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:48 - 2017-04-16 12:26 - 526065440 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E03.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:12 - 2017-04-16 11:47 - 525967822 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E02.720p.BluRay.CZ.titulky.mkv
2017-04-16 10:02 - 2017-04-16 10:38 - 527673360 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E01.720p.BluRay.CZ.titulky.mkv
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-16 10:33 - 2016-11-18 12:37 - 00000000 ____D C:\Users\Peťo\AppData\LocalLow\Mozilla
2017-05-16 10:15 - 2014-11-13 09:52 - 00003942 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{9F65086F-7083-4DD7-9A67-72C7B5FF57D1}
2017-05-16 10:14 - 2014-11-13 07:03 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job
2017-05-16 10:13 - 2009-07-14 07:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-16 10:13 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2017-05-16 10:12 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-16 10:12 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-16 10:08 - 2014-11-11 11:58 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-05-16 10:07 - 2017-03-08 18:44 - 00000000 __SHD C:\Users\Peťo\IntelGraphicsProfiles
2017-05-16 10:07 - 2014-11-13 07:03 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job
2017-05-16 10:07 - 2014-11-11 11:58 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-05-16 10:07 - 2014-06-17 07:53 - 00000000 ____D C:\ProgramData\PDFC
2017-05-16 10:07 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-16 06:12 - 2014-11-11 11:59 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 06:12 - 2014-11-11 11:59 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-16 06:06 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.001
2017-05-15 23:09 - 2016-12-31 11:40 - 00000000 ____D C:\Users\Peťo\Desktop\somariny
2017-05-15 23:02 - 2016-01-15 13:05 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\vlc
2017-05-15 21:59 - 2017-03-10 20:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-15 21:59 - 2017-03-10 20:38 - 00000000 ____D C:\Users\Peťo\Desktop\mbar
2017-05-15 21:16 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.002
2017-05-15 21:15 - 2015-11-07 20:00 - 00000000 ____D C:\AdwCleaner
2017-05-15 21:13 - 2014-06-17 07:54 - 00001912 _____ C:\windows\epplauncher.mif
2017-05-15 21:05 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.003
2017-05-15 13:36 - 2015-11-07 16:32 - 00000000 ____D C:\Program Files\trend micro
2017-05-15 12:55 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.004
2017-05-15 11:39 - 2014-12-26 11:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-15 07:54 - 2014-06-17 07:52 - 00000225 _____ C:\windows\CryptoMill_CreoService.005
2017-05-14 19:52 - 2015-01-04 18:44 - 00000000 ____D C:\ProgramData\Adobe
2017-05-14 19:52 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\Adobe
2017-05-14 09:15 - 2017-03-15 08:49 - 00003180 _____ C:\windows\System32\Tasks\HPCeeScheduleForPeťo
2017-05-14 09:15 - 2017-03-15 08:49 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPeťo.job
2017-05-12 09:13 - 2015-06-20 17:04 - 00000000 ____D C:\Users\Peťo\AppData\Local\Adobe
2017-05-11 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2017-05-11 09:51 - 2015-06-20 17:05 - 00004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 09:51 - 2015-06-20 17:04 - 00803320 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 09:51 - 2015-06-20 17:04 - 00144888 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 09:51 - 2015-06-20 17:04 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 09:31 - 2015-06-20 17:04 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-10 16:14 - 2009-07-14 06:45 - 00349856 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 16:12 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 15:43 - 2013-12-03 22:26 - 00765656 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-05-10 15:40 - 2014-12-18 07:35 - 00000000 ____D C:\windows\system32\MRT
2017-05-10 15:38 - 2014-12-18 07:35 - 156335152 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-07 06:27 - 2014-11-11 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 14:06 - 2016-11-18 09:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-30 15:11 - 2016-12-12 19:34 - 00000000 ____D C:\Users\Peťo\Desktop\vianoce
2017-04-28 12:54 - 2015-02-04 23:09 - 00003368 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae
2017-04-28 12:54 - 2015-02-04 23:09 - 00003240 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91
2017-04-26 11:41 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Local\PDFC
2017-04-21 09:52 - 2016-11-18 12:59 - 00000000 ____D C:\Users\Peťo\Desktop\FAKTURY
==================== Files in the root of some directories =======
2015-11-08 21:33 - 2015-11-08 21:33 - 0000017 _____ () C:\Users\Peťo\AppData\Local\resmon.resmoncfg
2015-10-16 10:04 - 2015-10-16 10:04 - 0000000 _____ () C:\Users\Peťo\AppData\Local\{77571600-889B-4461-80A8-A2E9C8F9FE93}
2014-06-17 07:43 - 2014-06-17 07:44 - 8884526 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-06-17 07:53 - 2014-06-17 07:53 - 1279268 _____ () C:\ProgramData\hpdam_install_log.txt
2014-06-17 07:53 - 2017-03-08 17:47 - 0698650 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2014-06-17 07:52 - 2014-06-17 07:52 - 0049150 _____ () C:\ProgramData\HPTrustCircles_Install_Log.txt
2015-01-04 17:10 - 2015-01-04 17:10 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-13 07:39
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Peťo (administrator) on HP (16-05-2017 11:06:09)
Running from C:\Users\Peťo\Downloads
Loaded Profiles: Peťo (Available Profiles: Peťo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CryptoMill Technologies Ltd.) C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Peťo\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [393320 2017-03-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CryptoMill Refresh] => C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2017-03-08] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\Run: [GoogleChromeAutoLaunch_CBF760E6948D4582CE9F91695AE24651] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {0dbe0e12-1db3-11e7-b43b-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615751-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615756-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-31] (AMD)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
ShellIconOverlayIdentifiers-x32: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-25] (CryptoMill Technologies Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-11-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5D34EF48-5425-47B2-A080-3A7048311097}: [DhcpNameServer] 192.168.88.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=CMDTDFJS
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default [2017-05-16]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\wybjuohb.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\wybjuohb.default -> google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\wybjuohb.default -> hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q=
FF Extension: (Bing Extension) - C:\Users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\wybjuohb.default\Extensions\bingsearch.full@microsoft.com [2015-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-06-17] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-29] (DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/?mkt=en-US&pc=__PARAM__
CHR Profile: C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default [2017-05-16]
CHR Extension: (Prezentácie Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabuľky Google) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (HP Client Security Manager) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Peťo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKU\S-1-5-21-315758732-1186768704-838511381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-03-29]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CreoService; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1927640 2014-03-25] (CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-04-04] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2624856 2017-03-09] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344168 2017-03-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132848 2017-03-09] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-03-09] (ESET)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\windows\System32\drivers\iaStorF.sys [28008 2013-09-21] (Intel Corporation)
R3 IceKore; C:\windows\System32\DRIVERS\IceKore.sys [411608 2013-11-14] (CryptoMill Technologies Inc.)
R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-16] (Malwarebytes)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-02-04] (WinMagic Inc.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-02-04] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-02-04] (WinMagic Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-16 11:04 - 2017-05-16 11:04 - 02429952 _____ (Farbar) C:\Users\Peťo\Downloads\FRST64 (1).exe
2017-05-16 10:41 - 2017-05-16 10:41 - 477726548 _____ C:\Users\Peťo\Downloads\Birdman.2014.m-1080p.BluRay.x264.AC3.CZ.mkv (1).crdownload
2017-05-16 07:02 - 2017-05-16 07:02 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\Google
2017-05-16 06:45 - 2017-05-16 06:46 - 00008012 _____ C:\Users\Peťo\Desktop\Nový textový dokument (7).txt
2017-05-16 06:41 - 2017-05-16 06:41 - 04669119 _____ C:\Users\Peťo\Downloads\CrystalDiskInfo6_7_5.zip
2017-05-16 06:36 - 2017-05-16 06:38 - 00001562 _____ C:\Users\Peťo\Desktop\Nový textový dokument (6).txt
2017-05-15 21:43 - 2017-05-15 21:43 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Peťo\Downloads\mbar-1.09.3.1001 (1).exe
2017-05-15 20:54 - 2017-05-15 20:55 - 04102600 _____ C:\Users\Peťo\Downloads\adwcleaner_6.046.exe
2017-05-15 13:30 - 2017-05-15 13:36 - 00000000 ____D C:\rsit
2017-05-15 13:26 - 2017-05-15 13:26 - 01329152 _____ C:\Users\Peťo\Downloads\RSITx64.exe
2017-05-15 13:11 - 2017-05-15 13:12 - 00031454 _____ C:\Users\Peťo\Downloads\Addition.txt
2017-05-15 13:09 - 2017-05-16 11:06 - 00019015 _____ C:\Users\Peťo\Downloads\FRST.txt
2017-05-15 13:04 - 2017-05-16 11:06 - 00000000 ____D C:\FRST
2017-05-15 13:03 - 2017-05-15 13:03 - 02429952 _____ (Farbar) C:\Users\Peťo\Downloads\FRST64.exe
2017-05-15 11:39 - 2017-05-15 11:39 - 00001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-15 11:39 - 2017-05-15 11:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-15 11:39 - 2017-05-09 16:37 - 00077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-05-15 11:27 - 2017-05-15 11:27 - 63035592 _____ (Malwarebytes ) C:\Users\Peťo\Downloads\mb3-setup-consumer-3.1.2.1733.exe
2017-05-15 11:24 - 2017-05-16 10:07 - 00251832 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-15 11:24 - 2017-05-15 21:44 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2017-05-15 08:36 - 2017-05-15 12:02 - 3657722094 _____ C:\Users\Peťo\Downloads\Last-Days-In-The-Desert-(2015)-Cz-Titulky-v-Obraze---Moviestyl.avi
2017-05-14 16:11 - 2017-05-14 16:36 - 449752479 _____ C:\Users\Peťo\Downloads\Legion.S01E01.HDTV.x264-FLEET.mkv
2017-05-14 12:27 - 2017-05-14 15:58 - 3709622755 _____ C:\Users\Peťo\Downloads\To.the.Wonder.2012.720p.WEB-DL.DD5.1.H.264-CtrlHD.mkv
2017-05-14 12:26 - 2017-05-14 13:50 - 1497602726 _____ C:\Users\Peťo\Downloads\Knight-of-Cups-(2015)-hdrip.sub.español.avi
2017-05-13 15:26 - 2017-05-13 16:22 - 997515136 _____ C:\Users\Peťo\Downloads\Žít-svůj-život---Vivre-sa-vie--Film-en-douze-tableaux-1962,-CZ-tit.avi
2017-05-13 12:30 - 2017-05-13 15:19 - 2964234685 _____ C:\Users\Peťo\Downloads\Easy-Rider-1969-BluRay-1080p-DD5.1-x265-D3FiL3R[PRiME][majo0007].mkv
2017-05-13 11:55 - 2017-05-13 13:33 - 1746570942 _____ C:\Users\Peťo\Downloads\Scarecrow-(1973)-eng-DVDRip.x264.-CZsub-JrK.mkv
2017-05-12 11:19 - 2017-05-12 14:21 - 3199723107 _____ C:\Users\Peťo\Downloads\Strom-života-(The-Tree-of-Life)-ENG-Dabing+CZ-Titulky-(2011)-720p-Bluray-Kvalita.mkv
2017-05-11 11:31 - 2017-05-11 12:45 - 1336577767 _____ C:\Users\Peťo\Downloads\Gravity.2013.1080p.BluRay.CZ.titulky.mkv
2017-05-11 09:31 - 2017-05-11 09:31 - 05257208 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-05-10 17:02 - 2017-05-10 17:41 - 680730760 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E04_CZ.avi
2017-05-10 15:28 - 2017-05-10 16:06 - 654115098 _____ C:\Users\Peťo\Downloads\Knick_D_b_h_S01_E03_CZ.avi
2017-05-10 15:07 - 2017-05-14 18:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (9)
2017-05-10 05:19 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 05:19 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 05:19 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 05:19 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 05:19 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 05:19 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 05:18 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-05-10 05:18 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-05-10 05:18 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-05-10 05:18 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-05-10 05:18 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-05-10 05:18 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-05-10 05:18 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-05-10 05:18 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 05:18 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-05-10 05:18 - 2017-04-28 02:14 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-05-10 05:18 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-05-10 05:18 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-05-10 05:18 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-05-10 05:18 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-05-10 05:18 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-05-10 05:18 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 05:18 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 05:18 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-05-10 05:18 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-05-10 05:18 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-05-10 05:18 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 05:18 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2017-05-10 05:18 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 05:18 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2017-05-10 05:18 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2017-05-10 05:18 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-05-10 05:18 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-05-10 05:18 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 05:18 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-05-10 05:18 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-05-10 05:18 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-05-10 05:18 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-05-10 05:18 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-05-10 05:18 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-05-10 05:18 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 05:18 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-05-10 05:18 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-05-10 05:18 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 05:18 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-05-10 05:18 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-05-10 05:18 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-05-10 05:18 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-05-10 05:18 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-05-10 05:18 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-05-10 05:18 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-05-10 05:18 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 05:18 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 05:18 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-05-10 05:18 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 05:18 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 05:18 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-05-10 05:18 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-05-10 05:18 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 05:18 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 05:18 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-05-10 05:18 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 05:18 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 05:18 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 05:18 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-05-10 05:18 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 05:18 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 05:18 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-05-10 05:18 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-05-10 05:18 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-05-10 05:18 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 05:18 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 05:18 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-05-10 05:18 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-05-10 05:18 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-05-10 05:18 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 05:18 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-05-10 05:18 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 05:18 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-05-10 05:18 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-05-10 05:18 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
2017-05-10 05:18 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
2017-05-10 05:18 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2017-05-10 05:18 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\plasrv.exe
2017-05-10 05:18 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2017-05-10 05:18 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2017-05-10 05:18 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-05-10 05:18 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-05-10 05:10 - 2017-05-10 07:27 - 2457953209 _____ C:\Users\Peťo\Downloads\The.Revenant.2015.1080p.BluRay.CZ.titulky.mkv
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\ProgramData\ESET
2017-05-09 17:03 - 2017-05-09 17:03 - 00000000 ____D C:\Program Files\ESET
2017-05-09 16:58 - 2017-05-09 16:58 - 03139200 _____ (ESET) C:\Users\Peťo\Downloads\eset_nod32_antivirus_live_installer (1).exe
2017-05-06 19:04 - 2017-05-11 08:01 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (8)
2017-04-26 11:40 - 2017-04-26 11:40 - 00243827 _____ C:\Users\Peťo\Documents\dda.pdf
2017-04-22 16:42 - 2017-05-09 21:37 - 00000000 ____D C:\Users\Peťo\Desktop\Nový priečinok (7)
2017-04-20 09:20 - 2017-04-20 10:37 - 1240357866 _____ C:\Users\Peťo\Downloads\The.Crown.S01E01.720p.WEBRip.X264-DEFLATE.mkv
2017-04-19 15:31 - 2017-04-21 10:26 - 00000000 ____D C:\Users\Peťo\Desktop\repas
2017-04-19 08:03 - 2017-04-19 12:20 - 4084624461 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E06.Cities.1080p.x264.mkv
2017-04-18 15:04 - 2017-04-18 20:25 - 4091896122 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.E05.Grasslands.1080p.x264.mkv
2017-04-17 18:37 - 2017-04-17 19:11 - 579196824 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E04.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:48 - 2017-04-16 12:26 - 526065440 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E03.720p.BluRay.CZ.titulky.mkv
2017-04-16 11:12 - 2017-04-16 11:47 - 525967822 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E02.720p.BluRay.CZ.titulky.mkv
2017-04-16 10:02 - 2017-04-16 10:38 - 527673360 _____ C:\Users\Peťo\Downloads\Planet.Earth.II.S01E01.720p.BluRay.CZ.titulky.mkv
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-16 10:33 - 2016-11-18 12:37 - 00000000 ____D C:\Users\Peťo\AppData\LocalLow\Mozilla
2017-05-16 10:15 - 2014-11-13 09:52 - 00003942 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{9F65086F-7083-4DD7-9A67-72C7B5FF57D1}
2017-05-16 10:14 - 2014-11-13 07:03 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job
2017-05-16 10:13 - 2009-07-14 07:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-16 10:13 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2017-05-16 10:12 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-16 10:12 - 2009-07-14 06:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-16 10:08 - 2014-11-11 11:58 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-05-16 10:07 - 2017-03-08 18:44 - 00000000 __SHD C:\Users\Peťo\IntelGraphicsProfiles
2017-05-16 10:07 - 2014-11-13 07:03 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job
2017-05-16 10:07 - 2014-11-11 11:58 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-05-16 10:07 - 2014-06-17 07:53 - 00000000 ____D C:\ProgramData\PDFC
2017-05-16 10:07 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-16 06:12 - 2014-11-11 11:59 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 06:12 - 2014-11-11 11:59 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-16 06:06 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.001
2017-05-15 23:09 - 2016-12-31 11:40 - 00000000 ____D C:\Users\Peťo\Desktop\somariny
2017-05-15 23:02 - 2016-01-15 13:05 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\vlc
2017-05-15 21:59 - 2017-03-10 20:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-15 21:59 - 2017-03-10 20:38 - 00000000 ____D C:\Users\Peťo\Desktop\mbar
2017-05-15 21:16 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.002
2017-05-15 21:15 - 2015-11-07 20:00 - 00000000 ____D C:\AdwCleaner
2017-05-15 21:13 - 2014-06-17 07:54 - 00001912 _____ C:\windows\epplauncher.mif
2017-05-15 21:05 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.003
2017-05-15 13:36 - 2015-11-07 16:32 - 00000000 ____D C:\Program Files\trend micro
2017-05-15 12:55 - 2015-11-08 22:24 - 00000225 _____ C:\windows\CryptoMill_CreoService.004
2017-05-15 11:39 - 2014-12-26 11:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-15 07:54 - 2014-06-17 07:52 - 00000225 _____ C:\windows\CryptoMill_CreoService.005
2017-05-14 19:52 - 2015-01-04 18:44 - 00000000 ____D C:\ProgramData\Adobe
2017-05-14 19:52 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Roaming\Adobe
2017-05-14 09:15 - 2017-03-15 08:49 - 00003180 _____ C:\windows\System32\Tasks\HPCeeScheduleForPeťo
2017-05-14 09:15 - 2017-03-15 08:49 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPeťo.job
2017-05-12 09:13 - 2015-06-20 17:04 - 00000000 ____D C:\Users\Peťo\AppData\Local\Adobe
2017-05-11 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2017-05-11 09:51 - 2015-06-20 17:05 - 00004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 09:51 - 2015-06-20 17:04 - 00803320 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 09:51 - 2015-06-20 17:04 - 00144888 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 09:51 - 2015-06-20 17:04 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 09:31 - 2015-06-20 17:04 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-10 16:14 - 2009-07-14 06:45 - 00349856 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 16:12 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 15:43 - 2013-12-03 22:26 - 00765656 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-05-10 15:40 - 2014-12-18 07:35 - 00000000 ____D C:\windows\system32\MRT
2017-05-10 15:38 - 2014-12-18 07:35 - 156335152 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-07 06:27 - 2014-11-11 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 14:06 - 2016-11-18 09:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-30 15:11 - 2016-12-12 19:34 - 00000000 ____D C:\Users\Peťo\Desktop\vianoce
2017-04-28 12:54 - 2015-02-04 23:09 - 00003368 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae
2017-04-28 12:54 - 2015-02-04 23:09 - 00003240 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91
2017-04-26 11:41 - 2014-11-11 11:52 - 00000000 ____D C:\Users\Peťo\AppData\Local\PDFC
2017-04-21 09:52 - 2016-11-18 12:59 - 00000000 ____D C:\Users\Peťo\Desktop\FAKTURY
==================== Files in the root of some directories =======
2015-11-08 21:33 - 2015-11-08 21:33 - 0000017 _____ () C:\Users\Peťo\AppData\Local\resmon.resmoncfg
2015-10-16 10:04 - 2015-10-16 10:04 - 0000000 _____ () C:\Users\Peťo\AppData\Local\{77571600-889B-4461-80A8-A2E9C8F9FE93}
2014-06-17 07:43 - 2014-06-17 07:44 - 8884526 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-06-17 07:53 - 2014-06-17 07:53 - 1279268 _____ () C:\ProgramData\hpdam_install_log.txt
2014-06-17 07:53 - 2017-03-08 17:47 - 0698650 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2014-06-17 07:52 - 2014-06-17 07:52 - 0049150 _____ () C:\ProgramData\HPTrustCircles_Install_Log.txt
2015-01-04 17:10 - 2015-01-04 17:10 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-13 07:39
==================== End of FRST.txt ============================
Re: Prosím o kontrolu logu
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Peťo (16-05-2017 11:07:41)
Running from C:\Users\Peťo\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-11 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-315758732-1186768704-838511381-500 - Administrator - Disabled)
Guest (S-1-5-21-315758732-1186768704-838511381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-315758732-1186768704-838511381-1003 - Limited - Enabled)
Peťo (S-1-5-21-315758732-1186768704-838511381-1002 - Administrator - Enabled) => C:\Users\Peťo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{00DEA78C-D2CA-635C-D0FD-96B9F895116A}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET NOD32 Antivirus (HKLM\...\{BCD5814C-7C82-47BA-B791-312D5BAB4006}) (Version: 10.1.204.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.4.1811 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9FE8AC0F-4A69-4418-AD2F-8CB34CE3259B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.7.27 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{23544215-E6E6-448B-B6E9-6268D5B3E74D}) (Version: 3.5.0.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{7561C06A-7797-4462-A7C3-86F45AE901CF}) (Version: 8.7.4 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.14.41 - HP Inc.)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{37E3A1F1-0034-4851-8FAD-9452C9EB8390}) (Version: 12.6.14.19 - HP Inc.)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Trust Circles (HKLM-x32\...\HP Trust Circles) (Version: 8.3.12.18693 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4280 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Malwarebytes verzia 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 sk)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.74.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-315758732-1186768704-838511381-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {379CC7CD-C335-4E53-8DD5-18D201DEDE38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {3A240BBE-6DD8-41A2-82FD-9DC45B521210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {72F24B90-E781-4803-8F7E-A97F5DF7FFF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7AAE3A65-888C-4162-BE69-739A6D7EDD92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {7B89473E-5D07-4C96-80AF-7F464B9733B2} - System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {830FA163-E175-4DF1-AE6F-E41EB4C5257D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {852AB1A3-5393-42A4-BF12-E349A6492202} - System32\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9825A738-E545-493F-929D-693E235B5471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {B46F90CC-39DA-4132-8268-CAA884E4DA80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {B874510E-A349-49E9-BF04-BE96FFE541BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {D29453EA-C59B-43C0-8AB9-9D28B47C9ECD} - System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8AA2E3A-7588-4A82-B772-1EE502AB9E31} - System32\Tasks\HPCeeScheduleForPeťo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {DAECB8A0-57D6-489D-9798-5F2A5DF0853A} - System32\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DFF7917D-EF90-4646-A093-E7983E1ACE9E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {F2B4BAA5-CA68-47E8-9A1F-E8334C67C362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForPeťo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Box offer for HP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_*&pf=cmdt&s=Box_50GB&tp=dticon
==================== Loaded Modules (Whitelisted) ==============
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2016-11-25 08:16 - 2016-11-25 08:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2014-11-11 22:14 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-06-26 15:52 - 2014-06-26 15:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2014-06-17 07:50 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 00:48 - 2013-08-06 00:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Peťo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5411DCE-58AE-4348-B830-B661C6B7F791}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65F6ED9E-08A9-42EA-A552-A0D82678F885}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EFF0497C-9D1A-496D-9C6B-A8E6A9E20D3D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{47CE2F85-94F2-4168-89BE-37567214DA69}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6FFB97AB-20CF-4FDF-B5AB-B4A46241E538}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EBC6FA5F-195A-46DA-AA4C-0560CFBB2B9B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C749EB7F-AFA9-4CD6-ACF5-1469F7FBC29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E8B8A520-6EE0-499F-B0E1-3FCF8960C5FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D6A505B-B04E-4790-8AE2-C45CAF50A338}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C1C4620-FD04-4ED6-ADC0-996BEBDB4ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4955658-A1AE-46F3-A8E7-EBCF46FDE133}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74BD05DC-8E3E-4B9D-AF63-93941485DD54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8E676F7-5EFA-45DD-A9A3-E82E92E71F64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{90FE3CDD-68F9-421B-9734-7C3A7CA89215}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0BF74D82-A463-49A1-A29C-D5C0A411D584}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{F5FB05A9-BD65-4FDD-8D8A-5DC18BEE6AD4}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [{80762143-9604-4FC3-B9D1-CD8062EDFF99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65E2518C-E381-4E05-BF42-CE64783A61CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BEB075E2-BBA8-4DA4-9175-857A2CB04412}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C1E1A8BE-7938-4D63-B515-7A4BEC634F8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFDC3A3B-FCC2-4FBD-AA8A-BB9F014FAFDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6869EC5-941A-4579-BDC5-1172BD9C83BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B57ECA07-4E78-46FF-869E-C5C5C2688902}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4832EB03-A7CB-407B-9ECC-7FCCBB6656A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-05-2017 08:34:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2017 10:13:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 10:13:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 07:06:59 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (05/16/2017 06:16:56 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Object reference not set to an instance of an object.
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (05/16/2017 06:13:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 06:13:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:21:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:21:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:10:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:10:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Support Solutions Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Device Access Manager Usage Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Document Manager sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
CodeIntegrity:
===================================
Date: 2017-04-17 09:01:08.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.870
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 50%
Total physical RAM: 4024.17 MB
Available physical RAM: 1984.77 MB
Total Virtual: 8046.52 MB
Available Virtual: 5569.09 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:918.97 GB) (Free:777.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.44 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3AE8120)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Peťo (16-05-2017 11:07:41)
Running from C:\Users\Peťo\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-11 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-315758732-1186768704-838511381-500 - Administrator - Disabled)
Guest (S-1-5-21-315758732-1186768704-838511381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-315758732-1186768704-838511381-1003 - Limited - Enabled)
Peťo (S-1-5-21-315758732-1186768704-838511381-1002 - Administrator - Enabled) => C:\Users\Peťo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{00DEA78C-D2CA-635C-D0FD-96B9F895116A}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET NOD32 Antivirus (HKLM\...\{BCD5814C-7C82-47BA-B791-312D5BAB4006}) (Version: 10.1.204.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.4.1811 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9FE8AC0F-4A69-4418-AD2F-8CB34CE3259B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.7.27 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{23544215-E6E6-448B-B6E9-6268D5B3E74D}) (Version: 3.5.0.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{7561C06A-7797-4462-A7C3-86F45AE901CF}) (Version: 8.7.4 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.14.41 - HP Inc.)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{37E3A1F1-0034-4851-8FAD-9452C9EB8390}) (Version: 12.6.14.19 - HP Inc.)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Trust Circles (HKLM-x32\...\HP Trust Circles) (Version: 8.3.12.18693 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4280 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Malwarebytes verzia 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 sk)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.74.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-315758732-1186768704-838511381-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {379CC7CD-C335-4E53-8DD5-18D201DEDE38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {3A240BBE-6DD8-41A2-82FD-9DC45B521210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {72F24B90-E781-4803-8F7E-A97F5DF7FFF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7AAE3A65-888C-4162-BE69-739A6D7EDD92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {7B89473E-5D07-4C96-80AF-7F464B9733B2} - System32\Tasks\GoogleUpdateTaskMachineUA1d040bee0d766ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {830FA163-E175-4DF1-AE6F-E41EB4C5257D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {852AB1A3-5393-42A4-BF12-E349A6492202} - System32\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9825A738-E545-493F-929D-693E235B5471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {B46F90CC-39DA-4132-8268-CAA884E4DA80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {B874510E-A349-49E9-BF04-BE96FFE541BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {D29453EA-C59B-43C0-8AB9-9D28B47C9ECD} - System32\Tasks\GoogleUpdateTaskMachineCore1d040bee0413f91 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8AA2E3A-7588-4A82-B772-1EE502AB9E31} - System32\Tasks\HPCeeScheduleForPeťo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {DAECB8A0-57D6-489D-9798-5F2A5DF0853A} - System32\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DFF7917D-EF90-4646-A093-E7983E1ACE9E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {F2B4BAA5-CA68-47E8-9A1F-E8334C67C362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForPeťo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Box offer for HP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_*&pf=cmdt&s=Box_50GB&tp=dticon
==================== Loaded Modules (Whitelisted) ==============
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2016-11-25 08:16 - 2016-11-25 08:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2014-11-11 22:14 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-06-26 15:52 - 2014-06-26 15:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2014-06-17 07:50 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 00:48 - 2013-08-06 00:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-315758732-1186768704-838511381-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Peťo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5411DCE-58AE-4348-B830-B661C6B7F791}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65F6ED9E-08A9-42EA-A552-A0D82678F885}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EFF0497C-9D1A-496D-9C6B-A8E6A9E20D3D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{47CE2F85-94F2-4168-89BE-37567214DA69}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6FFB97AB-20CF-4FDF-B5AB-B4A46241E538}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EBC6FA5F-195A-46DA-AA4C-0560CFBB2B9B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C749EB7F-AFA9-4CD6-ACF5-1469F7FBC29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E8B8A520-6EE0-499F-B0E1-3FCF8960C5FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D6A505B-B04E-4790-8AE2-C45CAF50A338}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C1C4620-FD04-4ED6-ADC0-996BEBDB4ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4955658-A1AE-46F3-A8E7-EBCF46FDE133}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{74BD05DC-8E3E-4B9D-AF63-93941485DD54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8E676F7-5EFA-45DD-A9A3-E82E92E71F64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{90FE3CDD-68F9-421B-9734-7C3A7CA89215}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0BF74D82-A463-49A1-A29C-D5C0A411D584}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{F5FB05A9-BD65-4FDD-8D8A-5DC18BEE6AD4}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [{80762143-9604-4FC3-B9D1-CD8062EDFF99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65E2518C-E381-4E05-BF42-CE64783A61CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BEB075E2-BBA8-4DA4-9175-857A2CB04412}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C1E1A8BE-7938-4D63-B515-7A4BEC634F8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFDC3A3B-FCC2-4FBD-AA8A-BB9F014FAFDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6869EC5-941A-4579-BDC5-1172BD9C83BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B57ECA07-4E78-46FF-869E-C5C5C2688902}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4832EB03-A7CB-407B-9ECC-7FCCBB6656A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-05-2017 08:34:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2017 10:13:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 10:13:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 07:06:59 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (05/16/2017 06:16:56 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Object reference not set to an instance of an object.
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
at HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (05/16/2017 06:13:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/16/2017 06:13:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:21:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:21:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:10:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (05/15/2017 09:10:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Support Solutions Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Device Access Manager Usage Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Document Manager sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/15/2017 09:15:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
CodeIntegrity:
===================================
Date: 2017-04-17 09:01:08.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:08.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod6F85.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:07.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.870
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-17 09:01:06.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod2AD6.dll.nup.raw because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 50%
Total physical RAM: 4024.17 MB
Available physical RAM: 1984.77 MB
Total Virtual: 8046.52 MB
Available Virtual: 5569.09 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:918.97 GB) (Free:777.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.44 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3AE8120)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu logu
Pokud si hodlate ESET ponechat, trvale vypnete Windows Defender, protoze je zbytecne mit dva antispywarove stity http://windows.microsoft.com/cs-cz/wind ... =windows-7AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Procistime jeste i prohlizece - smazeme historii, aktivni prihlaseni, cache apod.- Znovu spustte FRST.exe/FRST64.exe
- stisknete Ctrl + y (obe klavesy zaroven)
- otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
- stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
- kliknete na tlacitko Fix
- po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: HKLM\...\Run: [] => [X] Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {0dbe0e12-1db3-11e7-b43b-a0d3c14032ca} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615751-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-315758732-1186768704-838511381-1002\...\MountPoints2: {e0615756-54e8-11e6-aa1d-a0d3c14032ca} - J:\HiSuiteDownLoader.exe CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 2017-05-16 06:41 - 2017-05-16 06:41 - 04669119 _____ C:\Users\Peťo\Downloads\CrystalDiskInfo6_7_5.zip 2017-05-15 21:43 - 2017-05-15 21:43 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Peťo\Downloads\mbar-1.09.3.1001 (1).exe 2017-05-15 20:54 - 2017-05-15 20:55 - 04102600 _____ C:\Users\Peťo\Downloads\adwcleaner_6.046.exe 2017-05-15 13:30 - 2017-05-15 13:36 - 00000000 ____D C:\rsit 2017-05-15 13:26 - 2017-05-15 13:26 - 01329152 _____ C:\Users\Peťo\Downloads\RSITx64.exe 2017-05-15 13:11 - 2017-05-15 13:12 - 00031454 _____ C:\Users\Peťo\Downloads\Addition.txt 2017-05-15 13:09 - 2017-05-16 11:06 - 00019015 _____ C:\Users\Peťo\Downloads\FRST.txt Task: {B46F90CC-39DA-4132-8268-CAA884E4DA80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffeff3732ce5a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffeff37d4abed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?