Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Prosím o kontrolu

#1 Příspěvek od polmnji »

Prosím o preventivní kontrolu

Logfile of random's system information tool 1.10 (written by random/random)
Run by Polmnji at 2015-10-30 15:41:34
Microsoft Windows 10 Home
System drive C: has 171 GB (45%) free of 382 GB
Total RAM: 8075 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:41:38, on 30. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe
C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\Polmnji.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Polmnji\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Polmnji\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Polmnji\Desktop\GSplay.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2351793952-2836851555-3571603524-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2351793952-2836851555-3571603524-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem33.inf,%WIN32_DPTF_PARTICIPANT_DISPLAY_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Display Participant Service Application (DptfParticipantDisplayService) - Unknown owner - C:\WINDOWS\System32\DptfParticipantDisplayService.exe (file missing)
O23 - Service: @oem33.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem33.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @oem33.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @oem33.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - TODO: <Company name> - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13977 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea659d47-7ac6-42ad-826f-4ab7d6e5ee6a -SystemEventPortName:HostProcess-727dc027-ad13-4dd0-97d3-511ba607e697 -IoCancelEventPortName:HostProcess-6374596c-2e74-4ca7-ab57-7855182f093d -NonStateChangingEventPortName:HostProcess-7bf33980-8123-4f19-8206-223527f62eb4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f209c094-8842-414a-941a-4d0a778f60d4 -DeviceGroupId:WudfDefaultDevicePool
dashost.exe {386ad783-0de9-4915-bd78f78305a88ca6}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
C:\WINDOWS\system32\DptfPolicyCriticalService.exe
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
"C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe"
C:\WINDOWS\System32\DptfParticipantDisplayService.exe
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\system32\DptfPolicyLpmService.exe
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

winlogon.exe
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
sihost.exe
"C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe" /RunByTaskScheduler
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe"
"C:\Windows\System32\DptfPolicyLpmServiceHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNABCSWK.EXE !hide Canon LBP6000/LBP6018
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\LiveUpdate.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/221100"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Polmnji\AppData\Local\Steam\htmlcache" -steampid=3412 -buildid=1444853545 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="8548.0.1290527904\46913379" --font-cache-shared-handle=1488 /prefetch:673131151
taskhostw.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13821.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\WINDOWS\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe"
"C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe" -jar "C:\Users\Polmnji\Desktop\GSplay.exe"
java -jar launcher.jar
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\DllHost.exe /Processid:{A4B07E49-6567-4FB8-8D39-01920E3B2357}
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe29_ Global\UsGthrCtrlFltPipeMssGthrPipe29 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 596 604 628 8192 624

"C:\Users\Polmnji\Desktop\RSITx64.exe"



======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#2 Příspěvek od polmnji »

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Polmnji\AppData\Roaming\Mozilla\Firefox\Profiles\8cfgean7.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2014-09-15 111488]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-07-17 396688]
"CNAP2 Launcher"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2010-10-14 226784]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-08-03 3350760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-10-14 2901584]
"Spotify Web Helper"=C:\Users\Polmnji\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-16 2008632]
"Spotify"=C:\Users\Polmnji\AppData\Roaming\Spotify\Spotify.exe [2015-07-16 7334968]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]
"OneDrive"=C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-19 405584]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"GSplay.exe"=C:\Users\Polmnji\Desktop\GSplay.exe [2015-09-13 4772747]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Polmnji\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-09-06 3216032]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [2013-08-16 63296]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2015-06-16 4127488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-29 6134544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06 597040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-30 15:41:34 ----D---- C:\rsit
2015-10-30 15:41:34 ----D---- C:\Program Files\trend micro
2015-10-21 11:40:19 ----D---- C:\Users\Polmnji\AppData\Roaming\VitySoft
2015-10-21 11:36:55 ----D---- C:\Users\Polmnji\AppData\Roaming\YouTube Downloader
2015-10-21 11:36:02 ----D---- C:\Program Files (x86)\YouTube Downloader
2015-10-14 14:34:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-14 14:34:40 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 14:34:39 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 14:34:38 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-14 14:34:37 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-14 14:34:35 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-14 14:34:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-14 14:34:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-14 14:34:32 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-14 14:34:31 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 14:34:30 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-14 14:34:30 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-14 14:34:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-14 14:34:28 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-14 14:34:27 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-14 14:34:26 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-10-14 14:34:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-14 14:34:26 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-14 14:34:26 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-10-14 14:34:25 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-14 14:34:24 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-14 14:34:24 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 14:34:23 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-14 14:34:23 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-14 14:34:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-14 14:34:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-14 14:34:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-14 14:34:22 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-10-14 14:34:21 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-14 14:34:21 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-14 14:34:21 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-14 14:34:21 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:34:21 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 14:34:21 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 14:34:20 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 14:34:19 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-14 14:34:19 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 14:34:19 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 14:34:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 17:17:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-01 16:59:39 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-01 16:59:38 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-01 16:59:38 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-01 16:59:37 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-01 16:59:37 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-01 16:59:36 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-01 16:59:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 16:59:34 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 16:59:33 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-01 16:59:32 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-01 16:59:32 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 16:59:32 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 16:59:32 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 16:59:31 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-01 16:59:31 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 16:59:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-01 16:59:30 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-01 16:59:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-01 16:59:28 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-01 16:59:27 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-01 16:59:27 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-01 16:59:26 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-01 16:59:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-01 16:59:25 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-01 16:59:25 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-01 16:59:25 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 16:59:24 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 16:59:23 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-01 16:59:22 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 16:59:21 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 16:59:20 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-01 16:59:20 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-01 16:59:20 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 16:59:20 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 16:59:19 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-01 16:59:19 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-01 16:59:19 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 16:59:19 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 16:59:19 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-01 16:59:19 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-01 16:59:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 16:59:18 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-01 16:59:18 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 16:59:18 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 16:59:18 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 16:59:17 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 16:59:16 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-01 16:59:16 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-01 16:59:16 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 16:59:16 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 16:59:16 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 16:59:15 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-01 16:59:15 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-01 16:59:15 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-01 16:59:15 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-01 16:59:15 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 16:59:15 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 16:59:14 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 16:59:14 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-01 16:59:13 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-01 16:59:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 16:59:12 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-01 16:59:11 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 16:59:10 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-01 16:59:10 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 16:59:10 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-01 16:59:09 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-01 16:59:08 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-01 16:59:08 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 16:59:08 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-01 16:59:07 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 16:59:07 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-01 16:59:06 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 16:59:06 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 16:59:06 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 16:59:06 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-01 16:59:06 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 16:59:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-01 16:59:05 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 16:59:05 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-01 16:59:04 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-01 16:59:04 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 16:59:04 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 16:59:04 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-01 16:59:03 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-01 16:59:03 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-01 16:59:02 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-01 16:59:01 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 16:59:00 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-01 16:59:00 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-01 16:59:00 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 16:58:59 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-01 16:58:59 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-01 16:58:59 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-01 16:58:59 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-01 16:58:59 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 16:58:58 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-01 16:58:57 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 16:58:56 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 16:58:56 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 16:58:56 ----A---- C:\WINDOWS\system32\configmanager2.dll

======List of files/folders modified in the last 1 month======

2015-10-30 15:41:34 ----RD---- C:\Program Files
2015-10-30 15:37:17 ----D---- C:\WINDOWS\Temp
2015-10-30 15:23:32 ----D---- C:\WINDOWS\System32
2015-10-30 15:08:00 ----D---- C:\WINDOWS\system32\sru
2015-10-30 13:57:57 ----D---- C:\WINDOWS\system32\config
2015-10-30 13:53:31 ----SHD---- C:\System Volume Information
2015-10-30 13:33:23 ----D---- C:\WINDOWS\CbsTemp
2015-10-30 13:31:26 ----D---- C:\WINDOWS\WinSxS
2015-10-30 13:31:05 ----D---- C:\WINDOWS\Prefetch
2015-10-30 13:28:56 ----D---- C:\WINDOWS\AppReadiness
2015-10-30 12:00:16 ----D---- C:\WINDOWS\system32\Tasks
2015-10-30 11:00:24 ----D---- C:\Users\Polmnji\AppData\Roaming\.minecraft
2015-10-30 08:18:28 ----D---- C:\WINDOWS\system32\catroot2
2015-10-30 08:07:13 ----HD---- C:\Program Files\WindowsApps
2015-10-30 08:02:26 ----D---- C:\Program Files (x86)\Steam
2015-10-29 22:57:54 ----SHD---- C:\WINDOWS\Installer
2015-10-29 22:57:26 ----D---- C:\WINDOWS\SysWOW64
2015-10-29 20:25:18 ----D---- C:\Games
2015-10-29 16:46:34 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-29 14:24:16 ----D---- C:\Users\Polmnji\AppData\Roaming\OBS
2015-10-29 14:08:32 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2015-10-29 13:09:28 ----D---- C:\Program Files (x86)\WarThunder
2015-10-28 19:45:17 ----D---- C:\ProgramData\ASUS Smart Gesture
2015-10-28 19:45:11 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-28 15:29:26 ----D---- C:\WINDOWS\system32\NDF
2015-10-27 23:31:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-27 23:31:07 ----D---- C:\WINDOWS\INF
2015-10-27 11:35:49 ----D---- C:\Users\Polmnji\AppData\Roaming\vlc
2015-10-25 17:06:53 ----D---- C:\ProgramData\CyberLink
2015-10-25 17:05:58 ----D---- C:\Users\Polmnji\AppData\Roaming\CyberLink
2015-10-25 10:08:35 ----D---- C:\Users\Polmnji\AppData\Roaming\Tropico 4
2015-10-23 16:15:32 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-23 10:12:06 ----D---- C:\Windows
2015-10-23 00:13:35 ----D---- C:\WINDOWS\debug
2015-10-22 21:34:49 ----D---- C:\Users\Polmnji\AppData\Roaming\TS3Client
2015-10-22 21:34:31 ----D---- C:\WINDOWS\Minidump
2015-10-22 21:33:19 ----D---- C:\ProgramData\Oracle
2015-10-22 21:32:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-22 21:32:34 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-10-22 21:32:25 ----D---- C:\Program Files (x86)\Java
2015-10-21 11:36:02 ----RD---- C:\Program Files (x86)
2015-10-20 15:06:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-18 20:28:13 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-10-15 16:18:25 ----D---- C:\WINDOWS\system32\drivers
2015-10-15 16:16:19 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-15 16:16:19 ----D---- C:\WINDOWS\system32\Boot
2015-10-15 16:16:19 ----D---- C:\WINDOWS\system32\appraiser
2015-10-15 16:16:19 ----D---- C:\WINDOWS\AppPatch
2015-10-14 15:28:02 ----D---- C:\WINDOWS\system32\MRT
2015-10-14 15:16:31 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-02 17:39:35 ----D---- C:\WINDOWS\rescache
2015-10-01 17:13:26 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-01 17:13:26 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-01 17:13:25 ----SD---- C:\WINDOWS\system32\F12
2015-10-01 17:13:25 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-01 17:13:25 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-01 17:13:25 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-01 17:13:25 ----D---- C:\WINDOWS\system32\migration
2015-10-01 17:13:25 ----D---- C:\WINDOWS\Provisioning
2015-10-01 17:13:25 ----D---- C:\WINDOWS\L2Schemas

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-29 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-29 274808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-09 644968]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-07-13 31560]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-09-29 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-29 1049880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-29 448968]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-29 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-29 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-09-29 153744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-08-29 14136]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2013-04-17 17152]
R3 athr;@oem32.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2015-06-26 4325544]
R3 ATP;@oem36.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-06-30 100776]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-06-29 609992]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 DptfDevDram;DptfDevDram; C:\WINDOWS\System32\drivers\DptfDevDram.sys [2014-09-15 145640]
R3 DptfDevPch;DptfDevPch; C:\WINDOWS\System32\drivers\DptfDevPch.sys [2014-09-15 116752]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2014-09-15 290256]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2014-09-15 495320]
R3 ETD;@oem37.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-08-03 477784]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-17 6389688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem16.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 rt640x64;@oem30.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-07 895256]
R3 RTSUER;@oem28.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-08 410880]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 AndnetBus;@oem49.inf,%LGSI.Service.Desc%;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2015-01-21 20992]
S3 AndNetDiag;@oem44.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;@oem46.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dot4;@oem61.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2015-09-14 151968]
S3 Dot4Print;@oem62.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-09-14 27040]
S3 dot4usb;@oem61.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2015-09-14 49056]
S3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2014-09-15 70752]
S3 DptfDevFan;DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [2014-09-15 50640]
S3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2014-09-15 78504]
S3 DptfDevPower;DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2014-09-15 71808]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-09-05 449528]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-29 934752]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-08-29 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [2013-08-16 71680]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-29 146600]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DptfParticipantDisplayService;@oem33.inf,%WIN32_DPTF_PARTICIPANT_DISPLAY_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Display Participant Service Application; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [2014-09-15 141944]
R2 DptfParticipantProcessorService;@oem33.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2014-09-15 115656]
R2 DptfPolicyConfigTDPService;@oem33.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [2014-09-15 116680]
R2 DptfPolicyCriticalService;@oem33.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2014-09-15 148160]
R2 DptfPolicyLpmService;@oem33.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2014-09-15 124904]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-08-03 147688]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-07-16 235008]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-17 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-06-16 1750712]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-06-16 2102496]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-07-24 224712]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-10-14 838224]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session6;Hostitel synchronizace_Session6; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-09-23 1225216]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-17 283024]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-26 148080]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session6;Data kontaktů_Session6; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-29 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#3 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: V logu aktivni havet nevidim. Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku?


:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#4 Příspěvek od polmnji »

Dobrý večer
No vyhledávání v chrome,chtělo ověření (pomocí opsání kodu) že jsem člověk a ne robot .Prý jakási podivné aktivita z mé IP adresy.
Proto jsem Vás požádal o kontrolu.


# AdwCleaner v5.015 - Logfile created 31/10/2015 at 17:42:45
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Polmnji - JAN
# Running from : C:\Users\Polmnji\Desktop\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : gmpuni.cz
[-] [C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : spybot-search-destroy.en.softonic.com

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [893 bytes] ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#5 Příspěvek od altrok »

:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#6 Příspěvek od polmnji »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1. 11. 2015
Čas skenování: 7:46
Protokol: a.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.01.01
Databáze rootkitů: v2015.10.28.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Polmnji

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 843163
Uplynulý čas: 3 hod, 19 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
Trojan.Crypt, C:\Users\Polmnji\GSplay\csko\hltv.exe, , [c2134434aae16dc9d12dc46cdc288779],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#7 Příspěvek od altrok »

:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#8 Příspěvek od polmnji »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Polmnji (administrator) on JAN (01-11-2015 18:11:24)
Running from C:\Users\Polmnji\Desktop
Loaded Profiles: UpdatusUser & Polmnji (Available Profiles: UpdatusUser & Polmnji & vojtík & Administrator)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABCSWK.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\LiveUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.10240.16431_none_8845f6a3f279f883\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.10240.16431_none_8845f6a3f279f883\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.10240.16384_none_885583a9f26da828\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(forum.viry.cz) C:\Users\Polmnji\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [396688 2015-07-17] ()
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-03] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-09-06] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2351793952-2836851555-3571603524-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [Spotify Web Helper] => C:\Users\Polmnji\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-16] (Spotify Ltd)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [Spotify] => C:\Users\Polmnji\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-16] (Spotify Ltd)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [GSplay.exe] => C:\Users\Polmnji\Desktop\GSplay.exe [4772747 2015-09-13] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-29] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 launcher01.kalypsomedia.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{08f76b8f-46c4-4292-8939-7395cf26a428}: [DhcpNameServer] 10.156.48.1
Tcpip\..\Interfaces\{a0aea903-343e-471a-bdb5-25bfc4a9d5be}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2351793952-2836851555-3571603524-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2351793952-2836851555-3571603524-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

FireFox:
========
FF ProfilePath: C:\Users\Polmnji\AppData\Roaming\Mozilla\Firefox\Profiles\8cfgean7.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Vlc context menu - C:\Users\Polmnji\AppData\Roaming\Mozilla\Firefox\Profiles\8cfgean7.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2015-06-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-29] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x64\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-26]
CHR Extension: (Dokumenty Google) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-26]
CHR Extension: (Disk Google) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avast SafePrice) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-30]
CHR Extension: (Tabulky Google) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20]
CHR Extension: (Hodiny) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-05]
CHR Extension: (Hodiny) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2015-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (VLC 2015) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocidalebnmppaoopkkkkegkafepjmao [2015-06-25]
CHR Extension: (Gmail) - C:\Users\Polmnji\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-29] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-23] ()
R2 DptfParticipantDisplayService; C:\Windows\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-03] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-29] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-09-14] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-09-14] (Windows (R) Win 7 DDK provider)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation)
R3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation)
S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\drivers\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\drivers\DptfManager.sys [495320 2014-09-15] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 18:11 - 2015-11-01 18:12 - 00026020 _____ C:\Users\Polmnji\Desktop\FRST.txt
2015-11-01 18:09 - 2015-11-01 18:09 - 02198016 _____ (Farbar) C:\Users\Polmnji\Desktop\FRST64.exe
2015-11-01 18:07 - 2015-11-01 18:11 - 00112640 _____ (forum.viry.cz) C:\Users\Polmnji\Desktop\FRSTLauncher.exe
2015-11-01 18:00 - 2015-11-01 18:00 - 00016148 _____ C:\WINDOWS\system32\JAN_Polmnji_HistoryPrediction.bin
2015-11-01 11:29 - 2015-11-01 11:29 - 00001197 _____ C:\Users\Polmnji\Desktop\a.txt
2015-11-01 08:33 - 2015-11-01 08:33 - 15101981 _____ C:\Users\Polmnji\Desktop\ets2mp_20311.zip
2015-11-01 08:32 - 2015-11-01 08:33 - 15101981 _____ C:\Users\Polmnji\Downloads\ets2mp_20311.zip
2015-10-31 20:57 - 2015-11-01 18:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-31 20:57 - 2015-10-31 20:57 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-31 20:57 - 2015-10-31 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-31 20:57 - 2015-10-31 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-31 20:57 - 2015-10-31 20:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-31 20:57 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-31 20:57 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-31 20:57 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-31 20:55 - 2015-10-31 20:56 - 22908888 _____ (Malwarebytes ) C:\Users\Polmnji\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-31 17:38 - 2015-10-31 17:42 - 00000000 ____D C:\AdwCleaner
2015-10-31 17:36 - 2015-10-31 17:38 - 01694208 _____ C:\Users\Polmnji\Desktop\adwcleaner_5.015.exe
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\rsit
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\Program Files\trend micro
2015-10-30 15:40 - 2015-10-30 15:41 - 01222144 _____ C:\Users\Polmnji\Desktop\RSITx64.exe
2015-10-30 15:40 - 2015-10-30 15:40 - 01222144 _____ C:\Users\Polmnji\Downloads\RSITx64 (1).exe
2015-10-30 08:26 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 08:26 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 08:26 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 08:26 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 08:26 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 08:26 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 08:26 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 08:26 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 08:26 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 08:26 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 08:26 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 08:26 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 08:26 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 08:26 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 08:26 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 08:26 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 08:26 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 08:26 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 08:26 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 08:26 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 08:26 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 08:26 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 08:26 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 08:26 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 08:26 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 08:26 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 08:26 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 08:26 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 08:26 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 08:26 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 08:26 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 08:26 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 08:26 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 08:26 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-29 20:25 - 2015-10-29 20:25 - 00000833 _____ C:\Users\Polmnji\Desktop\World of Tanks - Common Test.lnk
2015-10-29 20:25 - 2015-10-29 20:25 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-10-29 20:24 - 2015-10-29 20:24 - 05093504 _____ (Wargaming.net ) C:\Users\Polmnji\Downloads\WoT_internet_install_ct.exe
2015-10-29 20:24 - 2015-10-29 20:24 - 05093504 _____ (Wargaming.net ) C:\Users\Polmnji\Downloads\WoT_internet_install_ct (1).exe
2015-10-29 14:08 - 2015-10-29 14:08 - 15100584 _____ C:\Users\Polmnji\Downloads\ets2mp_20300 (1).zip
2015-10-29 14:07 - 2015-10-29 14:08 - 15100584 _____ C:\Users\Polmnji\Downloads\ets2mp_20300.zip
2015-10-28 13:18 - 2015-10-28 13:25 - 00035673 _____ C:\Users\Polmnji\Downloads\divadlo.odt
2015-10-27 08:11 - 2015-10-27 08:11 - 00000985 _____ C:\Users\Polmnji\Desktop\Nová složka – zástupce.lnk
2015-10-27 08:11 - 2015-10-27 08:11 - 00000907 _____ C:\Users\Polmnji\Desktop\nnn – zástupce.lnk
2015-10-25 17:06 - 2015-10-25 17:06 - 00000000 ____D C:\Users\Public\CyberLink
2015-10-23 10:12 - 2015-10-23 10:12 - 00000875 _____ C:\WINDOWS\setupact.log
2015-10-23 10:12 - 2015-10-23 10:12 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-22 22:40 - 2015-11-01 18:03 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-22 21:35 - 2015-10-22 21:35 - 00063462 _____ C:\Users\Polmnji\Documents\cc_20151022_223537.reg
2015-10-22 21:35 - 2015-10-22 21:35 - 00001050 _____ C:\Users\Polmnji\Documents\cc_20151022_223554.reg
2015-10-21 11:40 - 2015-10-21 11:40 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\VitySoft
2015-10-21 11:40 - 2015-10-21 11:40 - 00000000 ____D C:\Users\Polmnji\.objectdb
2015-10-21 11:36 - 2015-10-22 21:30 - 00001457 _____ C:\Users\Polmnji\Desktop\YouTube Downloader.lnk
2015-10-21 11:36 - 2015-10-21 11:36 - 00001153 _____ C:\Users\Polmnji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Downloader.lnk
2015-10-21 11:36 - 2015-10-21 11:36 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\YouTube Downloader
2015-10-21 11:36 - 2015-10-21 11:36 - 00000000 ____D C:\Program Files (x86)\YouTube Downloader
2015-10-21 11:35 - 2015-10-21 11:35 - 00476688 _____ (Igor Pavlov) C:\Users\Polmnji\Downloads\ytd-0.90.exe
2015-10-15 16:14 - 2015-10-15 16:14 - 00016148 _____ C:\WINDOWS\system32\JAN_vojtík_HistoryPrediction.bin
2015-10-14 14:34 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 14:34 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 14:34 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 14:34 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 14:34 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 14:34 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 14:34 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 14:34 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 14:34 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 14:34 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 14:34 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 14:34 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 14:34 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 14:34 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 14:34 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 14:34 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 14:34 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 14:34 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 14:34 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 14:34 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 14:34 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 14:34 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 14:34 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 14:34 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 14:34 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 14:34 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:34 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 14:34 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 14:34 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 14:34 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 14:34 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 14:34 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 14:34 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 14:34 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 14:34 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 14:34 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 14:34 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 14:34 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 14:34 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 14:34 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 14:34 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 14:34 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 14:34 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:34 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 14:34 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 14:34 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 14:34 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 14:34 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 14:34 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 14:34 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 14:34 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 14:34 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 14:34 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-10 14:08 - 2015-10-10 14:08 - 00000000 ____D C:\Users\vojtík\Documents\ETS2MP
2015-10-08 23:28 - 2015-10-08 23:28 - 00980581 _____ C:\Users\Polmnji\Downloads\Kontroly_a_pravomocne_pokuty.csv
2015-10-04 10:56 - 2015-10-04 11:14 - 00000000 ____D C:\Users\Polmnji\Documents\Nová složka

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 18:11 - 2015-03-16 15:24 - 00000000 ____D C:\FRST
2015-11-01 18:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-01 16:51 - 2015-09-13 17:02 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\.minecraft
2015-11-01 16:27 - 2015-04-26 22:59 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 14:27 - 2015-04-26 22:59 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 14:19 - 2015-09-13 17:01 - 00000000 ____D C:\Users\Polmnji\GSplay
2015-11-01 14:05 - 2015-09-13 17:01 - 00004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{47DF1E11-9922-47F1-8C9E-6FBD72121AEC}
2015-11-01 13:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-01 12:00 - 2015-05-25 11:50 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-11-01 12:00 - 2015-05-25 11:50 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-11-01 08:57 - 2015-06-17 11:53 - 00000000 ____D C:\Users\Polmnji\Documents\Euro Truck Simulator 2
2015-11-01 08:34 - 2015-06-18 00:00 - 00001264 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2015-11-01 08:34 - 2015-06-18 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2015-11-01 08:34 - 2015-06-18 00:00 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2015-11-01 08:34 - 2015-05-01 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-31 17:56 - 2015-07-29 16:23 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-31 17:56 - 2015-07-10 17:02 - 00754074 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-31 17:56 - 2015-07-10 17:02 - 00152494 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-31 17:52 - 2015-09-30 17:57 - 00001600 _____ C:\Users\Polmnji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2015-10-31 17:52 - 2015-04-26 22:47 - 00000074 _____ C:\Users\Polmnji\AppData\Roaming\sp_data.sys
2015-10-31 17:51 - 2015-09-30 17:56 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-10-31 17:50 - 2015-07-29 16:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-31 17:47 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-31 17:46 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-31 17:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:45 - 2015-03-30 17:28 - 00050176 ___SH C:\Users\Polmnji\Downloads\Thumbs.db
2015-10-30 13:33 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 22:57 - 2015-05-01 07:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-29 20:25 - 2015-01-21 08:20 - 00000000 ____D C:\Games
2015-10-29 14:24 - 2015-08-06 17:58 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\OBS
2015-10-29 13:09 - 2015-09-06 12:00 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-10-28 15:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-27 11:35 - 2015-06-25 20:39 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\vlc
2015-10-27 08:11 - 2015-01-20 12:27 - 00105472 ___SH C:\Users\Polmnji\Desktop\Thumbs.db
2015-10-25 17:06 - 2015-08-02 06:22 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-25 17:05 - 2015-08-02 06:28 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\CyberLink
2015-10-25 10:08 - 2015-05-22 21:58 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\Tropico 4
2015-10-23 15:28 - 2015-04-26 23:00 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-22 21:34 - 2015-08-06 22:47 - 00000000 ____D C:\Users\Polmnji\AppData\Roaming\TS3Client
2015-10-22 21:34 - 2015-08-02 19:12 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-22 21:33 - 2015-09-13 16:59 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 21:33 - 2015-09-13 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 21:32 - 2015-09-13 17:00 - 00000000 ____D C:\Users\Polmnji\.oracle_jre_usage
2015-10-22 21:32 - 2015-09-13 16:59 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-22 21:32 - 2015-09-13 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-22 21:21 - 2015-07-29 16:10 - 00000000 ____D C:\Users\Polmnji
2015-10-22 08:54 - 2015-05-01 13:35 - 00000000 ____D C:\Users\Polmnji\AppData\Local\Steam
2015-10-20 15:06 - 2015-06-07 12:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 04:10 - 2015-10-01 17:17 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-01 17:17 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:28 - 2015-04-26 23:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 15:16 - 2015-04-26 23:55 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 22:21 - 2015-05-01 07:56 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-10 14:08 - 2015-07-29 21:52 - 00000074 _____ C:\Users\vojtík\AppData\Roaming\sp_data.sys
2015-10-10 14:07 - 2015-09-10 21:02 - 00001600 _____ C:\Users\vojtík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2015-10-02 17:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2015-04-26 22:47 - 2015-10-31 17:52 - 0000074 _____ () C:\Users\Polmnji\AppData\Roaming\sp_data.sys
2015-06-07 23:57 - 2015-06-07 23:57 - 0007605 _____ () C:\Users\Polmnji\AppData\Local\Resmon.ResmonCfg
2015-07-29 16:06 - 2015-07-29 16:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-06 15:14 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-09-06 15:14 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-09-06 15:14 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-08-02 06:23 - 2015-08-02 06:24 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-08-02 06:22 - 2015-08-02 06:23 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Polmnji\AppData\Local\Temp\COMAP.EXE
C:\Users\Polmnji\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Polmnji\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\Polmnji\AppData\Local\Temp\sqlite3.dll
C:\Users\vojtík\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Polmnji\Desktop" je 66 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#9 Příspěvek od polmnji »

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Polmnji (2015-11-01 18:13:22)
Running from C:\Users\Polmnji\Desktop
Windows 10 Home (X64) (2015-07-29 15:33:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2351793952-2836851555-3571603524-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2351793952-2836851555-3571603524-503 - Limited - Disabled)
Guest (S-1-5-21-2351793952-2836851555-3571603524-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2351793952-2836851555-3571603524-1008 - Limited - Enabled)
Polmnji (S-1-5-21-2351793952-2836851555-3571603524-1002 - Administrator - Enabled) => C:\Users\Polmnji
UpdatusUser (S-1-5-21-2351793952-2836851555-3571603524-1001 - Limited - Enabled) => C:\Users\UpdatusUser
vojtík (S-1-5-21-2351793952-2836851555-3571603524-1009 - Limited - Enabled) => C:\Users\vojtík

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Tropico 4" (HKLM-x32\...\{C276D408-F88A-4E69-9CE3-B785CFA276BD}_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.16.0 - Asmedia Technology)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.6 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5520.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5520.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Balíček ovladače systému Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Canon LBP6000/LBP6018 (HKLM\...\Canon LBP6000/LBP6018) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.3.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.3.1 Alpha - ETS2MP Team)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
NVIDIA Graphics Driver 326.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.83 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
OpenTTD 1.5.1 (HKLM-x32\...\OpenTTD) (Version: 1.5.1 - OpenTTD)
Ovládací panel NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Usb Game Pad (HKLM-x32\...\Usb Game Pad) (Version: - )
VirtualDJ 8 (HKLM-x32\...\{160FB819-E046-4E03-B8F6-76E1E8CC6BD9}) (Version: 8.0.2117.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder Launcher 1.0.1.542 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks - Common Test (HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-05-22 22:07 - 00000863 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 launcher01.kalypsomedia.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D49E42-A1B8-4FBD-AAF8-D55AEAF6F418} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {02032F67-8D41-4C49-A2E1-75A8A37B75EB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-31] (AsusTek)
Task: {02530E6A-0594-444A-85B0-D4E0A55D6F5E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {07DDFDBC-F934-45DB-BA66-AEF83B60B220} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0BF5A89E-4FB7-4611-BE94-FD9EF6FA0AB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {119163A0-077A-4ED0-BC5C-46FDB33E4AAC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-29] (AVAST Software)
Task: {11DF17FC-A780-4E16-837C-AF02F7FE6A77} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {168286EC-7C48-439A-A52E-C525C2D1FEB3} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {17B78F28-4084-49B5-AF73-FA3C75638880} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1CE94478-6DF9-40F5-AB24-A117264BB699} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {28C8C30F-FF62-4043-B975-FEE70C69BC75} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {29291969-3F4E-46D5-83FC-294206997AED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {2B9EC335-9089-456A-AB65-6C02BF2A709D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3DF5F2BB-F40D-42A2-AA34-8CF4AE987CB5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4C3C8157-6783-4725-8091-FB48026AB50E} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {50660E1E-A10D-40BF-806D-8AC2491F7F76} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {54329B66-39E7-43EE-904A-32685E27CCA2} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {6D4097BA-C681-40F0-80F7-CD879B178C53} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6DCE1537-BD2F-49F7-990F-CC39D06BA6A5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {727A983A-D601-488F-8E67-54E0FF73139F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {77371F58-8495-4BFE-9AD3-EF52C7384A02} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {7D590329-8889-42B6-B687-F4B26DCA15D9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {81CF22DF-D9D2-4566-A0DD-AB53D44045E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.)
Task: {92C4A49C-2FA5-4F5E-8710-A8DDEE54CD51} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {9795D68B-C33F-4397-8B14-5675040DA88C} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {9E94B682-5EB2-42B4-BF8F-B9153499628E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.)
Task: {B4B5CBA6-4248-417E-9744-4FB95BAC3D10} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BA11DC0F-80E6-43B1-91A3-FE9E441C7D6E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA9FEB88-6E1D-493F-8939-9333362A5D6F} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {C0A0D9B4-803E-45CB-8547-04799F9C3A07} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {C464E443-C23E-45B4-9BD6-B05AE1901ED3} - System32\Tasks\EM3310-GmTaskPlan => C:\Program Files\GamingMouse\WarlordMouse.exe
Task: {CA4144F1-B3D4-4C64-B14C-B61DC1020050} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D4BA46EC-A075-4132-82F6-A5F4B07DA039} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D63851E3-EEFC-4819-8104-DB471E2DDB0F} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {DCB78CEC-A85A-492B-8F25-4FC3FDAE01B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {EDD7B49C-4F5D-472E-B37C-6B649718B8FE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {FB76F993-42D7-45FF-B001-8BF9E6597B85} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#10 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Polmnji\GSplay\csko\hltv.exe
File: C:\ProgramData\SetStretch.cmd
File: C:\ProgramData\SetStretch.exe
File: C:\ProgramData\SetStretch.vbs
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
2015-10-31 20:55 - 2015-10-31 20:56 - 22908888 _____ (Malwarebytes ) C:\Users\Polmnji\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-31 17:38 - 2015-10-31 17:42 - 00000000 ____D C:\AdwCleaner
2015-10-31 17:36 - 2015-10-31 17:38 - 01694208 _____ C:\Users\Polmnji\Desktop\adwcleaner_5.015.exe
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\rsit
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\Program Files\trend micro
2015-10-30 15:40 - 2015-10-30 15:41 - 01222144 _____ C:\Users\Polmnji\Desktop\RSITx64.exe
2015-10-30 15:40 - 2015-10-30 15:40 - 01222144 _____ C:\Users\Polmnji\Downloads\RSITx64 (1).exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#11 Příspěvek od polmnji »

Fix result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Polmnji (2015-11-01 19:31:44) Run:1
Running from C:\Users\Polmnji\Desktop
Loaded Profiles: UpdatusUser & Polmnji (Available Profiles: UpdatusUser & Polmnji & vojtík & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Polmnji\GSplay\csko\hltv.exe
File: C:\ProgramData\SetStretch.cmd
File: C:\ProgramData\SetStretch.exe
File: C:\ProgramData\SetStretch.vbs
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-10-31 20:55 - 2015-10-31 20:56 - 22908888 _____ (Malwarebytes ) C:\Users\Polmnji\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-31 17:38 - 2015-10-31 17:42 - 00000000 ____D C:\AdwCleaner
2015-10-31 17:36 - 2015-10-31 17:38 - 01694208 _____ C:\Users\Polmnji\Desktop\adwcleaner_5.015.exe
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\rsit
2015-10-30 15:41 - 2015-10-30 15:41 - 00000000 ____D C:\Program Files\trend micro
2015-10-30 15:40 - 2015-10-30 15:41 - 01222144 _____ C:\Users\Polmnji\Desktop\RSITx64.exe
2015-10-30 15:40 - 2015-10-30 15:40 - 01222144 _____ C:\Users\Polmnji\Downloads\RSITx64 (1).exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Users\Polmnji\GSplay\csko\hltv.exe ========================

File not signed
MD5: 3E6E841C6A326C1BBB39185F045CBB11
Creation and modification date: 2015-09-29 10:58 - 2015-09-29 10:58
Size: 0221184
Attributes: ----A
Company Name: Valve
Internal Name: HLTV Launcher
Original Name: hltv.exe
Product: HLTV Launcher
Description: HLTV Launcher
File Version: 1, 1, 1, 1
Product Version: 1, 1, 1, 1
Copyright: Copyright (c) 1996-2003

====== End of File: ======


========================= File: C:\ProgramData\SetStretch.cmd ========================

File not signed
MD5: 3610BE067EB4E7907CC7C87E35281E63
Creation and modification date: 2013-09-06 15:14 - 2012-09-07 12:40
Size: 0000256
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\SetStretch.exe ========================

File not signed
MD5: 4A93070098539B54FDA391D4D551C880
Creation and modification date: 2013-09-06 15:14 - 2009-07-22 11:04
Size: 0024576
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\SetStretch.vbs ========================

File not signed
MD5: E1E37E7138B0593E29B2F92A453749CB
Creation and modification date: 2013-09-06 15:14 - 2012-09-07 12:37
Size: 0000103
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-2351793952-2836851555-3571603524-1002\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Polmnji\Downloads\mbam-setup-2.2.0.1024.exe => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Polmnji\Desktop\adwcleaner_5.015.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Polmnji\Desktop\RSITx64.exe => moved successfully
C:\Users\Polmnji\Downloads\RSITx64 (1).exe => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.3 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:33:13 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#12 Příspěvek od altrok »

Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
polmnji
Návštěvník
Návštěvník
Příspěvky: 138
Registrován: 26 říj 2008 13:22

Re: Prosím o kontrolu

#13 Příspěvek od polmnji »

Opět děkuji za pomoc :idea:
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Prosím o kontrolu

#14 Příspěvek od altrok »

Nemate zac, rad jsem pomohl :worship:


Mejte se krasne a treba zase nekdy :bye:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“