Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Prosím o kontrolu logu

#1 Příspěvek od Deaper21 »

Dobrý den, poslední dobou mi všechny programy hrozně pomalu najíždějía celkově je pc pomalý (hw to není :D) , prosím o kontrolu logu......btw teď se dívám že v logu je unknown windows...přitom mám win 8.1 nevíte čím by to mohlo být?
Zde log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2015-12-01 17:18:30
Microsoft Windows 8.1 Pro
System drive C: has 441 GB (46%) free of 954 GB
Total RAM: 8068 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:34, on 1. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\muachost.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files\trend micro\Adam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 9846 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {d3fcd813-e011-4b8c-a49810c8d329ef8a}
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000678
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bc89c92b-e464-4df4-9ad6-bd46b5a4c0a8 -SystemEventPortName:HostProcess-9bdf69e8-aa15-4f33-a481-7cdf041bd79d -IoCancelEventPortName:HostProcess-e3c4d136-43ae-4fa9-b0c4-c5d21f655540 -NonStateChangingEventPortName:HostProcess-7639e1b4-9662-4a76-8562-315ac68828a4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:307f4dca-47d0-4b5d-9dcf-7217704ede54 -DeviceGroupId:WpdFsGroup
taskhostex.exe
C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
ClassicStartMenu.exe -startup
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --profile-directory=Default
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="3840.0.953441337\1282246484" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.1.556070291\2072450388" --font-cache-shared-handle=1944 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.2.195457098\793655647" --font-cache-shared-handle=2204 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.3.1964288082\628795631" --font-cache-shared-handle=2408 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.4.1343546526\866242587" --font-cache-shared-handle=2520 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.5.193817733\2110383948" --font-cache-shared-handle=2640 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.6.283302668\116273497" --font-cache-shared-handle=2752 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.7.1459876941\2109151319" --font-cache-shared-handle=2776 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.8.1576352021\1628151683" --font-cache-shared-handle=2664 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.9.976383435\1177807289" --font-cache-shared-handle=3640 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=ppapi --channel="3840.10.736843402\1773351927" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.12.177937029\1936296735" --font-cache-shared-handle=6780 /prefetch:673131151
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.15.113545226\527239878" --font-cache-shared-handle=8416 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.16.1235086960\76839060" --font-cache-shared-handle=6460 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.17.727648978\925788673" --font-cache-shared-handle=8172 /prefetch:673131151
"C:\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-04-09 163520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258"=C:\Program Files (x86)\Comodo\Dragon\dragon.exe [2015-11-20 704184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-12-01 803200]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-10-07 11324368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe

C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-26 22:09:48 ----D---- C:\Program Files (x86)\Comodo
2015-11-14 19:29:14 ----SHD---- C:\ProgramData\DSS
2015-11-14 19:17:10 ----D---- C:\Program Files (x86)\Codemasters
2015-11-14 17:57:20 ----HD---- C:\$SysReset
2015-11-14 17:39:56 ----D---- C:\rsit
2015-11-12 19:38:02 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winload.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-11-12 19:37:55 ----A---- C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2015-11-12 19:37:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-12 19:37:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37:47 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37:21 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2015-11-10 15:15:33 ----D---- C:\ProgramData\SecTaskMan
2015-11-10 15:15:31 ----D---- C:\Program Files (x86)\Security Task Manager
2015-11-02 22:31:02 ----A---- C:\WINDOWS\SYSWOW64\muachost.exe
2015-11-02 21:55:18 ----D---- C:\WINDOWS\SYSWOW64\LiveUpdate

======List of files/folders modified in the last 1 month======

2015-12-01 17:18:32 ----D---- C:\Program Files\trend micro
2015-12-01 17:17:17 ----D---- C:\WINDOWS\Temp
2015-12-01 17:17:13 ----D---- C:\Downloads
2015-12-01 17:02:02 ----D---- C:\WINDOWS\system32\sru
2015-12-01 17:01:40 ----RD---- C:\WINDOWS\System32
2015-12-01 17:01:40 ----D---- C:\WINDOWS\Inf
2015-12-01 17:01:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-01 16:51:13 ----D---- C:\WINDOWS
2015-12-01 16:49:38 ----D---- C:\WINDOWS\system32\drivers
2015-11-30 18:16:56 ----D---- C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40:00 ----D---- C:\WINDOWS\Minidump
2015-11-29 18:45:21 ----SHD---- C:\System Volume Information
2015-11-28 14:00:48 ----D---- C:\Users\Adam\AppData\Roaming\vlc
2015-11-27 19:41:40 ----D---- C:\WINDOWS\system32\NDF
2015-11-26 22:31:11 ----D---- C:\WINDOWS\AppReadiness
2015-11-26 22:30:57 ----HD---- C:\Program Files\WindowsApps
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\AIMP3
2015-11-26 22:26:49 ----D---- C:\Program Files (x86)\Steam
2015-11-26 22:25:24 ----D---- C:\WINDOWS\Logs
2015-11-26 22:25:09 ----D---- C:\WINDOWS\system32\Tasks
2015-11-26 22:09:48 ----RD---- C:\Program Files (x86)
2015-11-22 11:15:55 ----SHD---- C:\WINDOWS\Installer
2015-11-22 11:15:12 ----RSD---- C:\WINDOWS\assembly
2015-11-22 10:35:29 ----D---- C:\Hry
2015-11-20 16:55:41 ----D---- C:\Program Files (x86)\Common Files
2015-11-20 16:55:36 ----D---- C:\ProgramData\Skype
2015-11-20 16:54:08 ----D---- C:\Users\Adam\AppData\Roaming\Skype
2015-11-20 16:00:20 ----D---- C:\WINDOWS\system32\config
2015-11-19 18:40:00 ----D---- C:\Soubory
2015-11-15 14:27:39 ----D---- C:\WINDOWS\SysWOW64
2015-11-15 14:08:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-11-15 10:40:26 ----D---- C:\WINDOWS\Tasks
2015-11-14 19:29:14 ----HD---- C:\ProgramData
2015-11-14 19:29:13 ----D---- C:\ProgramData\Codemasters
2015-11-14 17:52:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48:52 ----D---- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06:33 ----D---- C:\Program Files (x86)\Popcorn Time
2015-11-13 19:51:42 ----D---- C:\WINDOWS\debug
2015-11-13 17:02:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-11-13 16:14:57 ----D---- C:\WINDOWS\WinSxS
2015-11-13 16:14:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-11-12 22:42:44 ----RD---- C:\WINDOWS\ToastData
2015-11-12 22:42:43 ----D---- C:\WINDOWS\apppatch
2015-11-12 22:42:37 ----D---- C:\WINDOWS\CbsTemp
2015-11-12 22:36:45 ----D---- C:\WINDOWS\system32\MRT
2015-11-12 22:36:44 ----A---- C:\WINDOWS\system32\MRT.exe
2015-11-12 19:36:58 ----D---- C:\WINDOWS\system32\catroot2
2015-11-08 16:56:19 ----D---- C:\Users\Adam\AppData\Roaming\Install.GS
2015-11-04 17:52:18 ----D---- C:\WINDOWS\system32\FxsTmp
2015-11-03 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-11-02 23:39:15 ----D---- C:\MSI
2015-11-02 22:31:00 ----D---- C:\Program Files (x86)\MSI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-12-01 146696]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-12-01 35488]
R1 JSWPSLWF;@oem2.inf,%AthSec_Desc%;JumpStart Wireless Filter Driver; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [2013-06-28 26624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-12-01 135880]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2015-12-01 73032]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-17 28912]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-16 21622272]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-16 665088]
R3 athur;@oem1.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem39.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 dtlitescsibus;@oem7.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-06-13 30264]
R3 ICCWDT;@oem17.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem11.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 GPU-Z;GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys []
S3 HTCAND64;@oem37.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 HtcVCom32;@oem39.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 pneteth;@oem35.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-05-27 13536]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2015-02-26 350160]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-16 246784]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-12-01 948392]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-12-01 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-12-01 466408]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-12-01 1418560]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2015-11-20 2056376]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2015-10-16 34984]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-09 355232]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-10-07 1779664]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-06-26 28328]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-10-19 339968]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [2013-06-28 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#2 Příspěvek od Márty84 »

Zdravim :)
Deaper21 píše:teď se dívám že v logu je unknown windows...přitom mám win 8.1 nevíte čím by to mohlo být?
Je to jen v casti HJT. HJT je starsiho data, nezna 8.1. V hlavicce RSIT je Microsoft Windows 8.1 Pro. Takze nic neobvykleho :-)


:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#3 Příspěvek od Deaper21 »

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 Professional [6.2 Build 9200] (x64)
Date : 2015/12/02 20:21:58

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- ST1000DM003-1ER162
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1ER162 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1ER162
----------------------------------------------------------------------------
Model : ST1000DM003-1ER162
Firmware : CC43
Serial Number : S4Y09S4V
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ---- [001Fh]
Transfer Mode : SATA/600
Power On Hours : 3519 hod.
Power On Count : 887 krát
Host Reads : 276695 GB
Host Writes : 10842 GB
Temparature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 120 _99 __6 00000001A110 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000397 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _80 _60 _30 000006EFD06B Počet chybných hledání
09 _96 _96 __0 000000000DBF Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000377 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _76 _64 _45 0000190D0018 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000009 Počet vypnutí disku
C1 _97 _97 __0 00000000182F Počet cyklů načítání/vymazání
C2 _24 _40 __0 000B00000018 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 BFAB00000DB6 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00054B5480A1 Total LBAs Written
F2 100 253 __0 00871AFE375E Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5334 5334 5930 3953 3456
020: 0000 0000 0004 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4001 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 5110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0080
070: 0000 0000 0000 0000 0000 850E 850E 0006 00CC 0040
080: 03F0 001F 346B 7D69 4163 BC49 BC49 4163 207F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 C500
110: 750F 2428 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 05FF 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 1085 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BDA5
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#4 Příspěvek od Deaper21 »

Zde je log adwcleaneru. Chtěl jsem se ještě zeptat, asi před rokem(a půl- nevím) když jsem instaloval win8, a pak byl ten přechod na win8.1, tak ve windowsďáckém appstoru mi nešla nainstalovat zmíněná aktualizace na 8.1, vždy se aktualizace rozjela a pak to vyhodilo chybu....už si přesně nepamatuju jak sem to aktualizoval,myslím že přes windows update...No a prostě na stránkách microsoftu(ve spod stránky taková otravná lišta) mě to furt nutilo nainstalovat si 8.1, přitom myslím že ji mám! :?: a v system info viz obr (http://s2.postimg.org/xu4bxoscp/win8.jpg ) mi to pise ze mam 8.1 Pro..sem z toho jelen... tak jen kdyby jste o tom něco věděli.. byl bych rád :D

# AdwCleaner v5.023 - Logfile created 02/12/2015 at 20:27:50
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Adam - ADAMPC
# Running from : C:\Users\Adam\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\SecTaskMan

***** [ Files ] *****

[-] File Deleted : C:\Users\Adam\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_oadboiipflhobonjjffjbfekfjcgkhco_0.localstorage

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

***** [ Web browsers ] *****

[-] [C:\Users\Adam\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : trovi.search

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1389 bytes] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#5 Příspěvek od Márty84 »

Podle logu mate 8.1
Pokud vam tam neco vyskakovalo, je to otazka na technickou podporu microsoftu. Je to jejich produkt, otravovalo to na jejich strankach... Meli by nejlepe vedet co a proc to bylo. PC procistime a pak se uvidi :-)



:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#6 Příspěvek od Deaper21 »

Omlouvám se, teď jsem neměl nějakou dobu čas, tak jsem neodpovídal...už předtím po vaší poslední odpovědi jsem udělal scan podle návodu v popisku, bohužel jsem ho ale neuložil...ty další scany už byly bez hrozeb..tak jsem šel do historie a našel 2 scany ve kterých nějaká ta havět byla.....tady je: (jo a to datum taky nechápu :)
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15. 4. 2015
Čas skenování: 23:21
Protokol: log1.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.15.08
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 377472
Uplynulý čas: 11 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HD01-V2.1V23.09, Do karantény, [b82ce389078363d31b097d6013f03bc5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3780011587-910230506-1870383065-1001\SOFTWARE\APPDATALOW\SOFTWARE\HD01-V2.1V23.09, Do karantény, [4c98db91187291a556d0964704ffc838],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 4
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy\84953B30998E4F679F80F8B4DFCF3C5A, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],

Soubory: 13
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe, Do karantény, [3ba97def06842610fa13052513f3d62a],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD01-V2.1V23.09\utils.exe, Do karantény, [cd171755cac0191d9a90a9a57c8406fa],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy\84953B30998E4F679F80F8B4DFCF3C5A\pcmechanicpmROW_p1v1.exe, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\1293297481.mxaddon, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\70188f13-0368-49cd-863c-7df07c101395.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\70188f13-0368-49cd-863c-7df07c101395.xpi, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\7902f5f4-3f5e-46a4-a58b-dfcaad26c2cb.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\f55ebdf7-e478-47dd-829c-fd3a8c602e39.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\Interop.IWshRuntimeLibrary.dll, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\Newtonsoft.Json.dll, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)



Druhý scan :
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 9. 2015
Čas skenování: 22:39
Protokol: zaznam1.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.24.04
Databáze rootkitů: v2015.09.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 406685
Uplynulý čas: 13 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Do karantény, [8133240f88031e18d882a211a460728e],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 11
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\actions, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],

Soubory: 84
PUP.Optional.AdOffer, C:\Users\Adam\AppData\Local\Temp\bitool.dll, Do karantény, [7341db585932f73fb91be6b4df23fc04],
PUP.Optional.Somoto, C:\Users\Adam\AppData\Local\Temp\nsl552F.tmp, Do karantény, [6a4a73c08a0172c4996d9d1128dd857b],
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001\status.cfg, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001\Updater.xml, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\21c3af86c7ee2db43641d71218caf983.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\f3d0436e19a99d5d98878cb512099ef3.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\main.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\7da141b25ed6493359d21acb08d12e2f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\7e6234bc2ed9ab52295effed369f634d.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\a7048849cda92e007e5e83ede09e0516.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\ca65e3b063503d58235eed6f5aefbeae.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\e3a929adc18c7f5bb1c31026765e2a66.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\pageAction.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\04a3792eb8a0825738e7051f6a95d540.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\1b726b8b61d4c7f5711a4c83a1a072ea.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\2e980a1057c8170dc746ad1b08a64297.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\4804bfd8c20b075acd880748c8fc929f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\4d924503818c3833dbce7149864f9e02.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\62391615977e4b9885b663eb121f87fd.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\6b7ba8285dca69f84b68e979671b669f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\70ea95ef59f4084ece730c66fb08ed4c.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\8f9bb969ca303199adb115a3a065d4be.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\aa71afe8fc4ca7e6d2a0bafd4a35d388.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\afe1386a7db56d31850cbe4754fed437.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\app_api.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\d23a73f908fac05450dd14aa05fc9163.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\e5e1f93aeaf781e96cac36c141ea629f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\e8318c1409e62b7e7ec05f2be76f982a.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\installer.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource\newPopup.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource\popup.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\background.html, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\chromeCoreFilesIndex.txt, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\manifest.json, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\popup.html, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\Settings.json, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\manifest.xml, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\102.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\104.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\119.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\123.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\13.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\14.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\17.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\178.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\179.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\180.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\184.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\19.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\195.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\220.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\221.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\223.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\231.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\232.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\242.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\246.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\262.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\263.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\267.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\273.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\275.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\281.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\286.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\288.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\289.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\291.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\300.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\4.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\47.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\64.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\7.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\78.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\80.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\9.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\91.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\93.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\97.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode\background.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode\extension.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon128.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon16.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon48.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\actions\1.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#7 Příspěvek od Márty84 »

To jsou stare vysledky a navic jen ze Skenu hrozeb. Ten neprohlizi cely pocitac. Ted jste delal ten Vlastni sken, jak se pise v navodu? A ten je ted cisty?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#8 Příspěvek od Deaper21 »

ano
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#9 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#10 Příspěvek od Deaper21 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2015-12-09 18:16:57
Microsoft Windows 8.1 Pro
System drive C: has 441 GB (46%) free of 954 GB
Total RAM: 8068 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:17:06, on 9. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\muachost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\PROGRA~2\AIMP3\AIMP3.exe
C:\Program Files\trend micro\Adam.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User '?')
O4 - S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ? (User '?')
O4 - S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ? (User '?')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 11875 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
dashost.exe {9c67ee97-8fdf-48d1-9785e508bf5f794a}
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000648
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
taskhostex.exe
C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
C:\Windows\System32\skydrive.exe -Embedding
igfxEM.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --profile-directory=Default
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="2024.0.1674039533\444458342" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.1.159493809\31757547" --font-cache-shared-handle=1988 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.2.696782034\17599426" --font-cache-shared-handle=2208 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.3.2026863890\388613922" --font-cache-shared-handle=2220 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.4.1638132584\1306245530" --font-cache-shared-handle=2416 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.5.1628361613\1963882165" --font-cache-shared-handle=2428 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.6.926791738\695515642" --font-cache-shared-handle=2528 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.7.1186678175\1329627170" --font-cache-shared-handle=2620 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.9.1565164670\538298982" --font-cache-shared-handle=3484 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.10.2115097889\92857297" --font-cache-shared-handle=4308 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.11.925633608\948204590" --font-cache-shared-handle=4580 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.13.956657203\1174329163" --font-cache-shared-handle=3244 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.14.750889361\498356035" --font-cache-shared-handle=8648 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=ppapi --channel="2024.18.444539470\2097338134" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.24.82283652\776364154" --font-cache-shared-handle=4052 /prefetch:673131151
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11355b2d-8d93-44a6-8c97-14d9d4c7cf0e -SystemEventPortName:HostProcess-ec6f3cd6-14f3-4047-8692-b3bafe6fc969 -IoCancelEventPortName:HostProcess-5c8052c0-45a4-4f23-ace8-219e28dd23f0 -NonStateChangingEventPortName:HostProcess-6af8f980-2fc8-4217-baa0-5b398a69cf1c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cf6385cb-86c0-471b-9d64-fddc5775668e -DeviceGroupId:WpdFsGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe60_ Global\UsGthrCtrlFltPipeMssGthrPipe60 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 652 660 65536 656
"C:\Users\Adam\Desktop\RSITx64.exe"
C:\PROGRA~2\AIMP3\AIMP3.exe -Embedding
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.32.1294770448\1698257577" --font-cache-shared-handle=6868 /prefetch:673131151

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-04-09 163520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258"=C:\Program Files (x86)\Comodo\Dragon\dragon.exe [2015-11-20 704184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-12-01 803200]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-10-07 11324368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe

C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-02 22:27:24 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-12-02 22:27:15 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-12-02 20:26:00 ----D---- C:\AdwCleaner
2015-11-26 22:09:48 ----D---- C:\Program Files (x86)\Comodo
2015-11-14 19:29:14 ----SHD---- C:\ProgramData\DSS
2015-11-14 19:17:10 ----D---- C:\Program Files (x86)\Codemasters
2015-11-14 17:57:20 ----HD---- C:\$SysReset
2015-11-14 17:39:56 ----D---- C:\rsit
2015-11-12 19:38:02 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winload.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-11-12 19:37:55 ----A---- C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2015-11-12 19:37:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-12 19:37:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37:47 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37:21 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2015-11-10 15:15:31 ----D---- C:\Program Files (x86)\Security Task Manager

======List of files/folders modified in the last 1 month======

2015-12-09 18:17:01 ----D---- C:\Program Files\trend micro
2015-12-09 18:16:42 ----D---- C:\WINDOWS\Temp
2015-12-09 18:16:42 ----D---- C:\Downloads
2015-12-09 18:00:00 ----D---- C:\WINDOWS\system32\sru
2015-12-09 17:21:47 ----D---- C:\WINDOWS\system32\config
2015-12-09 16:51:03 ----D---- C:\WINDOWS\Inf
2015-12-08 20:37:14 ----D---- C:\Users\Adam\AppData\Roaming\AIMP3
2015-12-08 19:12:26 ----D---- C:\WINDOWS\WinSxS
2015-12-08 19:12:24 ----D---- C:\WINDOWS\CbsTemp
2015-12-08 19:11:51 ----D---- C:\WINDOWS\system32\catroot2
2015-12-07 19:28:44 ----RD---- C:\WINDOWS\System32
2015-12-07 19:28:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-06 21:27:49 ----D---- C:\Users\Adam\AppData\Roaming\vlc
2015-12-06 20:00:26 ----D---- C:\WINDOWS
2015-12-06 20:00:23 ----D---- C:\WINDOWS\system32\drivers
2015-12-06 18:43:18 ----SHD---- C:\System Volume Information
2015-12-06 13:54:50 ----D---- C:\Program Files (x86)\Steam
2015-12-06 11:12:50 ----D---- C:\WINDOWS\system32\NDF
2015-12-03 21:33:34 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-03 01:14:39 ----AD---- C:\WINDOWS\VDLL.DLL
2015-12-02 22:27:15 ----RD---- C:\Program Files (x86)
2015-12-02 22:26:55 ----D---- C:\WINDOWS\debug
2015-12-02 20:27:51 ----HD---- C:\ProgramData
2015-11-30 18:16:56 ----D---- C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40:00 ----D---- C:\WINDOWS\Minidump
2015-11-26 22:31:11 ----D---- C:\WINDOWS\AppReadiness
2015-11-26 22:30:57 ----HD---- C:\Program Files\WindowsApps
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:25:24 ----D---- C:\WINDOWS\Logs
2015-11-26 22:25:09 ----D---- C:\WINDOWS\system32\Tasks
2015-11-22 11:15:55 ----SHD---- C:\WINDOWS\Installer
2015-11-22 11:15:12 ----RSD---- C:\WINDOWS\assembly
2015-11-22 10:35:29 ----D---- C:\Hry
2015-11-20 16:55:42 ----D---- C:\ProgramData\Skype
2015-11-20 16:55:41 ----D---- C:\Program Files (x86)\Common Files
2015-11-20 16:54:08 ----D---- C:\Users\Adam\AppData\Roaming\Skype
2015-11-19 18:40:00 ----D---- C:\Soubory
2015-11-15 14:27:39 ----D---- C:\WINDOWS\SysWOW64
2015-11-15 10:40:26 ----D---- C:\WINDOWS\Tasks
2015-11-14 19:29:13 ----D---- C:\ProgramData\Codemasters
2015-11-14 17:52:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48:52 ----D---- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06:33 ----D---- C:\Program Files (x86)\Popcorn Time
2015-11-13 17:02:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-11-13 16:14:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-11-12 22:42:44 ----RD---- C:\WINDOWS\ToastData
2015-11-12 22:42:43 ----D---- C:\WINDOWS\apppatch
2015-11-12 22:36:45 ----D---- C:\WINDOWS\system32\MRT
2015-11-12 22:36:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-12-01 146696]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-12-01 35488]
R1 JSWPSLWF;@oem2.inf,%AthSec_Desc%;JumpStart Wireless Filter Driver; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [2013-06-28 26624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-12-01 135880]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2015-12-01 73032]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-17 28912]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-16 21622272]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-16 665088]
R3 athur;@oem1.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem39.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 dtlitescsibus;@oem7.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-06-13 30264]
R3 ICCWDT;@oem17.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-12-08 192216]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem11.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 GPU-Z;GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys []
S3 HTCAND64;@oem37.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 HtcVCom32;@oem39.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 pneteth;@oem35.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-05-27 13536]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2015-02-26 350160]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-16 246784]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-12-01 948392]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-12-01 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-12-01 466408]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-12-01 1418560]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2015-11-20 2056376]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2015-10-16 34984]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-09 355232]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-10-07 1779664]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-06-26 28328]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-10-19 339968]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [2013-06-28 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]

-----------------EOF-----------------
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#11 Příspěvek od Deaper21 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Adam (administrator) on ADAMPC (09-12-2015 18:59:57)
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & (Available Profiles: Adam)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(MSI) C:\WINDOWS\SysWOW64\muachost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(forum.viry.cz) C:\Users\Adam\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11324368 2015-10-07] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk [2015-06-30]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2014-09-30]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{536A47DD-6297-4676-A033-8066A3DA050D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 4
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: FireGestures - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\extensions\firegestures@xuldev.org.xpi [2015-03-28] [not signed]
FF Extension: Avira Browser Safety - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\Extensions\abs@avira.com [2015-04-13] [not signed]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-13] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (HD01-V2.1V23.09) - C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2015-09-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2056376 2015-11-20] (Comodo)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-10-16] (Micro-Star Int'l Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [954368 2013-06-28] (Wireless) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1779664 2015-10-07] (Micro-Star INT'L CO., LTD.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [28328 2014-06-26] (Micro-Star International)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-13] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-08] (Malwarebytes)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 18:59 - 2015-12-09 19:00 - 00020030 _____ C:\Users\Adam\Desktop\FRST.txt
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 ____D C:\FRST
2015-12-09 18:38 - 2015-12-09 18:57 - 00112640 _____ (forum.viry.cz) C:\Users\Adam\Desktop\FRSTLauncher.exe
2015-12-09 18:27 - 2015-12-09 18:27 - 02369024 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2015-12-08 22:48 - 2015-12-08 22:48 - 00003725 _____ C:\Users\Adam\Desktop\kucfk.txt
2015-12-07 16:49 - 2015-12-07 16:49 - 00021420 _____ C:\Users\Adam\Desktop\zaznam1.txt
2015-12-02 22:27 - 2015-12-08 22:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 22:27 - 2015-12-02 22:27 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 22:27 - 2015-12-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 22:27 - 2015-12-02 22:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 22:27 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-02 22:27 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-02 22:27 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-02 20:26 - 2015-12-02 20:50 - 00000000 ____D C:\AdwCleaner
2015-12-02 20:25 - 2015-12-02 20:25 - 01736704 _____ C:\Users\Adam\Desktop\adwcleaner_5.023.exe
2015-11-30 21:58 - 2015-12-07 21:25 - 02691370 _____ C:\Users\Adam\Desktop\types.of.pavements.pptx
2015-11-26 22:27 - 2015-11-26 22:27 - 00481766 _____ C:\Users\Adam\Desktop\cc_20151126_222736.reg
2015-11-26 22:25 - 2015-11-26 22:25 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-26 22:09 - 2015-11-26 22:09 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-11-25 22:40 - 2015-12-07 20:17 - 22154448 _____ C:\Users\Adam\Desktop\kavarna.pln
2015-11-22 11:14 - 2015-11-22 11:14 - 00000813 _____ C:\Users\Public\Desktop\Assassins Creed - Unity.lnk
2015-11-17 14:05 - 2015-12-03 02:15 - 00000000 ____D C:\Users\Adam\Desktop\knihy
2015-11-14 19:53 - 2015-11-14 19:53 - 00000000 ____D C:\Users\Adam\AppData\Local\Introversion
2015-11-14 19:40 - 2015-11-14 19:40 - 00001587 _____ C:\Users\Adam\Desktop\dirt3 – zástupce.lnk
2015-11-14 19:29 - 2015-11-14 19:29 - 00000000 __SHD C:\ProgramData\DSS
2015-11-14 19:17 - 2015-11-14 19:17 - 00000000 ____D C:\Program Files (x86)\Codemasters
2015-11-14 17:57 - 2015-11-14 18:36 - 00000000 ___HD C:\$SysReset
2015-11-14 17:39 - 2015-11-14 17:40 - 00000000 ____D C:\rsit
2015-11-14 17:39 - 2015-11-14 17:39 - 01222144 _____ C:\Users\Adam\Desktop\RSITx64.exe
2015-11-14 17:02 - 2015-11-14 17:02 - 00003128 _____ C:\WINDOWS\System32\Tasks\{B73ABE4A-87EB-41DA-990A-79366BA034B1}
2015-11-12 19:38 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-12 19:38 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-12 19:38 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-12 19:38 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-12 19:38 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-12 19:38 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-12 19:38 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-12 19:38 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-12 19:38 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-12 19:38 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-12 19:38 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-12 19:38 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-12 19:38 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-12 19:38 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-12 19:38 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-12 19:37 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-12 19:37 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-12 19:37 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-12 19:37 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-12 19:37 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-12 19:37 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-12 19:37 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-12 19:37 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-12 19:37 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-12 19:37 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-12 19:37 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-12 19:37 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-12 19:37 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-12 19:37 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-12 19:37 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-12 19:37 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-10 15:15 - 2015-11-10 15:15 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00001147 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00000000 ____D C:\Program Files (x86)\Security Task Manager

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 18:59 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS
2015-12-09 18:54 - 2015-06-28 15:56 - 00000000 ____D C:\Users\Adam\AppData\Local\ClassicShell
2015-12-09 18:54 - 2014-08-31 12:35 - 00000000 ____D C:\Users\Adam\AppData\Local\CrashDumps
2015-12-09 18:40 - 2015-07-03 12:30 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 18:40 - 2015-07-03 12:30 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 18:19 - 2014-08-31 07:15 - 00000000 ____D C:\Users\Adam\AppData\Roaming\AIMP3
2015-12-09 18:17 - 2014-09-29 21:31 - 00000000 ____D C:\Program Files\trend micro
2015-12-09 16:51 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-08 19:12 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-07 20:17 - 2014-09-08 21:52 - 00000341 _____ C:\Users\Adam\Documents\BIMx_Export_Log.txt
2015-12-07 20:17 - 2014-09-08 21:52 - 00000000 ____D C:\Users\Adam\Graphisoft
2015-12-07 19:34 - 2015-09-08 17:45 - 00000000 ____D C:\Users\Adam\Desktop\Výkresy čtvrťák
2015-12-07 19:28 - 2014-03-18 16:33 - 01610258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-07 19:28 - 2014-03-18 15:54 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-07 19:28 - 2014-03-18 15:54 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-07 19:26 - 2014-09-08 21:52 - 00000000 ____D C:\Users\Adam\Documents\BIMx
2015-12-06 21:27 - 2014-09-27 11:14 - 00000000 ____D C:\Users\Adam\AppData\Roaming\vlc
2015-12-06 20:54 - 2014-08-31 09:06 - 00000000 ___DO C:\Users\Adam\OneDrive
2015-12-06 20:53 - 2014-08-31 06:00 - 00000000 __SHD C:\Users\Adam\IntelGraphicsProfiles
2015-12-06 20:01 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-06 20:00 - 2015-02-26 00:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2015-12-06 13:54 - 2014-09-23 15:54 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-06 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-06 09:55 - 2015-07-20 22:56 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-05 22:07 - 2015-03-29 17:15 - 00000000 ____D C:\Users\Adam\Documents\Euro Truck Simulator 2
2015-12-05 13:42 - 2014-08-31 04:34 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3780011587-910230506-1870383065-1001
2015-12-02 20:50 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 16:49 - 2014-09-30 17:54 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 16:49 - 2014-09-30 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-30 18:16 - 2014-08-31 11:38 - 00000000 ____D C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40 - 2014-09-02 13:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-29 23:17 - 2014-08-31 08:53 - 00000000 ____D C:\Users\Adam
2015-11-26 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-26 22:30 - 2014-08-31 04:28 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
2015-11-26 22:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-26 22:26 - 2014-08-31 15:51 - 00000000 ____D C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:25 - 2014-09-26 20:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 22:25 - 2014-09-26 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-22 22:54 - 2014-10-08 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2015-11-22 10:35 - 2014-08-31 07:21 - 00000000 ____D C:\Hry
2015-11-20 16:55 - 2014-08-31 09:53 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 16:54 - 2014-08-31 09:53 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Skype
2015-11-19 21:59 - 2015-10-25 13:37 - 00000000 ____D C:\Users\Adam\Downloads\PopcornTime
2015-11-19 18:40 - 2014-10-13 14:57 - 00000000 ____D C:\Soubory
2015-11-15 14:27 - 2015-11-02 22:31 - 00001093 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2015-11-15 14:27 - 2014-08-31 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-11-15 10:40 - 2015-07-20 22:56 - 00003780 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-14 19:29 - 2014-08-31 11:04 - 00000000 ____D C:\Users\Adam\Documents\My Games
2015-11-14 19:29 - 2014-08-31 11:04 - 00000000 ____D C:\ProgramData\Codemasters
2015-11-14 17:52 - 2014-08-31 04:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48 - 2014-08-31 07:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06 - 2015-10-25 13:36 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-11-13 16:13 - 2013-08-22 15:44 - 00514280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-12 22:42 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-12 22:36 - 2014-08-31 05:34 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 22:36 - 2014-08-31 05:34 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2013-02-26 07:28 - 2013-02-26 07:28 - 0027762 _____ () C:\Program Files\changes.txt
2013-02-26 07:56 - 2013-02-26 07:56 - 2391736 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-02-26 07:56 - 2013-02-26 07:56 - 0068792 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 0186552 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2013-02-26 07:54 - 2013-02-26 07:54 - 0139776 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2014-08-31 12:52 - 2014-09-13 12:04 - 0000190 _____ () C:\Program Files\FRAPSLOG.TXT
2013-02-26 07:27 - 2013-02-26 07:27 - 0001894 _____ () C:\Program Files\README.HTM
2015-05-23 17:04 - 2015-05-23 17:04 - 0036079 _____ (Beepa Pty Ltd) C:\Program Files\uninstall.exe
2014-08-31 07:44 - 2015-10-20 20:16 - 0007604 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg
2014-09-13 21:24 - 2014-09-13 21:24 - 0881524 _____ () C:\ProgramData\1410638772.bdinstall.bin
2014-09-30 17:37 - 2014-09-30 17:37 - 0258214 _____ () C:\ProgramData\1412094973.bdinstall.bin
2014-09-11 20:06 - 2014-09-11 20:06 - 0000057 _____ () C:\ProgramData\Ament.ini

Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Adam\Desktop" je 1669 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#12 Příspěvek od Deaper21 »

zde ještě addition.txt
Přílohy
Addition.7z
(5.43 KiB) Staženo 45 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#13 Příspěvek od Márty84 »

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Adam\Desktop" je 1669 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)




:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#14 Příspěvek od Deaper21 »

jej, tak te plochy sem si nevsim :D bylo to jedno zapomenute video, jinak samozrejme odkazy delam vzdy, nejsem debil :D
Nahoru
Deaper21
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 29 zář 2014 21:59

Re: Prosím o kontrolu logu

#15 Příspěvek od Deaper21 »

Fix result of Farbar Recovery Scan Tool (x64) Version:09-12-2015
Ran by Adam (2015-12-10 20:24:17) Run:1
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & (Available Profiles: Adam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
AdobeARMservice => service removed successfully
trufos => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40525C58-79C2-47A1-9AA2-F1D7FC4F0691}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40525C58-79C2-47A1-9AA2-F1D7FC4F0691}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 771.9 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:24:36 ====
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“