Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Maots
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 říj 2015 21:01

Preventivní kontrola

#1 Příspěvek od Maots »

Dobrý večer, chtěl bych vás poprosit o kontrolu logu z RSIT. Děkuji
log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by plsek at 2016-06-11 20:53:24
Microsoft Windows 10 Home
System drive C: has 32 GB (27%) free of 119 GB
Total RAM: 8090 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:29, on 11.06.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\trend micro\plsek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\plsek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Steam] "D:\Programy\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [f.lux] "C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: Xerox MFP PC Fax.lnk = C:\Windows\System32\spool\drivers\x64\3\XrxFaxTray64.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem6.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PAExec - Power Admin LLC - C:\WINDOWS\PAExec.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\WINDOWS\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - E:\Programy\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem13.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Xerox MFP Fax Server - Xerox Corporation. - C:\WINDOWS\system32\spool\drivers\x64\3\XrxFaxServer64.exe

--
End of file - 13094 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-798f5559-8f3a-4842-8a5a-1818af6f40c4 -SystemEventPortName:HostProcess-0a04e56d-226c-4fac-8230-aa48c8bf7084 -IoCancelEventPortName:HostProcess-8381528b-6c29-45a0-ae89-0f57e2f0a63f -NonStateChangingEventPortName:HostProcess-c54928e8-4820-40f1-8302-009d0abcf8e2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:90932aa9-374c-4d1b-a9b9-05daf237443f -DeviceGroupId:
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5a0ff8da-eb32-47c8-9f57-00a067488482 -SystemEventPortName:HostProcess-70af6bfb-9178-4b84-a62e-7336caf5d56b -IoCancelEventPortName:HostProcess-810a1a84-8e37-4bc4-8032-1d25773e9044 -NonStateChangingEventPortName:HostProcess-cd640cb0-2ccf-4429-ac62-0cf82d97bc80 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:68c0f375-ba8d-4505-a025-e0e9f9b7ca36 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
C:\WINDOWS\system32\valWbioSyncSvc.exe
"C:\WINDOWS\system32\spool\drivers\x64\3\XrxFaxServer64.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
system32\RAPID\SamsungRapidSvc.exe

dashost.exe {67090dfc-ec4b-412f-9d30deb2570f982a}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
sihost.exe
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Microsoft Office\root\Office16\msoia.exe" scan
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
igfxEM.exe
igfxHK.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"

C:\Windows\System32\InstallAgent.exe -Embedding
taskeng.exe {67B48DE3-56C5-4DCF-AC18-BC86551418D0}
/QuitInfo:0000000000000A0C;0000000000000BD8;
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
/loadhooks /Parent:0000000000000f98
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
"C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=51.0.2704.84 --handshake-handle=0x178
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Disabled/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="6212.0.1739561444\119825457" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4444 --mojo-platform-channel-handle=1180 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=B7A305C9C8A6C1BFF6403173E1AB4341 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="6212.2.1154450027\848217110" --mojo-platform-channel-handle=2600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=7ADBB4F947FB96466D59169F8BE7A36A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="6212.4.1726704489\1930925814" --mojo-platform-channel-handle=2708 /prefetch:1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files (x86)\EMET 5.5\EMET_Service.exe"
"C:\Program Files (x86)\EMET 5.5\EMET_Agent.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=70FF961F9C4F3193EA6781F097D98165 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="6212.18.1511282513\1719622186" --mojo-platform-channel-handle=2852 /prefetch:1
wmiadap.exe /F /T /R
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 8BF65F5D-75A8-C0CC-FF55-497AD5E37C07 -Reinvoke
"E:\Downloads\Setup\AV\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-05-26 213192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-26 2099496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-05-26 154824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-13 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26 1522992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-13 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-12-25 3952800]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SamsungRapidApp"=C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2015-09-04 281696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\plsek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-05-29 1554032]
"Spotify"=C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe [2016-05-29 6859888]
"Steam"=D:\Programy\Steam\steam.exe [2016-06-10 2917456]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-10-21 563416]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2015-06-16 18923008]
"f.lux"=C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-12-25 571928]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2015-07-31 1890664]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
Xerox MFP PC Fax.lnk - C:\Windows\System32\spool\drivers\x64\3\XrxFaxTray64.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41514542.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67307086.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\41514542.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\67307086.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PAexec]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-11 20:53:24 ----D---- C:\Program Files\trend micro
2016-06-11 20:53:23 ----D---- C:\rsit
2016-06-11 14:59:21 ----D---- C:\Program Files\Common Files\DESIGNER
2016-06-10 20:47:44 ----D---- C:\WINDOWS\system32\RAPID
2016-06-10 20:47:44 ----A---- C:\WINDOWS\system32\drivers\SamsungRapidDiskFltr.sys
2016-06-10 16:12:56 ----D---- C:\Program Files (x86)\Adobe
2016-06-09 21:57:15 ----AD---- C:\Program Files (x86)\Opera developer
2016-06-09 21:50:38 ----D---- C:\Users\plsek\AppData\Roaming\GHISLER
2016-06-09 21:50:38 ----D---- C:\totalcmd
2016-06-04 22:49:45 ----D---- C:\ProgramData\Trend Micro
2016-06-04 22:46:06 ----A---- C:\WINDOWS\system32\drivers\tmcomm.sys
2016-06-04 22:09:24 ----A---- C:\NetworkSettings.txt
2016-06-04 21:42:56 ----A---- C:\WINDOWS\system32\drivers\PSKMAD.sys
2016-06-04 21:42:55 ----A---- C:\WINDOWS\system32\drivers\DasPtct.SYS
2016-06-04 21:38:05 ----D---- C:\ProgramData\F-Secure
2016-06-04 18:37:06 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2016-06-04 18:36:27 ----D---- C:\ProgramData\RogueKiller
2016-06-04 17:56:15 ----A---- C:\TDSSKiller.3.1.0.9_04.06.2016_17.56.15_log.txt
2016-06-04 13:55:54 ----D---- C:\Program Files\Oracle
2016-05-30 15:43:50 ----A---- C:\WINDOWS\system32\XrxFaxPort64.dll
2016-05-30 15:43:49 ----A---- C:\WINDOWS\SYSWOW64\XrxFaxPort.dll
2016-05-30 15:43:32 ----D---- C:\Users\plsek\AppData\Roaming\Xerox
2016-05-30 15:43:32 ----D---- C:\Program Files\Common Files\Common Desktop Agent
2016-05-30 15:43:15 ----D---- C:\Program Files (x86)\Xerox
2016-05-29 19:48:35 ----D---- C:\Users\plsek\AppData\Roaming\WTablet
2016-05-29 19:48:34 ----A---- C:\WINDOWS\SYSWOW64\Pen_Touch_Tablet.dll
2016-05-29 19:48:34 ----A---- C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2016-05-29 19:48:28 ----D---- C:\Program Files (x86)\TabletPlugins
2016-05-29 19:48:26 ----A---- C:\WINDOWS\system32\drivers\wacmoumonitor.sys
2016-05-29 19:48:24 ----A---- C:\WINDOWS\system32\drivers\wacommousefilter.sys
2016-05-29 19:48:14 ----A---- C:\WINDOWS\system32\drivers\wacomvhid.sys
2016-05-29 19:48:13 ----A---- C:\WINDOWS\SYSWOW64\Wintab32.dll
2016-05-29 19:48:13 ----A---- C:\WINDOWS\SYSWOW64\WacomMT.dll
2016-05-29 19:48:13 ----A---- C:\WINDOWS\SYSWOW64\Pen_Tablet.dll
2016-05-29 19:48:13 ----A---- C:\WINDOWS\system32\Wintab32.dll
2016-05-29 19:48:13 ----A---- C:\WINDOWS\system32\WacomMT.dll
2016-05-29 19:48:13 ----A---- C:\WINDOWS\system32\Pen_Tablet.dll
2016-05-29 19:48:11 ----D---- C:\Program Files\Tablet
2016-05-28 14:59:29 ----D---- C:\Program Files (x86)\CZ.NIC
2016-05-28 14:23:50 ----D---- C:\AdwCleaner
2016-05-28 12:18:12 ----D---- C:\WINDOWS\LastGood.Tmp
2016-05-28 11:52:24 ----D---- C:\Program Files (x86)\Lenovo
2016-05-28 11:24:29 ----D---- C:\ProgramData\IntelDLM
2016-05-28 11:22:12 ----A---- C:\WINDOWS\system32\drivers\semav6msr64.sys
2016-05-28 11:22:11 ----D---- C:\ProgramData\Intel
2016-05-27 20:44:28 ----D---- C:\ProgramData\NVIDIA
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvshext.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvmctray.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nvcpl.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-27 20:44:20 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2016-05-27 20:44:07 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-05-27 20:44:07 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-05-27 20:44:00 ----D---- C:\ProgramData\NVIDIA Corporation
2016-05-27 20:43:53 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvopencl.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2016-05-27 20:43:06 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvinitx.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvdispgenco6436822.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvdispco6436822.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvcuda.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\nvapi64.dll
2016-05-27 20:43:05 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2016-05-27 20:42:29 ----D---- C:\Program Files\NVIDIA Corporation
2016-05-27 15:53:40 ----A---- C:\WINDOWS\SYSWOW64\igdumdim32.dll
2016-05-27 15:53:40 ----A---- C:\WINDOWS\system32\igdumdim64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\iglhsip32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\iglhcp32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\igfxcmrt32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\igfx11cmrt32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\igdusc32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\igd11dxva32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\SYSWOW64\igc32.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\iglhsip64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\iglhcp64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igfxexps.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igfxcmrt64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igfx11cmrt64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igdusc64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igd11dxva64.dll
2016-05-27 15:53:38 ----A---- C:\WINDOWS\system32\igc64.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\SYSWOW64\igdmd32.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\SYSWOW64\igdde32.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\SYSWOW64\igd12umd32.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\SYSWOW64\igd10iumd32.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\SYSWOW64\igd10idpp32.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\system32\igdmd64.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\system32\igdde64.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\system32\igd12umd64.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\system32\igd10iumd64.dll
2016-05-27 15:53:36 ----A---- C:\WINDOWS\system32\igd10idpp64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\IntelOpenCL32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\IntelCpHeciSvc.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\Intel_OpenCL_ICD32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\igfxexps32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\igfxcmjit32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\igdrcl32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\igdmcl32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\SYSWOW64\common_clang32.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\IntelOpenCL64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxTray.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxSDKLib.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxSDK.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxOSP.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxLHMLib.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxLHM.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxHK.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxext.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxEMLib.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxEM.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDTCM.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDILib.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDI.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDHLib.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxDH.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxCUIService.exe
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxCoIn_v4444.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igfxcmjit64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igdrcl64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\igdmcl64.dll
2016-05-27 15:50:54 ----A---- C:\WINDOWS\system32\common_clang64.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\SYSWOW64\igdfcl32.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\SYSWOW64\igdbcl32.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\SYSWOW64\igdail32.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\SYSWOW64\ig75icd32.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\igdfcl64.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\igdbcl64.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\igdail64.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\ig75icd64.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\Gfxv4_0.exe
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\Gfxv2_0.exe
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\GfxUIEx.exe
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\GfxResources.dll
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\drivers\igdkmd64.sys
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\DPTopologyApp.exe
2016-05-27 15:50:52 ----A---- C:\WINDOWS\system32\difx64.exe
2016-05-17 16:31:31 ----D---- C:\ProgramData\Canneverbe Limited
2016-05-15 18:20:21 ----D---- C:\Program Files (x86)\LG Electronics
2016-05-13 15:19:59 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2016-05-13 15:19:59 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2016-05-13 15:19:59 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2016-05-13 15:19:59 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2016-05-13 15:19:52 ----D---- C:\Program Files (x86)\VulkanRT
2016-05-13 14:51:05 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2016-06-11 20:53:24 ----RD---- C:\Program Files
2016-06-11 20:53:21 ----D---- C:\WINDOWS\Temp
2016-06-11 20:48:27 ----D---- C:\WINDOWS\System32
2016-06-11 20:48:27 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-11 20:48:20 ----D---- C:\ProgramData\Synaptics
2016-06-11 20:45:43 ----D---- C:\WINDOWS\system32\sru
2016-06-11 20:33:47 ----RSD---- C:\WINDOWS\assembly
2016-06-11 18:59:04 ----D---- C:\WINDOWS\INF
2016-06-11 18:59:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-11 16:29:06 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-11 15:00:20 ----SHDC---- C:\WINDOWS\Installer
2016-06-11 15:00:20 ----HD---- C:\Config.Msi
2016-06-11 15:00:12 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-06-11 14:59:21 ----D---- C:\Program Files\Common Files
2016-06-11 14:59:21 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-06-11 14:54:39 ----AD---- C:\Program Files\Microsoft Office
2016-06-10 22:50:59 ----D---- C:\ProgramData\Microsoft Help
2016-06-10 20:47:44 ----SHD---- C:\System Volume Information
2016-06-10 20:47:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-06-10 20:47:44 ----D---- C:\WINDOWS\system32\drivers
2016-06-10 20:47:29 ----D---- C:\Program Files (x86)\Samsung
2016-06-10 20:39:25 ----D---- C:\WINDOWS\system32\Tasks
2016-06-10 20:38:54 ----AD---- C:\WINDOWS\SysWOW64
2016-06-10 16:12:56 ----RD---- C:\Program Files (x86)
2016-06-10 16:04:21 ----D---- C:\ProgramData\PDF Architect 4
2016-06-10 16:03:52 ----D---- C:\Program Files (x86)\Common Files
2016-06-10 15:50:37 ----D---- C:\WINDOWS\system32\catroot2
2016-06-09 21:57:55 ----D---- C:\Users\plsek\AppData\Roaming\Opera Software
2016-06-07 22:23:03 ----D---- C:\WINDOWS\Minidump
2016-06-07 22:23:01 ----D---- C:\Windows
2016-06-05 12:46:11 ----D---- C:\Users\plsek\AppData\Roaming\Spotify
2016-06-04 22:49:45 ----HD---- C:\ProgramData
2016-06-04 22:28:14 ----D---- C:\Program Files\Lenovo
2016-06-04 22:14:38 ----A---- C:\WINDOWS\ntbtlog.txt
2016-06-04 22:11:31 ----D---- C:\WINDOWS\Tasks
2016-06-04 17:46:46 ----D---- C:\WINDOWS\system32\CatRoot
2016-06-04 15:40:32 ----D---- C:\Users\plsek\AppData\Roaming\uTorrent
2016-06-04 14:08:04 ----D---- C:\WINDOWS\system32\config
2016-06-04 13:56:02 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-30 16:26:22 ----D---- C:\WINDOWS\WinSxS
2016-05-30 16:03:00 ----D---- C:\Users\plsek\AppData\Roaming\Samsung
2016-05-30 15:43:30 ----D---- C:\ProgramData\Xerox
2016-05-30 15:43:25 ----D---- C:\WINDOWS\twain_32
2016-05-29 18:43:56 ----D---- C:\Users\plsek\AppData\Roaming\Notepad++
2016-05-28 14:40:09 ----SD---- C:\Users\plsek\AppData\Roaming\Microsoft
2016-05-28 14:37:52 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-28 12:27:37 ----AD---- C:\ProgramData\Acronis
2016-05-28 12:25:11 ----D---- C:\ProgramData\Package Cache
2016-05-28 12:25:11 ----D---- C:\Program Files (x86)\Intel
2016-05-28 12:18:25 ----A---- C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 11:56:33 ----D---- C:\WINDOWS\system32\NDF
2016-05-28 11:52:10 ----D---- C:\WINDOWS\Downloaded Installations
2016-05-28 11:33:46 ----D---- C:\WINDOWS\Prefetch
2016-05-28 11:33:30 ----A---- C:\WINDOWS\PAExec.exe
2016-05-28 11:22:11 ----D---- C:\Program Files\Intel
2016-05-27 20:44:19 ----D---- C:\WINDOWS\Help
2016-05-20 04:08:43 ----A---- C:\WINDOWS\SYSWOW64\oemdspif.dll
2016-05-16 15:03:13 ----D---- C:\WINDOWS\CbsTemp
2016-05-15 18:20:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-05-14 21:09:51 ----D---- C:\WINDOWS\LiveKernelReports
2016-05-13 14:52:01 ----D---- C:\ProgramData\Oracle
2016-05-13 14:51:17 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-05-12 17:36:48 ----D---- C:\WINDOWS\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-12-25 88256]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-05-22 47048]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\SamsungRapidDiskFltr.sys [2015-09-04 271968]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\WINDOWS\system32\DRIVERS\SamsungRapidFSFltr.sys [2015-09-04 110688]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [2015-10-05 109272]
R1 SMIDriver;@oem13.inf,%SMIDevice.SVCDESC%;Synaptics SMI Driver; C:\WINDOWS\system32\DRIVERS\smi.sys [2015-12-14 28400]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-04-23 84992]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2015-12-25 74432]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-27 7936600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-09-24 3667416]
R3 IntcDAud;@oem23.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-12-08 481032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-06-11 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 MEIx64;@oem17.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-12-25 195336]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-05-22 13509184]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 RtkBtFilter;@oem33.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-12-30 593624]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 3445248]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-12-25 44192]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-04-23 112640]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-04-23 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-31 117248]
S3 cpuz139;cpuz139; \??\C:\Users\plsek\AppData\Local\Temp\cpuz139\cpuz139_x64.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2015-12-29 151968]
S3 Dot4Print;@oem4.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-12-29 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2015-12-29 49056]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [2016-03-03 49584]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2015-01-29 50320]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-03-29 181248]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2016-02-26 204944]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2016-03-09 21984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 EMET_Service;Microsoft EMET Service; C:\Program Files (x86)\EMET 5.5\EMET_Service.exe [2016-01-29 33960]
R2 IBMPMSVC;@oem6.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2015-12-25 156912]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-27 374360]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2015-07-13 114632]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-05-20 1352760]
R2 OneSyncSvc_54dc0;Hostitel synchronizace_54dc0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\WINDOWS\system32\RAPID\SamsungRapidSvc.exe [2015-09-04 28256]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R3 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-05-26 2945792]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_54dc0;Data kontaktů_54dc0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_146750e;Hostitel synchronizace_146750e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_19cc8f8;Hostitel synchronizace_19cc8f8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1d2a423;Hostitel synchronizace_1d2a423; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_25584b4;Hostitel synchronizace_25584b4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2bfb38a;Hostitel synchronizace_2bfb38a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d61d09;Hostitel synchronizace_2d61d09; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_303cf8;Hostitel synchronizace_303cf8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4a14842;Hostitel synchronizace_4a14842; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4aba8;Hostitel synchronizace_4aba8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4b97ffa;Hostitel synchronizace_4b97ffa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4c7c1;Hostitel synchronizace_4c7c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_53ae7;Hostitel synchronizace_53ae7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_561f00f;Hostitel synchronizace_561f00f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5c1d4;Hostitel synchronizace_5c1d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5d287;Hostitel synchronizace_5d287; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_70185b2;Hostitel synchronizace_70185b2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8842b78;Hostitel synchronizace_8842b78; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_9a29a;Hostitel synchronizace_9a29a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_9a2aa;Hostitel synchronizace_9a2aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_beea1;Hostitel synchronizace_beea1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-27 302176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_146750e;Služba zasílání zpráv_146750e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_19cc8f8;Služba zasílání zpráv_19cc8f8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1d2a423;Služba zasílání zpráv_1d2a423; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_25584b4;Služba zasílání zpráv_25584b4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2bfb38a;Služba zasílání zpráv_2bfb38a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d61d09;Služba zasílání zpráv_2d61d09; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_303cf8;Služba zasílání zpráv_303cf8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4a14842;Služba zasílání zpráv_4a14842; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4aba8;Služba zasílání zpráv_4aba8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4b97ffa;Služba zasílání zpráv_4b97ffa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4c7c1;Služba zasílání zpráv_4c7c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_53ae7;Služba zasílání zpráv_53ae7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_54dc0;Služba zasílání zpráv_54dc0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_561f00f;Služba zasílání zpráv_561f00f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5c1d4;Služba zasílání zpráv_5c1d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5d287;Služba zasílání zpráv_5d287; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_70185b2;Služba zasílání zpráv_70185b2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8842b78;Služba zasílání zpráv_8842b78; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_9a29a;Služba zasílání zpráv_9a29a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_9a2aa;Služba zasílání zpráv_9a2aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_beea1;Služba zasílání zpráv_beea1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-05-25 242224]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PAExec;PAExec; C:\WINDOWS\PAExec.exe [2016-05-28 189112]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_146750e;Data kontaktů_146750e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_19cc8f8;Data kontaktů_19cc8f8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1d2a423;Data kontaktů_1d2a423; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_25584b4;Data kontaktů_25584b4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2bfb38a;Data kontaktů_2bfb38a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d61d09;Data kontaktů_2d61d09; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_303cf8;Data kontaktů_303cf8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4a14842;Data kontaktů_4a14842; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4aba8;Data kontaktů_4aba8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4b97ffa;Data kontaktů_4b97ffa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4c7c1;Data kontaktů_4c7c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_53ae7;Data kontaktů_53ae7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_561f00f;Data kontaktů_561f00f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5c1d4;Data kontaktů_5c1d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5d287;Data kontaktů_5d287; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_70185b2;Data kontaktů_70185b2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8842b78;Data kontaktů_8842b78; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_9a29a;Data kontaktů_9a29a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_9a2aa;Data kontaktů_9a2aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_beea1;Data kontaktů_beea1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2016-02-26 187024]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S4 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-06-04 111560]
S4 Origin Client Service;Origin Client Service; D:\Programy\Origin\OriginClientService.exe [2016-02-04 2104840]
S4 PhoneSvc;Telefonní služba; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Preventivní kontrola

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Maots
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 říj 2015 21:01

Re: Preventivní kontrola

#3 Příspěvek od Maots »

Dobrý den, zde vkládám log z Adwcleaneru. Nějaký další postup?
log:
# AdwCleaner v5.119 - Log vytvořen 13/06/2016 v 17:05:29
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-06-12.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : plsek - NOTEBOOK
# Spuštěno z : E:\Downloads\Setup\AV\adwcleaner_5.119.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKEY_CLASSES_ROOT\.qmgc

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1135 bytů] - [28/05/2016 14:28:23]
C:\AdwCleaner\AdwCleaner[C2].txt - [1514 bytů] - [04/06/2016 19:48:39]
C:\AdwCleaner\AdwCleaner[C3].txt - [950 bytů] - [13/06/2016 17:05:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [948 bytů] - [28/05/2016 14:26:32]
C:\AdwCleaner\AdwCleaner[S2].txt - [942 bytů] - [04/06/2016 17:54:27]
C:\AdwCleaner\AdwCleaner[S3].txt - [1319 bytů] - [04/06/2016 19:37:25]
C:\AdwCleaner\AdwCleaner[S4].txt - [1209 bytů] - [13/06/2016 17:03:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1312 bytů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Preventivní kontrola

#4 Příspěvek od Rudy »

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Maots
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 říj 2015 21:01

Re: Preventivní kontrola

#5 Příspěvek od Maots »

Zdravím, log z FRST + addition.txt v příloze.
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by plsek (administrator) on NOTEBOOK (13-06-2016 19:36:37)
Running from C:\Users\plsek\Desktop
Loaded Profiles: plsek (Available Profiles: plsek)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Xerox Corporation.) C:\Windows\System32\spool\drivers\x64\3\XrxFaxServer64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Flux Software LLC) C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Valve Corporation) D:\Programy\Steam\Steam.exe
(Valve Corporation) D:\Programy\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 5.5\EMET_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 5.5\EMET_Agent.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Spotify Ltd) C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\plsek\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\plsek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-12-25] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-12-25] (Vimicro)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [Spotify Web Helper] => C:\Users\plsek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-29] (Spotify Ltd)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [Spotify] => C:\Users\plsek\AppData\Roaming\Spotify\Spotify.exe [6859888 2016-05-29] (Spotify Ltd)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [Steam] => D:\Programy\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] ()
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [f.lux] => C:\Users\plsek\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-10-21] (ZONER software)
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\RunOnce: [Uninstall C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178136 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178136 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155952 2016-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-03-23]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Xerox MFP PC Fax.lnk [2016-05-30]
ShortcutTarget: Xerox MFP PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\XrxFaxTray64.exe (Xerox Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54a702be-6998-4471-b0cf-781d0acaba8a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7f2d012-183a-4b10-a06f-f7b680a09582}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> H:\VLC\npvlc.dll [No File]
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-651915769-3154784787-1136458550-1001: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)

Chrome:
=======
CHR HomePage: Profile 1 -> hxxps://www.google.cz/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-07]
CHR Extension: (BetterTTV) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04]
CHR Extension: (Dokumenty Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-07]
CHR Extension: (Disk Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-07]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-05-30]
CHR Extension: (YouTube) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07]
CHR Extension: (Vyhledávání Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07]
CHR Extension: (Tabulky Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-03]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-01-07]
CHR Extension: (Ghostery) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-07]
CHR Profile: C:\Users\plsek\AppData\Local\Google\Chrome\User Data\Profile 2

Opera:
=======
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files (x86)\Opera developer\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
R2 EMET_Service; C:\Program Files (x86)\EMET 5.5\EMET_Service.exe [33960 2016-01-29] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [242224 2016-05-25] (Microsoft Corporation) [File not signed]
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-05-28] (Power Admin LLC)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187024 2016-02-26] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-12-25] (Synaptics Incorporated)
S3 TeamViewer; E:\Programy\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77824 2015-12-14] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [48128 2015-12-14] (Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc.)
R2 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 Xerox MFP Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\XrxFaxServer64.exe [501760 2014-04-21] (Xerox Corporation.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-12-29] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-12-29] (Windows (R) Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-03-03] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-12-25] (Intel Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195336 2015-12-25] (Intel Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-12-30] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-02-26] (Sandboxie Holdings, LLC)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-12-25] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [28400 2015-12-14] (Windows (R) Win 7 DDK provider)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2015-12-10] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [648872 2015-12-25] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz139; \??\C:\Users\plsek\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-13 19:36 - 2016-06-13 19:36 - 00024022 _____ C:\Users\plsek\Desktop\FRST.txt
2016-06-13 19:34 - 2016-06-13 19:35 - 02385408 _____ (Farbar) C:\Users\plsek\Desktop\FRST64.exe
2016-06-12 22:04 - 2016-06-12 22:04 - 00083987 _____ C:\Users\plsek\Desktop\Směrná hodnota - pozemek (příloha č.pdf
2016-06-12 22:03 - 2016-06-12 22:03 - 00301586 _____ C:\Users\plsek\Desktop\pozemek.pdf
2016-06-12 10:15 - 2016-06-12 10:15 - 00000000 ____D C:\Users\plsek\Desktop\eset
2016-06-12 10:13 - 2016-06-12 10:51 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-06-11 20:53 - 2016-06-11 20:53 - 00000000 ____D C:\rsit
2016-06-11 20:53 - 2016-06-11 20:53 - 00000000 ____D C:\Program Files\trend micro
2016-06-11 20:09 - 2016-06-11 20:09 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-11 20:09 - 2016-06-11 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-11 19:10 - 2016-06-11 19:04 - 340670464 _____ C:\Users\plsek\Desktop\eset_sysrescue_live_creator_enu.iso
2016-06-11 18:55 - 2016-06-11 18:56 - 09317168 _____ (ESET, spol. s r.o.) C:\Users\plsek\Desktop\eset_sysrescue_live_creator_enu.exe
2016-06-11 14:59 - 2016-06-11 14:59 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-10 20:47 - 2016-06-10 20:47 - 00000000 ____D C:\WINDOWS\system32\RAPID
2016-06-10 20:47 - 2015-09-04 12:08 - 00271968 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2016-06-10 16:52 - 2016-06-10 16:52 - 02683573 _____ C:\Users\plsek\Desktop\RS Křenovy podepsaná.pdf
2016-06-10 16:51 - 2016-06-10 16:51 - 02683573 _____ C:\Users\plsek\Desktop\Scan_20160609_120439.pdf
2016-06-10 16:15 - 2016-06-10 16:16 - 00000000 ____D C:\Users\plsek\Desktop\Matěj programy
2016-06-10 16:13 - 2016-06-10 20:39 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-06-10 16:12 - 2016-06-10 20:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-10 16:12 - 2016-06-10 16:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-10 15:52 - 2016-06-10 16:14 - 00000000 ____D C:\Users\plsek\Desktop\Kraje
2016-06-09 21:57 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Opera developer
2016-06-09 21:57 - 2016-06-09 21:57 - 00003966 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1465502273
2016-06-09 21:57 - 2016-06-09 21:57 - 00001278 _____ C:\Users\Public\Desktop\Opera developer.lnk
2016-06-09 21:57 - 2016-06-09 21:57 - 00001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk
2016-06-09 21:50 - 2016-06-09 21:54 - 00000000 ____D C:\Users\plsek\AppData\Roaming\GHISLER
2016-06-09 21:50 - 2016-06-09 21:50 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-06-09 21:50 - 2016-06-09 21:50 - 00000000 ____D C:\Users\plsek\AppData\Local\GHISLER
2016-06-09 21:50 - 2016-06-09 21:50 - 00000000 ____D C:\totalcmd
2016-06-09 17:02 - 2016-06-09 17:02 - 00273316 _____ C:\Users\plsek\Desktop\eurolist 2 pdf.pdf
2016-06-08 20:07 - 2016-06-08 20:22 - 02216448 _____ C:\Users\plsek\Desktop\Wien 2.ppt
2016-06-07 21:40 - 2016-06-08 20:20 - 01981505 _____ C:\Users\plsek\Desktop\Wien.pptx
2016-06-05 20:31 - 2016-06-05 20:31 - 00000000 ____D C:\Users\plsek\AppData\Local\TeamViewer
2016-06-04 22:55 - 2016-06-04 22:55 - 00000010 _____ C:\Users\plsek\AppData\Local\sponge.last.runtime.cache
2016-06-04 22:49 - 2016-06-04 22:49 - 00000000 ____D C:\ProgramData\Trend Micro
2016-06-04 22:46 - 2015-12-24 15:03 - 00316168 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-06-04 22:45 - 2016-06-04 22:45 - 00000036 _____ C:\Users\plsek\AppData\Local\housecall.guid.cache
2016-06-04 22:09 - 2016-06-04 22:09 - 00011012 _____ C:\NetworkSettings.txt
2016-06-04 21:42 - 2015-09-14 14:03 - 00039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2016-06-04 21:42 - 2015-01-29 19:21 - 00050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-06-04 21:38 - 2016-06-04 21:43 - 00000000 ____D C:\Users\plsek\AppData\Local\FSDART
2016-06-04 21:38 - 2016-06-04 21:41 - 00000000 ____D C:\ProgramData\F-Secure
2016-06-04 21:38 - 2016-06-04 21:38 - 00000000 ____D C:\Users\plsek\AppData\Local\F-Secure
2016-06-04 18:37 - 2016-06-04 18:37 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-06-04 18:36 - 2016-06-04 19:35 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-04 17:56 - 2016-06-04 17:56 - 00097852 _____ C:\TDSSKiller.3.1.0.9_04.06.2016_17.56.15_log.txt
2016-06-04 13:55 - 2016-06-04 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-06-04 13:55 - 2016-06-04 13:55 - 00000000 ____D C:\Program Files\Oracle
2016-05-30 15:51 - 2016-06-01 21:07 - 00001280 _____ C:\Users\plsek\Desktop\Xerox Easy Document Creator (2).lnk
2016-05-30 15:49 - 2016-05-30 16:02 - 00000000 ____D C:\Users\plsek\Documents\Scan
2016-05-30 15:43 - 2016-05-30 15:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox Printers
2016-05-30 15:43 - 2016-05-30 15:43 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Xerox
2016-05-30 15:43 - 2016-05-30 15:43 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2016-05-30 15:43 - 2016-05-30 15:43 - 00000000 ____D C:\Program Files (x86)\Xerox
2016-05-30 15:43 - 2014-04-21 17:25 - 00280064 _____ (Xerox Corporation.) C:\WINDOWS\system32\XrxFaxPort64.dll
2016-05-30 15:43 - 2014-04-21 17:24 - 00217600 _____ (Xerox Corporation.) C:\WINDOWS\SysWOW64\XrxFaxPort.dll
2016-05-29 19:48 - 2016-05-29 19:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
2016-05-29 19:48 - 2016-05-29 19:48 - 00000000 ____D C:\Users\plsek\AppData\Roaming\WTablet
2016-05-29 19:48 - 2016-05-29 19:48 - 00000000 ____D C:\Program Files\Tablet
2016-05-29 19:48 - 2016-05-29 19:48 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2016-05-29 19:48 - 2011-09-08 17:49 - 00016168 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomvhid.sys
2016-05-29 19:48 - 2011-09-08 17:49 - 00013312 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacmoumonitor.sys
2016-05-29 19:48 - 2011-09-08 17:49 - 00012848 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacommousefilter.sys
2016-05-29 19:48 - 2011-09-08 17:48 - 01665400 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01401208 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01392504 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01369464 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01326456 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01156472 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01152888 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01107832 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2016-05-29 18:51 - 2016-05-29 18:51 - 00000634 _____ C:\Users\plsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-05-28 14:59 - 2016-05-28 14:59 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2016-05-28 14:59 - 2016-05-28 14:59 - 00000000 ____D C:\Program Files (x86)\CZ.NIC
2016-05-28 14:23 - 2016-06-13 17:05 - 00000000 ____D C:\AdwCleaner
2016-05-28 12:19 - 2016-05-28 12:19 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-05-28 12:18 - 2016-05-28 12:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-28 11:53 - 2016-05-28 11:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-05-28 11:53 - 2016-05-28 11:53 - 00000000 ____D C:\Users\plsek\.QtWebEngineProcess
2016-05-28 11:53 - 2016-05-28 11:53 - 00000000 ____D C:\Users\plsek\.LSC
2016-05-28 11:52 - 2016-06-04 22:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-05-28 11:52 - 2016-06-04 22:28 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-05-28 11:24 - 2016-05-28 11:24 - 00000000 ____D C:\ProgramData\IntelDLM
2016-05-28 11:22 - 2016-05-28 11:22 - 00000000 ____D C:\Users\plsek\AppData\Local\Intel
2016-05-28 11:22 - 2016-05-28 11:22 - 00000000 ____D C:\ProgramData\Intel
2016-05-28 11:22 - 2016-03-09 20:43 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-05-27 20:44 - 2016-05-27 20:44 - 00000000 ____D C:\Users\plsek\AppData\Local\NVIDIA
2016-05-27 20:44 - 2016-05-27 20:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-27 20:44 - 2016-05-27 20:44 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-27 20:44 - 2016-05-27 15:50 - 00104584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-05-27 20:44 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 06348344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 02454976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-27 20:44 - 2016-05-20 04:08 - 00533560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-27 20:44 - 2016-05-18 10:37 - 06448223 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-27 20:43 - 2016-05-27 20:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-27 20:43 - 2016-05-22 23:02 - 13509184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-05-27 20:43 - 2016-05-22 23:02 - 00047048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-05-27 20:43 - 2016-05-20 10:03 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 35117112 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 31639096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 25401280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 21802816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 21346520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 20305768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 18145256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 17740664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 17662432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 17379520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 14410024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 10642912 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 08733280 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 03811440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 03371648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 02791360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 02419768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436822.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436822.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00772152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00708032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00178136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00155952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00153416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00131768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-05-27 20:43 - 2016-05-20 10:03 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-05-27 20:43 - 2016-05-20 10:03 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-05-27 20:43 - 2016-05-20 10:03 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-05-27 20:42 - 2016-05-27 20:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-27 20:39 - 2016-05-28 11:33 - 00000000 ____D C:\Users\plsek\Documents\DDU Logs
2016-05-27 20:39 - 2016-05-27 20:39 - 00000000 ____D C:\Users\plsek\Documents\x64
2016-05-27 20:39 - 2016-05-27 20:39 - 00000000 ____D C:\Users\plsek\Documents\settings
2016-05-27 20:39 - 2016-04-05 23:01 - 01846272 _____ C:\Users\plsek\Documents\Display Driver Uninstaller.exe
2016-05-27 20:39 - 2016-04-05 23:01 - 00269824 _____ C:\Users\plsek\Documents\Display Driver Uninstaller.pdb
2016-05-27 20:39 - 2015-09-06 13:26 - 00000224 _____ C:\Users\plsek\Documents\Display Driver Uninstaller.exe.config
2016-05-27 18:23 - 2016-05-27 18:23 - 00625161 _____ C:\Users\plsek\Desktop\recept-1404.pdf
2016-05-27 15:53 - 2016-05-27 15:53 - 39857152 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 38897696 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 34815616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 33473752 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 15488544 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 14579488 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 13482720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 11858784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 06644000 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 05099192 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 04246672 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 04213648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 01890664 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 01817352 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 01814704 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 01465744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00312944 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00297800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00242792 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00223880 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00184624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00183600 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00182480 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00160904 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00160904 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-05-27 15:53 - 2016-05-27 15:53 - 00055880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 29102216 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 19862152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 11688072 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 08690312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 07936600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-05-27 15:50 - 2016-05-27 15:50 - 05686408 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 05263496 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 04927624 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 04426888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 03971208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 02063488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 01591432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 01179272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 01027680 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00966232 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00962656 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00753800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00633480 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00622680 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00537184 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00467544 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00439432 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00416904 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00402520 _____ C:\WINDOWS\system32\igfxTray.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00394880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00390784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00389256 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00374360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00355424 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00350824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00319104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00302176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00274056 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-05-27 15:50 - 2016-05-27 15:50 - 00269400 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00266888 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00255624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00237664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00233056 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00232536 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00225920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00208512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4444.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00193672 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00175704 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-05-27 15:50 - 2016-05-27 15:50 - 00174216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00112256 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00104584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00104064 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00101512 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00095872 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00085128 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00056696 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00029832 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00029832 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00028296 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00028296 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00023176 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00023168 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-05-22 20:30 - 2016-05-22 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-05-21 19:25 - 2016-06-10 16:24 - 00000000 ____D C:\Users\plsek\Desktop\FOTO
2016-05-17 22:14 - 2016-05-17 22:14 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-05-17 22:14 - 2016-05-17 22:14 - 00000000 ____D C:\Users\plsek\AppData\Local\FluxSoftware
2016-05-17 16:31 - 2016-05-17 16:31 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2016-05-17 16:26 - 2016-05-17 16:29 - 00000000 ____D C:\Users\plsek\Desktop\myslivci
2016-05-15 18:20 - 2016-05-15 18:20 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-05-15 18:01 - 2016-05-15 18:01 - 00000000 ____D C:\Users\plsek\AppData\Local\ESET
2016-05-14 11:32 - 2016-06-11 21:43 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-14 11:32 - 2016-05-14 11:32 - 00004024 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-13 19:36 - 2016-03-03 17:46 - 00000000 ____D C:\FRST
2016-06-13 19:33 - 2016-02-23 20:17 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-13 19:11 - 2015-12-25 22:46 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-13 19:04 - 2016-01-07 16:55 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Spotify
2016-06-13 18:59 - 2016-01-07 16:56 - 00000000 ____D C:\Users\plsek\AppData\Local\Spotify
2016-06-13 18:10 - 2015-12-25 23:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-13 18:06 - 2015-12-25 17:05 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-13 18:06 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-06-13 18:06 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-06-13 18:06 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-13 18:00 - 2016-02-21 21:49 - 00000000 ____D C:\ProgramData\Synaptics
2016-06-13 18:00 - 2015-12-31 22:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 18:00 - 2015-12-31 22:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-13 18:00 - 2015-12-25 22:46 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 18:00 - 2015-12-25 17:22 - 00000000 __SHD C:\Users\plsek\IntelGraphicsProfiles
2016-06-13 17:41 - 2015-12-31 22:20 - 00000000 ____D C:\Users\plsek
2016-06-13 17:05 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-13 16:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-12 11:07 - 2016-04-15 14:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-12 10:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-06-12 10:13 - 2015-07-31 00:42 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-06-11 17:48 - 2016-02-05 15:12 - 00000000 ____D C:\Users\plsek\Desktop\Hry
2016-06-11 15:00 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-11 14:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-11 14:54 - 2016-02-21 20:03 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-10 20:47 - 2015-12-25 17:24 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-10 16:23 - 2016-04-07 16:17 - 00000000 ____D C:\Users\plsek\Desktop\Euroreality
2016-06-10 16:16 - 2016-03-06 20:33 - 00000000 ____D C:\Users\plsek\Desktop\přepisy
2016-06-10 16:14 - 2016-03-03 23:08 - 00000000 ____D C:\Users\plsek\AppData\Local\CrashDumps
2016-06-10 16:13 - 2016-02-23 20:17 - 00000000 ____D C:\Users\plsek\AppData\Local\Adobe
2016-06-10 16:04 - 2016-04-14 19:57 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-06-10 16:03 - 2016-04-14 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-06-09 21:57 - 2016-05-09 19:59 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Opera Software
2016-06-09 21:57 - 2016-05-09 19:59 - 00000000 ____D C:\Users\plsek\AppData\Local\Opera Software
2016-06-09 17:12 - 2015-12-25 22:47 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 16:56 - 2015-12-25 17:10 - 00000000 ____D C:\Users\plsek\AppData\Local\Packages
2016-06-08 14:40 - 2016-03-11 18:27 - 00000000 ____D C:\Users\plsek\Desktop\mm smlouvy Eva
2016-06-07 21:33 - 2016-01-03 17:30 - 00000000 ____D C:\Users\plsek\AppData\Local\Microsoft Help
2016-06-05 22:06 - 2015-12-30 15:10 - 00000600 _____ C:\Users\plsek\AppData\Local\PUTTY.RND
2016-06-04 22:28 - 2015-12-25 17:47 - 00000000 ____D C:\Program Files\Lenovo
2016-06-04 22:14 - 2016-01-03 21:43 - 00918022 _____ C:\WINDOWS\ntbtlog.txt
2016-06-04 22:11 - 2016-01-03 21:43 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-06-04 22:01 - 2016-05-06 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2016-06-04 17:15 - 2016-04-12 20:10 - 00000000 ____D C:\Users\plsek\.VirtualBox
2016-06-04 15:40 - 2016-04-13 00:03 - 00000000 ____D C:\Users\plsek\VirtualBox VMs
2016-06-04 15:40 - 2016-02-10 18:55 - 00000000 ____D C:\Users\plsek\AppData\Roaming\uTorrent
2016-06-04 14:31 - 2016-02-10 18:54 - 00000000 ____D C:\Users\plsek\Documents\torrenty
2016-06-02 18:55 - 2016-02-23 17:37 - 00000000 ____D C:\Users\plsek\AppData\Local\ElevatedDiagnostics
2016-06-01 21:07 - 2016-03-17 17:55 - 00002283 _____ C:\Users\plsek\Desktop\Xerox Easy Printer Manager.lnk
2016-05-30 16:03 - 2016-03-17 17:57 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Samsung
2016-05-30 15:44 - 2016-03-15 20:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Leader Technologies
2016-05-30 15:43 - 2016-03-15 20:01 - 00000000 ____D C:\ProgramData\Xerox
2016-05-29 18:43 - 2015-12-31 00:31 - 00000000 ____D C:\Users\plsek\AppData\Roaming\Notepad++
2016-05-28 14:37 - 2015-12-25 17:43 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-28 12:27 - 2016-03-22 19:30 - 00000000 ____D C:\ProgramData\Acronis
2016-05-28 12:25 - 2015-12-25 17:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-28 12:25 - 2015-12-25 17:22 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-28 12:18 - 2015-12-31 22:19 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 11:52 - 2016-01-09 18:24 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-05-28 11:33 - 2016-03-19 11:37 - 00189112 _____ (Power Admin LLC) C:\WINDOWS\PAExec.exe
2016-05-28 11:22 - 2015-12-31 22:19 - 00000000 ____D C:\Program Files\Intel
2016-05-27 20:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-05-24 19:49 - 2016-01-11 18:29 - 00000000 ____D C:\Users\plsek\Desktop\Turris
2016-05-23 18:54 - 2016-04-07 20:24 - 00000000 ____D C:\Users\plsek\Desktop\CHval seznam nabídek
2016-05-22 20:30 - 2015-12-25 17:24 - 00003340 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2016-05-22 17:56 - 2016-05-06 14:45 - 00415869 _____ C:\Users\plsek\Desktop\Nelča úraz vyplněné.pdf
2016-05-20 04:08 - 2016-02-25 19:29 - 00123328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-05-17 16:11 - 2016-04-02 22:24 - 00000729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-16 15:52 - 2016-01-03 20:43 - 00000600 _____ C:\Users\plsek\AppData\Roaming\winscp.rnd
2016-05-16 15:03 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 18:20 - 2015-12-26 23:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-14 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories =======

2016-01-03 20:43 - 2016-05-16 15:52 - 0000600 _____ () C:\Users\plsek\AppData\Roaming\winscp.rnd
2016-06-04 22:45 - 2016-06-04 22:45 - 0000036 _____ () C:\Users\plsek\AppData\Local\housecall.guid.cache
2016-02-22 14:25 - 2016-02-22 14:25 - 0000001 _____ () C:\Users\plsek\AppData\Local\llftool.4.40.agreement
2015-12-30 15:10 - 2016-06-05 22:06 - 0000600 _____ () C:\Users\plsek\AppData\Local\PUTTY.RND
2016-05-07 20:19 - 2016-05-07 20:19 - 0000017 _____ () C:\Users\plsek\AppData\Local\resmon.resmoncfg
2016-06-04 22:55 - 2016-06-04 22:55 - 0000010 _____ () C:\Users\plsek\AppData\Local\sponge.last.runtime.cache
2015-12-31 22:19 - 2015-12-31 22:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-12-29 13:15 - 2016-05-08 15:07 - 0017392 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\plsek\AppData\Local\Temp\libeay32.dll
C:\Users\plsek\AppData\Local\Temp\msvcr120.dll
C:\Users\plsek\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-12 08:32

==================== End of FRST.txt ============================
Přílohy
addition.zip
(13.59 KiB) Staženo 58 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Preventivní kontrola

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> H:\VLC\npvlc.dll [No File]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\plsek\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Maots
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 říj 2015 21:01

Re: Preventivní kontrola

#7 Příspěvek od Maots »

LOG:
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2016
Ran by plsek (2016-06-13 20:49:18) Run:1
Running from C:\Users\plsek\Desktop
Loaded Profiles: plsek (Available Profiles: plsek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> H:\VLC\npvlc.dll [No File]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\plsek\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\plsek\AppData\Local\Temp" folder move:

Could not move "C:\Users\plsek\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-13 20:50:10)

C:\Users\plsek\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:50:12 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Preventivní kontrola

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Maots
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 říj 2015 21:01

Re: Preventivní kontrola

#9 Příspěvek od Maots »

Dobře, děkuji za kontrolu, přeji hezký zbytek večera. :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Preventivní kontrola

#10 Příspěvek od Rudy »

Hezký večer i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“