Nakažení počítače Malwarem? Firefox se chová nestandardně.

[Spawnik]

Zdravím, po nějaké době jsem tady tedy na preventivku prosím tedy o kontrolu; log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří at 2017-07-18 22:46:23
Microsoft Windows 8.1
System drive C: has 44 GB (52%) free of 85 GB
Total RAM: 6030 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:26, on 18. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
O4 - HKUS\S-1-5-21-1196467569-3603037678-3961814420-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10840 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"

"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9a0cd3f3-5ec4-4000-8cf0-13a1f2a54a8d -SystemEventPortName:HostProcess-462b7c26-67b0-4b85-a00b-8b6cf791b743 -IoCancelEventPortName:HostProcess-74c723de-086e-43fc-83f4-23238c4c3185 -NonStateChangingEventPortName:HostProcess-b4042c21-634f-46c3-af7e-bc21b763d1cc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:348d6450-83fc-4060-bc5e-fad798ca6c95 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\WINDOWS\system32\WLANExt.exe 744818134400
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
dashost.exe {405888b2-4a7a-4ffd-ac5896af10a8b26b}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
taskhostex.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f056c32d-7a92-42a5-a36e-6ac185584d7e -SystemEventPortName:HostProcess-13683e6a-50a2-4485-ab6b-b2e4ff2c51e9 -IoCancelEventPortName:HostProcess-7ef04794-73e2-4174-af01-5ff987af5d3f -NonStateChangingEventPortName:HostProcess-4fcc1995-50a5-47d9-9d15-a81e55bd5eba -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0589b7b-fb66-4b9c-a8b7-9dcdb47bcf32 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3196.0.760211041\1093900897" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3196 "\\.\pipe\gecko-crash-server-pipe.3196" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3196.2.91840806\130251626" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|48:0|50:400|51:1|52:0|53:0|58:0|59:120|60:120|133:2|134:1|147:5000|157:0|159:0|170:10000|182:-1|187:128|188:10000|189:0|195:24|196:32768|198:0|199:0|207:5|211:1048576|212:100|213:5000|215:600|217:1|226:1|231:0|241:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|39:1|40:0|41:1|42:1|45:0|46:0|47:0|49:0|54:1|55:1|56:0|57:1|61:1|62:1|63:0|64:1|65:1|66:0|67:1|70:0|71:0|74:1|75:1|79:1|80:1|81:0|82:0|84:0|85:0|86:1|87:0|90:0|91:1|92:1|93:1|94:1|95:1|96:0|97:0|98:1|99:0|100:0|101:0|102:1|103:1|104:0|105:1|106:1|107:0|108:0|109:1|110:1|111:1|112:0|113:1|114:1|115:1|116:1|117:1|118:1|119:1|120:1|122:0|123:0|124:0|125:1|126:0|127:1|131:1|132:1|135:1|136:0|141:0|146:0|149:1|152:1|154:1|158:0|161:1|164:1|165:1|171:0|172:0|173:1|175:0|181:0|183:1|184:0|185:0|186:0|193:0|194:0|197:1|200:0|202:0|204:1|205:0|210:0|214:1|219:0|220:0|221:0|222:1|224:1|225:1|228:0|233:0|234:0|235:1|236:1|237:0|238:1|239:1|240:0|242:0|243:0|245:0|253:1|254:1|255:0|256:0|257:0| -stringPrefs "3:7;release|174:3;1.0|191:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|192:8;moderate|227:38;{025b4720-ebbd-4895-b9ad-092c09980152}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3196 "\\.\pipe\gecko-crash-server-pipe.3196" tab
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

taskeng.exe {449119BC-7198-421C-8B26-7829F9679678}

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"F:\Stáhnuté\RSITx64(1).exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034

prefs.js - "browser.startup.homepage" - "google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-05-16 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-05-16 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-05-16 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-05-16 1744176]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-05-30 13550152]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-05-20 1308232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
"SafeQClient"=C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [2015-12-10 493568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-07-12 20:47:15 ----D---- C:\Users\jirka_000\AppData\Roaming\Firestorm_x64
2017-07-12 15:05:35 ----D---- C:\Users\jirka_000\AppData\Roaming\SecondLife
2017-07-12 08:03:01 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-07-12 08:03:00 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-07-12 08:02:59 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-07-12 08:02:57 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-07-12 08:02:57 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-07-12 08:02:57 ----A---- C:\WINDOWS\system32\win32k.sys
2017-07-12 08:02:57 ----A---- C:\WINDOWS\system32\tquery.dll
2017-07-12 08:02:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-07-12 08:02:56 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2017-07-12 08:02:56 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-07-12 08:02:56 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-07-12 08:02:56 ----A---- C:\WINDOWS\system32\msxml3.dll
2017-07-12 08:02:56 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-07-12 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-07-12 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-07-12 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-07-12 08:02:55 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 08:02:55 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-07-12 08:02:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-07-12 08:02:54 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-07-12 08:02:54 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-07-12 08:02:54 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-07-12 08:02:54 ----A---- C:\WINDOWS\system32\winresume.exe
2017-07-12 08:02:54 ----A---- C:\WINDOWS\system32\winload.exe
2017-07-12 08:02:54 ----A---- C:\WINDOWS\system32\drivers\http.sys
2017-07-12 08:02:54 ----A---- C:\WINDOWS\system32\certutil.exe
2017-07-12 08:02:54 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-07-12 08:02:53 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2017-07-12 08:02:53 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2017-07-12 08:02:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-07-12 08:02:53 ----A---- C:\WINDOWS\system32\uReFS.dll
2017-07-12 08:02:53 ----A---- C:\WINDOWS\system32\untfs.dll
2017-07-12 08:02:53 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\smbwmiv2.dll
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-07-12 08:02:52 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-07-12 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\uudf.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\ifsutil.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\wvc.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\WSDApi.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\wininet.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\uudf.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\msinfo32.exe
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\ifsutil.dll
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-07-12 08:02:51 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2017-07-12 08:02:50 ----AC---- C:\WINDOWS\system32\drivers\stornvme.sys
2017-07-12 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2017-07-12 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-07-12 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\wdc.dll
2017-07-12 08:02:50 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-07-12 08:02:50 ----A---- C:\WINDOWS\system32\wdc.dll
2017-07-12 08:02:50 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-07-12 08:02:50 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-07-12 08:02:50 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-07-12 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\ulib.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\ufat.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\uexfat.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\ulib.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\ufat.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\uexfat.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\sscore.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\jscript.dll
2017-07-12 08:02:49 ----A---- C:\WINDOWS\system32\cnvfat.dll
2017-07-12 08:02:48 ----AC---- C:\WINDOWS\system32\drivers\bthpan.sys
2017-07-12 08:02:47 ----A---- C:\WINDOWS\SYSWOW64\wvc.dll
2017-07-12 08:02:47 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-07-12 08:02:47 ----A---- C:\WINDOWS\SYSWOW64\cnvfat.dll
2017-07-12 08:02:47 ----A---- C:\WINDOWS\system32\snmptrap.exe
2017-07-12 08:02:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-07-12 08:02:46 ----A---- C:\WINDOWS\system32\convert.exe
2017-07-12 08:02:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-07-12 08:02:45 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-07-12 08:02:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-07-12 08:02:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\invagent.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\devinv.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\centel.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\aepic.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-07-12 07:56:14 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-07-01 12:31:01 ----D---- C:\Users\jirka_000\AppData\Roaming\Google
2017-06-27 21:31:08 ----A---- C:\WINDOWS\system32\drivers\ESETCleanersDriver.sys

======List of files/folders modified in the last 1 month======

2017-07-18 22:46:25 ----D---- C:\Program Files\trend micro
2017-07-18 22:46:18 ----D---- C:\WINDOWS\Prefetch
2017-07-18 22:46:04 ----D---- C:\WINDOWS\Temp
2017-07-18 22:45:17 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-07-18 22:44:10 ----D---- C:\AdwCleaner
2017-07-18 22:23:06 ----D---- C:\WINDOWS\System32
2017-07-18 22:23:06 ----D---- C:\WINDOWS\Inf
2017-07-18 22:23:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-18 22:19:24 ----D---- C:\WINDOWS\system32\config
2017-07-18 07:03:09 ----D---- C:\WINDOWS\Microsoft.NET
2017-07-18 07:02:00 ----D---- C:\WINDOWS\system32\sru
2017-07-16 11:28:09 ----D---- C:\WINDOWS\system32\DriverStore
2017-07-16 11:28:09 ----D---- C:\WINDOWS\system32\drivers
2017-07-16 10:35:16 ----D---- C:\WINDOWS\AppReadiness
2017-07-15 23:50:09 ----SHD---- C:\System Volume Information
2017-07-14 23:42:05 ----D---- C:\WINDOWS\system32\NDF
2017-07-14 00:07:16 ----D---- C:\Users\jirka_000\AppData\Roaming\TS3Client
2017-07-13 09:17:19 ----D---- C:\WINDOWS\rescache
2017-07-13 08:56:59 ----D---- C:\WINDOWS\WinSxS
2017-07-13 08:56:21 ----D---- C:\WINDOWS\system32\catroot2
2017-07-13 08:55:45 ----RSD---- C:\WINDOWS\assembly
2017-07-13 07:21:41 ----D---- C:\WINDOWS\SysWOW64
2017-07-13 07:21:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 07:21:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-07-13 01:22:14 ----D---- C:\WINDOWS\system32\wbem
2017-07-13 01:22:14 ----D---- C:\WINDOWS\system32\drivers\en-US
2017-07-13 01:22:14 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2017-07-13 01:22:14 ----D---- C:\WINDOWS\system32\appraiser
2017-07-12 14:53:50 ----SHD---- C:\WINDOWS\Installer
2017-07-12 14:53:50 ----SHD---- C:\Config.Msi
2017-07-12 08:14:16 ----D---- C:\WINDOWS\system32\MRT
2017-07-12 08:12:43 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-07-12 08:12:41 ----D---- C:\WINDOWS\CbsTemp
2017-07-11 12:39:07 ----D---- C:\WINDOWS\system32\Macromed
2017-07-11 12:39:03 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-07-01 18:11:55 ----D---- C:\WINDOWS\system32\Tasks
2017-07-01 18:11:55 ----D---- C:\Program Files (x86)\ASUS
2017-07-01 18:09:30 ----SD---- C:\Users\jirka_000\AppData\Roaming\Microsoft
2017-06-30 02:27:57 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-06-20 06:45:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-06-20 06:44:06 ----D---- C:\Program Files\Microsoft Office 15

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-04-21 47048]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-05-04 132848]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-05-04 178056]
R1 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2017-05-04 77224]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2017-05-09 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem21.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-12-12 70928]
R3 bcbtums;@oem10.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-08-08 170712]
R3 BCM43XX;@oem5.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2014-04-18 8462000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 btwampfl;@oem10.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-09-05 166104]
R3 btwaudio;@oem6.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-10-10 189144]
R3 btwavdt;@oem7.inf,%btwavdt.SVCDESC%;Bluetooth AVDT Service; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-10-10 230104]
R3 btwl2cap;@oem9.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-10-10 38616]
R3 HIDSwitch;@oem12.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-06-04 3441992]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-01-09 342528]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem13.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-04-21 11141056]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-05-09 167424]
R3 RSBASTOR;@oem3.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2017-05-09 38912]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2017-05-04 14880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-05-09 1201664]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 ESETCleanersDriver;ESET Cleaner Service; \??\C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [2017-06-27 181160]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-10-25 976600]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-03-14 3042544]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-04-26 2625368]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-07-08 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 BcmBtRSupport;@oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-08-08 2252504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-09 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11 272384]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-09 153168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S4 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]

-----------------EOF-----------------

[Spawnik]

Haló? Je tu někdo? Týden bez odpovědi... Prosím vás jen o tu kontrolu, abychom to mohli uzavřít.

[altrok]

Ahoj, protoze mas problem s prohlizecem, poprosim Te o vlozeni logu FRST.txt a Addition.txt - https://forum.viry.cz/viewtopic.php?f=13&t=133100
(RSIT ve verzi 1.10 tohle nekontroluje)

[Spawnik]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017
Ran by Jiří (administrator) on ASUS-JIRI (31-07-2017 12:02:39)
Running from C:\Users\jirka_000\Desktop
Loaded Profiles: UpdatusUser & Jiří (Available Profiles: UpdatusUser & Jiří & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\jirka_000\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\...\MountPoints2: {cce006fc-69b2-11e7-bea8-28e34790ccbf} - "G:\HiSuiteDownLoader.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5EFA3769-2DB6-4C64-815E-0D5EE1A076CF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DB786FDF-B608-4C94-8815-E997EED3A5A4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1196467569-3603037678-3961814420-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1196467569-3603037678-3961814420-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-05-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-05-16] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-05-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 536m0f01.default-1497612207034
FF ProfilePath: C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 [2017-07-31]
FF Homepage: Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 -> google.com
FF Session Restore: Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 -> is enabled.
FF Extension: (Classic Theme Restorer) - C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-07-09]
FF Extension: (Adblock Plus) - C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default [2017-07-31]
CHR Extension: (Dokumenty Google) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-25]
CHR Extension: (Disk Google) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-25]
CHR Extension: (YouTube) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-25]
CHR Extension: (AdBlock) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-25]
CHR Extension: (Gmail) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-16]
CHR Extension: (Abstract Blue) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2017-07-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2625368 2017-04-26] (ESET)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-09] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8462000 2014-04-18] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-05-04] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-05-04] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [77224 2017-05-04] (ESET)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-06-27] (ESET)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-05-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-05-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-05-09] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-31 12:02 - 2017-07-31 12:02 - 000015643 _____ C:\Users\jirka_000\Desktop\FRST.txt
2017-07-31 12:02 - 2017-07-31 12:02 - 000000000 ____D C:\FRST
2017-07-31 12:00 - 2017-07-31 12:00 - 000112640 _____ (forum.viry.cz) C:\Users\jirka_000\Desktop\FRSTLauncher.exe
2017-07-31 11:58 - 2017-07-31 11:58 - 002381312 _____ (Farbar) C:\Users\jirka_000\Desktop\FRST64.exe
2017-07-28 14:39 - 2017-07-28 14:39 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2017-07-26 18:26 - 2017-07-29 07:48 - 000000000 ____D C:\Program Files\Core Temp
2017-07-18 22:22 - 2017-07-18 22:22 - 000000973 _____ C:\Users\jirka_000\Desktop\Diplomka – zástupce.lnk
2017-07-12 20:47 - 2017-07-26 22:21 - 000000000 ____D C:\Users\jirka_000\AppData\Local\FirestormOS_x64
2017-07-12 20:47 - 2017-07-12 20:49 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Firestorm_x64
2017-07-12 20:46 - 2017-07-12 20:46 - 000000750 _____ C:\Users\Public\Desktop\FirestormOS-Releasex64.lnk
2017-07-12 15:05 - 2017-07-12 20:48 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\SecondLife
2017-07-12 08:03 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 08:03 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 08:02 - 2017-07-06 10:52 - 000119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 08:02 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 08:02 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-12 08:02 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 08:02 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 08:02 - 2017-06-29 07:17 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-12 08:02 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-12 08:02 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 08:02 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 08:02 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 08:02 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 08:02 - 2017-06-29 06:51 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-12 08:02 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 08:02 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 08:02 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 08:02 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-12 08:02 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 08:02 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 08:02 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-12 08:02 - 2017-06-27 16:29 - 007796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 08:02 - 2017-06-27 16:29 - 007077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-12 08:02 - 2017-06-27 16:26 - 005274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-12 08:02 - 2017-06-27 16:26 - 005268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 08:02 - 2017-06-22 16:22 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-12 08:02 - 2017-06-17 18:45 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 08:02 - 2017-06-17 18:34 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 08:02 - 2017-06-17 18:11 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 08:02 - 2017-06-17 18:05 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 08:02 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 08:02 - 2017-06-15 15:45 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 08:02 - 2017-06-15 15:45 - 001534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 08:02 - 2017-06-15 15:45 - 001370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 08:02 - 2017-06-12 02:06 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 08:02 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-12 08:02 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 08:02 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 08:02 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 08:02 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 08:02 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-12 08:02 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 08:02 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 08:02 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 08:02 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 08:02 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 08:02 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 08:02 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 08:02 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 08:02 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 08:02 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 08:02 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-12 08:02 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 08:02 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 08:02 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 08:02 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 08:02 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 08:02 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 08:02 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 08:02 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 08:02 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 08:02 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 08:02 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 08:02 - 2017-05-16 00:09 - 000057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 08:02 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-12 08:02 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-12 08:02 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-12 08:02 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-12 08:02 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 08:02 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-12 08:02 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-12 08:02 - 2017-05-09 16:12 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 08:02 - 2017-05-06 18:45 - 001114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-12 08:02 - 2017-05-06 18:41 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-12 08:02 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-12 08:02 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-12 08:02 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-12 08:02 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-12 08:02 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-12 08:02 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-12 08:02 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-12 08:02 - 2017-04-30 18:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-12 08:02 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 08:02 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 07:56 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 07:56 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-01 12:31 - 2017-07-01 12:31 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-31 10:15 - 2017-05-09 13:43 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1196467569-3603037678-3961814420-1002
2017-07-31 08:16 - 2016-11-21 00:04 - 000000000 ____D C:\Users\jirka_000\AppData\LocalLow\Mozilla
2017-07-31 00:34 - 2017-05-09 14:46 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\TS3Client
2017-07-30 08:06 - 2017-05-08 16:00 - 000000061 _____ C:\Users\jirka_000\AppData\Roaming\sp_data.sys
2017-07-29 20:21 - 2017-05-09 14:42 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-07-28 20:51 - 2014-11-21 06:53 - 001748728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-28 20:51 - 2014-11-21 06:10 - 000740822 _____ C:\WINDOWS\system32\perfh005.dat
2017-07-28 20:51 - 2014-11-21 06:10 - 000151948 _____ C:\WINDOWS\system32\perfc005.dat
2017-07-28 20:51 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-07-27 15:45 - 2017-05-31 10:26 - 000000000 ____D C:\AdwCleaner
2017-07-21 02:09 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-21 02:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-18 22:46 - 2017-05-31 11:34 - 000000000 ____D C:\Program Files\trend micro
2017-07-18 22:43 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-16 03:18 - 2017-05-09 12:40 - 000000000 ____D C:\Users\jirka_000
2017-07-14 23:42 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-07-14 23:28 - 2017-05-09 12:40 - 000000000 ____D C:\Users\UpdatusUser
2017-07-13 09:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-07-13 07:21 - 2017-05-08 20:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 07:21 - 2017-05-08 20:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 07:21 - 2013-08-22 16:44 - 000483608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 01:22 - 2017-05-12 01:40 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 14:53 - 2017-05-15 08:40 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 08:14 - 2017-05-08 19:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 08:12 - 2017-05-08 19:45 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 08:12 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-11 12:39 - 2017-05-09 15:35 - 000004408 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-11 12:39 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-11 12:39 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-07-01 18:11 - 2013-05-01 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-07-01 18:11 - 2013-05-01 13:16 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-07-01 18:09 - 2017-06-30 14:41 - 000000000 ____D C:\Users\jirka_000\AppData\Local\Facebook

==================== Files in the root of some directories =======

2017-06-08 08:37 - 2017-06-08 08:37 - 000000021 _____ () C:\Users\jirka_000\AppData\Roaming\my_intel.sys
2017-05-08 16:00 - 2017-07-30 08:06 - 000000061 _____ () C:\Users\jirka_000\AppData\Roaming\sp_data.sys
2013-05-01 13:15 - 2012-09-07 13:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
2017-07-29 20:22 - 2017-07-29 20:22 - 015301888 _____ (Microsoft Corporation) C:\Users\jirka_000\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-24 10:17

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS SSD) (Fixed) (Total:83.25 GB) (Free:39.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA SSD) (Fixed) (Total:118.77 GB) (Free:91.48 GB) NTFS
Drive e: (DATA (OS původní)) (Fixed) (Total:279.01 GB) (Free:226.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (DATA HDD) (Fixed) (Total:398.07 GB) (Free:41.52 GB) NTFS

Available physical RAM: 3849.92 MB
Total physical RAM: 6029.62 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 223.6 GB) (Disk ID: 3EA4E8B4)
Disk: 1 (Size: 698.6 GB) (Disk ID: 038C3AB6)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jirka_000\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

Podle logu je cisto. Pozorujes na PC nejake nestandardni chovani?

[Spawnik]

Zpomalený flash v prohlížeči. A občas při hraní World of Tanks se mi hra zničehonic sama zavře. Jako bych zmáčkl Alt+F4. Jinak vše ok.

[altrok]

V protokolu udalosti jsou chyby, ktere muze zpusobovat i disk. Mrkneme na nej.

• Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

[Spawnik]

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2017/07/31 12:54:15

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- KINGSTON SHSS37A240G
- ST750LM022 HN-M750MBB
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) KINGSTON SHSS37A240G : 240,0 GB [0/0/0, pd1]
(2) ST750LM022 HN-M750MBB : 750,1 GB [1/0/0, pd1] - st

----------------------------------------------------------------------------
(1) KINGSTON SHSS37A240G
----------------------------------------------------------------------------
Model : KINGSTON SHSS37A240G
Firmware : SAFM02.H
Serial Number : 50026B726904096E
Disk Size : 240,0 GB (8,4/137,4/240,0/240,0)
Buffer Size : 10104 KB
Queue Depth : 32
# of Sectors : 468862128
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 910 hod.
Power On Count : 184 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 _50 000000000000 Čas na roztočení ploten
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 100 100 __0 00000000038E Hodin v činnosti
0C 100 100 __0 0000000000B8 Počet cyklů zapnutí zařízení
A8 100 100 __0 000000000000 Specifický pro výrobce
AA 100 100 _10 0000000001D4 Specifický pro výrobce
AD 100 100 __0 000000050012 Specifický pro výrobce
AF 100 100 _50 000000000000 Specifický pro výrobce
BB 100 100 __0 000000000000 Specifický pro výrobce
C0 100 100 __0 000000000007 Unsafe Shutdown Count
C2 _62 _52 _30 003000140026 Teplota
C4 100 100 _10 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 100 100 _50 000000000000 Specifický pro výrobce
DA 100 100 _50 000000000000 Specifický pro výrobce
E7 100 100 __0 000000000064 Specifický pro výrobce
E9 100 100 __0 000000000563 Specifický pro výrobce
F0 100 100 __0 000000000000 Specifický pro výrobce
F1 100 100 __0 000000000492 Total Host Writes
F2 100 100 __0 0000000006AA Total Host Reads
F4 100 100 __0 000000000005 Specifický pro výrobce
F5 100 100 __0 000000000012 Specifický pro výrobce
F6 100 100 __0 000000057C00 Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3732 3639 3034 3039 3645 2020 2020
020: 0000 4EF0 0000 5341 464D 3032 2E48 4B49 4E47 5354
030: 4F4E 2053 4853 5333 3741 3234 3047 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 5F20
070: 0000 0000 0000 0000 0000 001F E70E 0006 004C 0048
080: 03F8 0000 746B 7D09 4063 7469 BC09 4063 207F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 44B0 1BF2 0000 0000 0000 0008 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4019
120: 4019 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 FFFF 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 64 64 00
020: 00 00 00 00 00 00 05 13 00 64 64 00 00 00 00 00
030: 00 00 07 0B 00 64 64 00 00 00 00 00 00 00 08 05
040: 00 64 64 00 00 00 00 00 00 00 09 12 00 64 64 8E
050: 03 00 00 00 00 00 0C 12 00 64 64 B8 00 00 00 00
060: 00 00 A8 12 00 64 64 00 00 00 00 00 00 00 AA 03
070: 00 64 64 D4 01 00 00 00 00 00 AD 12 00 64 64 12
080: 00 05 00 00 00 00 AF 13 00 64 64 00 00 00 00 00
090: 00 00 BB 12 00 64 64 00 00 00 00 00 00 00 C0 12
0A0: 00 64 64 07 00 00 00 00 00 00 C2 23 00 3E 34 26
0B0: 00 14 00 30 00 00 C4 02 00 64 64 00 00 00 00 00
0C0: 00 00 C5 32 00 64 64 00 00 00 00 00 00 00 C7 0B
0D0: 00 64 64 00 00 00 00 00 00 00 DA 0B 00 64 64 00
0E0: 00 00 00 00 00 00 E7 13 00 64 64 64 00 00 00 00
0F0: 00 00 E9 0B 00 64 64 63 05 00 00 00 00 00 F0 13
100: 00 64 64 00 00 00 00 00 00 00 F1 12 00 64 64 92
110: 04 00 00 00 00 00 F2 12 00 64 64 AA 06 00 00 00
120: 00 00 F4 02 00 64 64 05 00 00 00 00 00 00 F5 02
130: 00 64 64 12 00 00 00 00 00 00 F6 12 00 64 64 00
140: 7C 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 1E 00 00 79
170: 03 00 01 00 01 02 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E3

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 64 64 00 00 00 00 00 00 00 02 32
010: 00 64 64 00 00 00 00 00 00 00 03 32 00 64 64 00
020: 00 00 00 00 00 00 05 32 00 64 64 00 00 00 00 00
030: 00 00 07 32 00 64 64 00 00 00 00 00 00 00 08 32
040: 00 64 64 00 00 00 00 00 00 00 09 00 00 64 64 00
050: 00 00 00 00 00 00 0C 00 00 64 64 00 00 00 00 00
060: 00 00 A8 00 00 64 64 00 00 00 00 00 00 00 AA 0A
070: 00 64 64 00 00 00 00 00 00 00 AD 00 00 64 64 00
080: 00 00 00 00 00 00 AF 32 00 64 64 00 00 00 00 00
090: 00 00 BB 00 00 64 64 00 00 00 00 00 00 00 C0 00
0A0: 00 64 64 00 00 00 00 00 00 00 C2 1E 00 64 64 00
0B0: 00 00 00 00 00 00 C4 0A 00 64 64 00 00 00 00 00
0C0: 00 00 C5 00 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 64 64 00 00 00 00 00 00 00 DA 32 00 64 64 00
0E0: 00 00 00 00 00 00 E7 00 00 64 64 00 00 00 00 00
0F0: 00 00 E9 00 00 64 64 00 00 00 00 00 00 00 F0 00
100: 00 64 64 00 00 00 00 00 00 00 F1 00 00 64 64 00
110: 00 00 00 00 00 00 F2 00 00 64 64 00 00 00 00 00
120: 00 00 F4 00 00 64 64 00 00 00 00 00 00 00 F5 00
130: 00 64 64 00 00 00 00 00 00 00 F6 00 00 64 64 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E

----------------------------------------------------------------------------
(2) ST750LM022 HN-M750MBB
----------------------------------------------------------------------------
Model : ST750LM022 HN-M750MBB
Firmware : 2BA30001
Serial Number : S330J9AF304892
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 10262 hod.
Power On Count : 2288 krát
Temperature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 00000000000D Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _88 _25 000000000A20 Čas na roztočení ploten
04 _98 _98 __0 000000000AFF Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000002816 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 __0 0000000008F0 Počet cyklů zapnutí zařízení
BF 100 100 __0 00000000017D Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _56 __0 002C0008001C Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000003 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000016437 Počet chyb při zápisu sektorů
DF 100 100 __0 000000000074 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _86 _86 __0 000000024764 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5333 3330 4A39 4146 3330 3438 3932 2020 2020 2020
020: 0000 8000 0004 3242 4133 3030 3031 5354 3735 304C
030: 4D30 3232 2048 4E2D 4D37 3530 4D42 4220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F0E 0004 004C 0048
080: 01FF 0028 746B 7F29 6123 7469 BC01 6123 207F 0051
090: 0051 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 0CC9 276E 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F2A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 0D 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5C 58 20
020: 0A 00 00 00 00 00 04 32 00 62 62 FF 0A 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 16 28 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0C 32
070: 00 62 62 F0 08 00 00 00 00 00 BF 22 00 64 64 7D
080: 01 00 00 00 00 00 C0 22 00 FC FC 00 00 00 00 00
090: 00 00 C2 02 00 40 38 1C 00 08 00 2C 00 00 C3 3A
0A0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0B0: 00 00 00 00 00 00 C5 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
0D0: 00 64 64 03 00 00 00 00 00 00 C8 2A 00 64 64 37
0E0: 64 01 00 00 00 00 DF 32 00 64 64 74 00 00 00 00
0F0: 00 00 E1 32 00 56 56 64 47 02 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 9C 27 00 5B
170: 03 00 01 00 02 A9 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 DF 00 00 00 00 00 00 00 00 00
0F0: 00 00 E1 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46

[altrok]

• Znovu spustte FRST.exe/FRST64.exe
• stisknete Ctrl + y (obe klavesy zaroven)
• otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
• stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
• kliknete na tlacitko Fix
• po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\...\MountPoints2: {cce006fc-69b2-11e7-bea8-28e34790ccbf} - "G:\HiSuiteDownLoader.exe" 
  File: C:\ProgramData\SetStretch.cmd
  File: C:\ProgramData\SetStretch.exe
  ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  Task: {1BFF2F65-F338-45A4-9F40-8ACA11037DE9} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
  FirewallRules: [{4DD2E25B-ED87-46CC-95D5-B293F25D8C7F}] => (Allow) C:\Users\jirka_000\AppData\Local\Temp\Rar$EXa0.210\WGCheck.exe
  FirewallRules: [{66E2BE55-8B0E-403B-AC5B-982F4ED9E561}] => (Allow) C:\Users\jirka_000\AppData\Local\Temp\Rar$EXa0.210\WGCheck.exe
  FirewallRules: [TCP Query User{E62650B9-5466-4550-990B-C139579B41C7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
  FirewallRules: [UDP Query User{29757EFC-FD28-470D-9E50-59D8A40AB959}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
  EmptyTemp:
  End

[Spawnik]

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-07-2017
Ran by Jiří (31-07-2017 20:52:30) Run:1
Running from C:\Users\jirka_000\Desktop
Loaded Profiles: UpdatusUser & Jiří (Available Profiles: UpdatusUser & Jiří & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\...\MountPoints2: {cce006fc-69b2-11e7-bea8-28e34790ccbf} - "G:\HiSuiteDownLoader.exe"
File: C:\ProgramData\SetStretch.cmd
File: C:\ProgramData\SetStretch.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
Task: {1BFF2F65-F338-45A4-9F40-8ACA11037DE9} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
FirewallRules: [{4DD2E25B-ED87-46CC-95D5-B293F25D8C7F}] => (Allow) C:\Users\jirka_000\AppData\Local\Temp\Rar$EXa0.210\WGCheck.exe
FirewallRules: [{66E2BE55-8B0E-403B-AC5B-982F4ED9E561}] => (Allow) C:\Users\jirka_000\AppData\Local\Temp\Rar$EXa0.210\WGCheck.exe
FirewallRules: [TCP Query User{E62650B9-5466-4550-990B-C139579B41C7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{29757EFC-FD28-470D-9E50-59D8A40AB959}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cce006fc-69b2-11e7-bea8-28e34790ccbf} => key removed successfully
HKLM\Software\Classes\CLSID\{cce006fc-69b2-11e7-bea8-28e34790ccbf} => key not found.

========================= File: C:\ProgramData\SetStretch.cmd ========================

File not signed
MD5: 3610BE067EB4E7907CC7C87E35281E63
Creation and modification date: 2013-05-01 13:15 - 2012-09-07 13:40
Size: 000000256
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\SetStretch.exe ========================

File not signed
MD5: 4A93070098539B54FDA391D4D551C880
Creation and modification date: 2013-05-01 13:15 - 2009-07-22 12:04
Size: 000024576
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BFF2F65-F338-45A4-9F40-8ACA11037DE9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BFF2F65-F338-45A4-9F40-8ACA11037DE9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DD2E25B-ED87-46CC-95D5-B293F25D8C7F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66E2BE55-8B0E-403B-AC5B-982F4ED9E561} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E62650B9-5466-4550-990B-C139579B41C7}C:\program files (x86)\mozilla firefox\firefox.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29757EFC-FD28-470D-9E50-59D8A40AB959}C:\program files (x86)\mozilla firefox\firefox.exe => value removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21811751 B
Java, Flash, Steam htmlcache => 5559 B
Windows/system/drivers => 7211085 B
Edge => 0 B
Chrome => 447479216 B
Firefox => 383425832 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 23720 B
NetworkService => 0 B
UpdatusUser => 0 B
jirka_000 => 219118439 B
Administrator => 13952 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:53:24 ====

[altrok]

Nainstalujte a spustte HD Tune - http://www.hdtune.com/files/hdtune_255.exe

• Prejdete na zalozku Health a zkontrolujte, ze je ve sloupecku Status vsude hodnota OK a dole sviti zelene Health status: OK
• Na zalozce Error Scan kliknete na Start. Po dokonceni testu udelejte screen a prilozte ho k dalsi odpovedi.

[Spawnik]

[img]result.png[/img]

[altrok]

Start -> spustit -> eventvwr, vlevo rozkliknete Protokoly systemu Windows, pravej klik na System, vyberte Ulozit vsechny udalosti jako, typ souboru *.evtx, vysledny soubor zabalte a upnete na leteckou postu - link (odkaz na stazeni) dejte do pristi odpovedi.

[Spawnik]

http://leteckaposta.cz/336164470

[altrok]

Spustte FRST a do sirokeho bileho okenka vlozte

volume

pote kliknete na Search Registry. Sken potrva az nekolik minut.
Ve stejnem umisteni, jako mate FRST.exe/FRST64.exe, vznikne soubor SearchReg.txt. Jeho obsah bude pravdepodobne delsi nez 100.000 znaku, proto jej zabalte do zipu/raru a prilozte k dalsimu prispevku jako prilohu.