Prosím o kontrolu, pc se rapidně zpomalilo, přikládám log

Zpráva

jindra.paryzek · #1 Příspěvek od **jindra.paryzek** » 15 čer 2016 19:16

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jindra at 2016-06-15 20:13:51
Microsoft Windows 10 Home
System drive C: has 889 GB (93%) free of 953 GB
Total RAM: 3977 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:55, on 15. 6. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jindra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Volat toto číslo pomocí aplikace SideSync - res://C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10041 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k appmodel
dashost.exe {28eb074b-f761-4029-96339f739f421184}

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
"C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Program Files\Windows Defender\MSASCui.exe" /ScanNow
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
taskhostw.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\WINDOWS\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 628 632 640 8192 636

"C:\Users\Jindra\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 07E3B925-9E0C-E34E-5FE1-1301A0172B7E -Reinvoke

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\uqo4a8jk.default-1458337351694

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2016-05-17 2348848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-05-17 1741096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-10-20 405416]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-23 2779376]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-09-11 8512760]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-09-11 1411320]
"WavesSvc"=C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2015-05-21 611248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-03-20 43984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-06 767176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-12 23:26:52 ----A---- C:\WINDOWS\SYSWOW64\DBCLIENT.DLL
2016-06-12 23:26:32 ----D---- C:\ProgramData\eXmind
2016-06-10 00:18:24 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2016-06-15 20:13:54 ----D---- C:\Program Files\trend micro
2016-06-15 20:04:03 ----D---- C:\WINDOWS\system32\sru
2016-06-15 19:44:07 ----A---- C:\WINDOWS\BRRBCOM.INI
2016-06-15 19:41:05 ----D---- C:\WINDOWS\Prefetch
2016-06-15 19:39:16 ----D---- C:\WINDOWS\Temp
2016-06-15 19:39:16 ----D---- C:\WINDOWS\System32
2016-06-15 17:22:45 ----D---- C:\WINDOWS\system32\config
2016-06-15 17:13:26 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-15 17:08:21 ----D---- C:\WINDOWS\SoftwareDistribution
2016-06-15 17:08:21 ----D---- C:\WINDOWS
2016-06-15 13:24:21 ----D---- C:\WINDOWS\debug
2016-06-15 13:15:25 ----SHD---- C:\WINDOWS\Installer
2016-06-15 13:15:25 ----SHD---- C:\Config.Msi
2016-06-15 13:13:24 ----D---- C:\ProgramData\Microsoft Help
2016-06-15 13:13:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-06-15 13:11:19 ----RSD---- C:\WINDOWS\assembly
2016-06-15 13:03:29 ----A---- C:\WINDOWS\win.ini
2016-06-15 13:00:45 ----D---- C:\WINDOWS\CbsTemp
2016-06-15 13:00:11 ----D---- C:\WINDOWS\WinSxS
2016-06-15 12:56:46 ----D---- C:\WINDOWS\system32\MRT
2016-06-15 12:50:01 ----A---- C:\WINDOWS\system32\MRT.exe
2016-06-15 12:48:08 ----SHD---- C:\System Volume Information
2016-06-15 11:39:45 ----D---- C:\WINDOWS\system32\catroot2
2016-06-15 09:56:04 ----D---- C:\WINDOWS\AppReadiness
2016-06-15 09:54:08 ----HD---- C:\Program Files\WindowsApps
2016-06-15 09:11:20 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-12 23:36:36 ----RD---- C:\Program Files (x86)
2016-06-12 23:26:52 ----D---- C:\WINDOWS\SysWOW64
2016-06-12 23:26:48 ----D---- C:\Program Files (x86)\Common Files
2016-06-12 23:26:39 ----RSD---- C:\WINDOWS\Fonts
2016-06-12 23:26:32 ----HD---- C:\ProgramData
2016-06-11 00:02:09 ----D---- C:\ProgramData\ProductData
2016-06-10 00:43:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 02:29:16 ----D---- C:\WINDOWS\INF
2016-06-05 01:44:09 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem12.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-07-21 36096]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 GUBootStartup;GUBootStartup; \??\C:\WINDOWS\System32\drivers\GUBootStartup.sys [2016-01-05 20160]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-09-01 21655080]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-09-01 686120]
R3 athr;@oem48.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2015-09-11 4318760]
R3 BTATH_BUS;@oem25.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-05 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 DellRbtn;@oem5.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-24 10752]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-10-20 6415272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-11 4518136]
R3 iwdbus;@oem3.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-11 100312]
R3 rt640x64;@oem53.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-09-11 896744]
R3 RTSUER;@oem39.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-14 402960]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-23 34544]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2015-07-10 12800]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-23 529648]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-16 238080]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;@oem57.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-14 113432]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 IntcDAud;@oem61.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-08 473864]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-03-06 192216]
S3 MiraDispKmd;@miradisp.inf,%MiraDispKmd%;Kernel Mode Miracast Filter Driver; C:\WINDOWS\System32\drivers\MiraDispKmd.sys [2015-07-10 23552]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 nmwcd;@oem29.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem4.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 RTL8168;@oem17.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-06-22 816344]
S3 ss_conn_usb_driver;@oem71.inf,%ssud.SvcDesc%;SAMSUNG Mobile USB Connectivity Device Driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [2016-05-01 42112]
S3 ssudmdm;@oem58.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-14 206104]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-09-01 265776]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-10-20 359848]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-11 169432]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-11 390616]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-09-11 312056]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2015-12-14 747800]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session23;Hostitel synchronizace_Session23; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session9;Hostitel synchronizace_Session9; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-10-20 291752]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-10 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session23;Data kontaktů_Session23; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session9;Data kontaktů_Session9; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session23;Úložiště uživatelských dat_Session23; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session9;Úložiště uživatelských dat_Session9; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 15 čer 2016 19:28

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

jindra.paryzek · #3 Příspěvek od **jindra.paryzek** » 15 čer 2016 19:44

# AdwCleaner v5.200 - Log vytvořen 15/06/2016 v 20:35:16
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-15.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Jindra - I5CORE
# Spuštěno z : C:\Users\Jindra\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[#] Složka Smazáno : C:\ProgramData\Application Data\7b24ec7cc000461ebe26d116b88142c8
[-] Složka Smazáno : C:\Users\Public\Documents\dmp
[-] Složka Smazáno : C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1

***** [ Soubory ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] Klíč Smazáno : HKLM\SOFTWARE\Lavasoft\Web Companion

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1260 bytů] - [15/06/2016 20:35:16]
C:\AdwCleaner\AdwCleaner[C4].txt - [5599 bytů] - [14/10/2015 20:15:04]
C:\AdwCleaner\AdwCleaner[R0].txt - [1588 bytů] - [25/02/2015 12:24:05]
C:\AdwCleaner\AdwCleaner[R1].txt - [958 bytů] - [28/04/2015 22:54:22]
C:\AdwCleaner\AdwCleaner[R2].txt - [1479 bytů] - [23/07/2015 20:22:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [1661 bytů] - [25/02/2015 12:27:33]
C:\AdwCleaner\AdwCleaner[S1].txt - [2839 bytů] - [28/04/2015 22:55:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [1479 bytů] - [23/07/2015 20:23:03]
C:\AdwCleaner\AdwCleaner[S4].txt - [3330 bytů] - [14/10/2015 20:14:29]
C:\AdwCleaner\AdwCleaner[S5].txt - [2057 bytů] - [03/01/2016 23:13:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1989 bytů] ##########

#4 Příspěvek od **Rudy** » 15 čer 2016 20:15

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

jindra.paryzek · #5 Příspěvek od **jindra.paryzek** » 15 čer 2016 20:21

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-06-2016
Ran by Jindra (administrator) on I5CORE (15-06-2016 21:17:47)
Running from C:\Users\Jindra\Desktop
Loaded Profiles: Jindra (Available Profiles: Jindra)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
() C:\WINDOWS\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [405416 2015-10-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2779376 2013-08-23] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-09-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-09-11] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [611248 2015-05-21] (Waves Audio Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-20] (Glarysoft Ltd)
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\MountPoints2: {1725de04-ce31-11e4-82b9-645a0434dfd3} - "E:\NokiaPCIA_Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-03-08]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{02536b73-ebc7-4d42-af48-8d375086aee0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3ab5e644-0513-4806-83c5-d966cbbcec3f}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{520a84e1-b73c-47a7-9471-7b55d2f317f5}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-790963611-2055800212-2272835107-1001 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-790963611-2055800212-2272835107-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\uqo4a8jk.default-1458337351694
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-790963611-2055800212-2272835107-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jindra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jindra\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-11] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-09-11] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [747800 2015-12-14] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-11] (Qualcomm Atheros Communications, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-01-05] (Glarysoft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-06] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation)
S3 MiraDispKmd; C:\Windows\System32\drivers\MiraDispKmd.sys [23552 2015-07-10] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896744 2015-09-11] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-23] (Synaptics Incorporated)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [42112 2016-05-01] (Samsung Electronics Co., Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-15 21:15 - 2016-06-15 21:17 - 00013080 _____ C:\Users\Jindra\Desktop\FRST.txt
2016-06-15 21:15 - 2016-06-15 21:17 - 00000000 ____D C:\FRST
2016-06-15 21:14 - 2016-06-15 21:15 - 02385920 _____ (Farbar) C:\Users\Jindra\Desktop\FRST64.exe
2016-06-15 20:40 - 2016-06-15 20:40 - 00016148 _____ C:\WINDOWS\system32\I5CORE_Jindra_HistoryPrediction.bin
2016-06-15 20:30 - 2016-06-15 20:33 - 03703360 _____ C:\Users\Jindra\Desktop\adwcleaner_5.200.exe
2016-06-15 20:13 - 2016-06-15 20:13 - 01222144 _____ C:\Users\Jindra\Desktop\RSITx64.exe
2016-06-15 11:52 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-15 11:52 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 11:52 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 11:52 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 11:52 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 11:52 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 11:52 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 11:52 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 11:52 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 11:52 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 11:52 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 11:52 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-15 11:52 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 11:52 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 11:52 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 11:52 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 11:52 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 11:52 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 11:52 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 11:52 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 11:52 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 11:52 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 11:52 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-15 11:52 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 11:52 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 11:52 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 11:52 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 11:52 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-15 11:52 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 11:52 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-15 11:52 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 11:52 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 11:52 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 11:52 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-15 11:52 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 11:52 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 11:52 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 11:52 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 11:52 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 11:52 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 11:52 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 11:52 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 11:52 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 11:52 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 11:52 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 11:52 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 11:52 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-15 11:52 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 11:52 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 11:52 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 11:52 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 11:52 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 11:52 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 11:52 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 11:52 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 11:52 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 11:52 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 11:52 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 11:52 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 11:52 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 11:52 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 11:52 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 11:52 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 11:52 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 11:52 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 11:52 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 11:52 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 11:52 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-15 11:52 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 11:52 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-06-15 11:52 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 11:52 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 11:52 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 11:52 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 11:52 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 11:52 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 11:52 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 11:52 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-06-15 11:52 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 11:52 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 11:52 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 11:52 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 11:52 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 11:51 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 11:51 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2016-06-15 11:51 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 11:51 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-06-15 11:51 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 11:51 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-15 11:51 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 11:51 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 11:51 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 11:51 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-12 23:26 - 2016-06-12 23:26 - 00000000 ____D C:\ProgramData\eXmind
2016-06-12 23:26 - 1999-11-12 05:11 - 00183808 _____ C:\WINDOWS\SysWOW64\BDEADMIN.CPL
2016-06-12 23:26 - 1999-01-20 05:01 - 00210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL
2016-06-11 12:28 - 2016-06-15 20:33 - 00014675 _____ C:\Users\Jindra\Desktop\Inventura 11.6.2016.xlsx
2016-06-10 00:18 - 2016-06-15 20:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-15 21:14 - 2015-09-02 07:23 - 00000000 ___RD C:\Users\Jindra\Desktop\Stažené dokumenty
2016-06-15 20:40 - 2015-09-10 20:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 20:40 - 2015-09-10 19:34 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-15 20:40 - 2014-11-11 11:16 - 00000000 __SHD C:\Users\Jindra\IntelGraphicsProfiles
2016-06-15 20:39 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-15 20:39 - 2015-07-10 14:20 - 00458248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-15 20:39 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-06-15 20:39 - 2014-11-05 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-15 20:38 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-15 20:36 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 20:35 - 2015-02-25 12:24 - 00000000 ____D C:\AdwCleaner
2016-06-15 20:25 - 2016-02-15 14:14 - 00000000 ____D C:\Users\Jindra\Desktop\eshop
2016-06-15 20:13 - 2015-01-05 12:26 - 00000000 ____D C:\Program Files\trend micro
2016-06-15 19:44 - 2014-11-26 15:55 - 00007984 _____ C:\WINDOWS\BRRBCOM.INI
2016-06-15 15:44 - 2014-11-05 15:15 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C12CBA2E-CC4F-40FB-AED2-821B402E772B}
2016-06-15 14:00 - 2015-05-04 20:34 - 00180736 _____ C:\Users\Jindra\Desktop\Faktury eshop.xls
2016-06-15 13:13 - 2016-01-13 13:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-15 13:13 - 2016-01-04 09:58 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-06-15 13:03 - 2013-08-22 15:25 - 00000188 _____ C:\WINDOWS\win.ini
2016-06-15 13:00 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-15 12:56 - 2014-11-06 23:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 12:50 - 2014-11-06 23:15 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 09:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-15 09:54 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-13 10:01 - 2016-01-05 18:42 - 00000000 ____D C:\Users\Jindra\Desktop\Tabulky
2016-06-12 11:15 - 2014-11-05 14:56 - 00000000 ____D C:\Users\Jindra\AppData\Local\Packages
2016-06-11 00:02 - 2016-02-29 13:13 - 00000000 ____D C:\ProgramData\ProductData
2016-06-10 16:14 - 2014-11-05 18:17 - 00284672 _____ C:\Users\Jindra\Desktop\Zakázky.xls
2016-06-05 01:44 - 2015-07-01 18:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 00:18 - 2015-02-11 12:36 - 00000000 ____D C:\Users\Jindra\Desktop\Ostatní dokumenty
2016-06-01 18:03 - 2015-09-10 19:39 - 00000000 ____D C:\Users\Jindra
2016-06-01 17:57 - 2016-01-05 10:11 - 00000000 ____D C:\Users\Jindra\AppData\Local\WinZip
2016-05-25 21:29 - 2015-12-17 23:38 - 00000000 ____D C:\Users\Jindra\AppData\Local\Microsoft Help
2016-05-25 21:00 - 2015-01-20 11:10 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-23 22:55 - 2016-03-30 22:25 - 00010119 _____ C:\Users\Jindra\Desktop\Provize Tomáš Vlček.xlsx
2016-05-16 22:45 - 2014-11-05 17:25 - 00000000 ____D C:\Users\Jindra\AppData\Local\Adobe

==================== Files in the root of some directories =======

2015-04-07 12:06 - 2015-04-07 12:06 - 0000262 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA_CZ.log
2015-04-06 15:28 - 2015-04-06 15:30 - 0000026 _____ () C:\Users\Jindra\AppData\Local\isoworkshop.ini
2014-11-05 23:04 - 2014-11-05 23:04 - 0000017 _____ () C:\Users\Jindra\AppData\Local\resmon.resmoncfg
2015-09-10 19:33 - 2015-09-10 19:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jindra\AppData\Local\Temp\libeay32.dll
C:\Users\Jindra\AppData\Local\Temp\msvcr120.dll
C:\Users\Jindra\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-10 21:10

==================== End of FRST.txt ============================

jindra.paryzek · #6 Příspěvek od **jindra.paryzek** » 15 čer 2016 20:22

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-06-2016
Ran by Jindra (2016-06-15 21:18:10)
Running from C:\Users\Jindra\Desktop
Windows 10 Home (X64) (2015-09-10 18:02:51)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-790963611-2055800212-2272835107-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-790963611-2055800212-2272835107-503 - Limited - Disabled)
Guest (S-1-5-21-790963611-2055800212-2272835107-501 - Limited - Disabled)
Jindra (S-1-5-21-790963611-2055800212-2272835107-1001 - Administrator - Enabled) => C:\Users\Jindra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7EABB7C4-BD84-2B20-5268-82D547C8F898}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter Professional 3.1.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.11.1 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Glary Utilities 5.47 (HKLM-x32\...\Glary Utilities 5) (Version: 5.47.0.67 - Glarysoft Ltd)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
K-Lite Codec Pack 11.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Maxx Audio Installer (x64) (Version: 2.6.6168.1 - Waves Audio Ltd.) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 47.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 cs)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
OEM Application Profile (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Panel Utility (HKLM-x32\...\{D06B1C71-FDF8-47A4-8648-6406B4F85E90}) (Version: - )
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.2.0.37 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.58.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52 - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Zoner Photo Studio 12 (HKLM-x32\...\ZonerPhotoStudio12_CZ_is1) (Version: 12.0.1.7 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-790963611-2055800212-2272835107-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jindra\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-790963611-2055800212-2272835107-1001_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files (x86)\Zoner\Photo Studio 12\Program\SHELLEXT64.DLL (ZONER software)
CustomCLSID: HKU\S-1-5-21-790963611-2055800212-2272835107-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02580E31-EC11-448A-A6A7-61861C4D0FB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-16] (Adobe Systems Incorporated)
Task: {064991D6-BA03-4C85-8E24-77E3BAA10362} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {182ED243-AAF8-4A71-A5EE-189D6323AE01} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1FF54212-DBA9-4E40-B7B6-5D784F021A5B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2B1491B8-4DEB-409A-8CAF-6C71C7499BE5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3365186B-74AE-41A9-9543-2FF89CE5DFEC} - System32\Tasks\{0391D18C-6445-4F72-90F3-EC9116681B75} => pcalua.exe -a C:\Users\Jindra\AppData\Local\Apps\2.0\3T3YQ15M.XJA\G12ENHRB.JBG\dell..tion_6d0a76327dca4869_0006.000c_9ebce3b7bfa8d3cd\Uninstaller.exe -c uninstall
Task: {34308973-54AF-4B0B-9745-B26210438029} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3FF6F3F4-C7CC-4FBD-8661-53D40B167695} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {43343109-6E8D-4451-844B-2FB3FAE26869} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A14EB20-2F96-4038-B924-0E6AE3EBB4A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {63738279-2200-4BDF-8A51-02AA0DCC49D2} - System32\Tasks\Wise Turbo Checker => C:\Users\Jindra\AppData\Local\Temp\Rar$EXa0.228\Wise Care 365\WiseTurbo.exe <==== ATTENTION
Task: {6A51A9B3-5CD2-4AD6-8D75-DA081542E0BE} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-03-20] (Glarysoft Ltd)
Task: {89BF58E4-06C3-4E1E-8BF6-146FCC96440B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {89F24C6A-B923-4E4D-AB0C-9346E7CCFE89} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {8DA543B7-80DF-4F34-B6B5-8123576842BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {91139CA2-23CF-491A-A751-C6091E118791} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9530C0D7-AA09-49AE-B530-9FB79DE981AF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-09-11] (Realtek Semiconductor)
Task: {9ECA41B7-F7E9-4D90-A5E3-6762DF2BFF9C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A1E4353C-F7D6-4B1D-B47D-CF822222702A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A5776604-764E-4C9D-9930-A279677FC139} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B0948E4A-93D9-449E-973E-89F255FB28FD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-23] (Synaptics Incorporated)
Task: {BF4D1F38-03A7-4344-B7B9-22577052A8A7} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-03-20] (Glarysoft Ltd)
Task: {CE7F0E6E-C2DC-4CF7-94C0-4BC4CD1B8F84} - System32\Tasks\{BB6461E9-89BE-44BF-B570-47F371F69206} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Office\Office10\MSACCESS.EXE" -d D:\Movies -c /NOSTARTUP /SHELLSYSTEM [OpenModule "D:\Movies\01_DAY.mad"]
Task: {EA88F6B7-746A-4141-B81D-CB04AE8BBB19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {EAE6360E-7EE4-49BB-9ADF-0179565BB2EF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {F876D9F0-6B9B-4435-BE83-88A3FEB35595} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 20:22 - 2015-09-10 20:22 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 22:24 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-26 15:54 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-04-13 00:31 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 00:31 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-18 00:35 - 2015-10-20 20:48 - 00405416 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-01 17:47 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 17:47 - 2015-09-17 08:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-12 12:53 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-12 12:53 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 12:53 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:48 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-29 13:13 - 2015-12-28 14:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-05 15:04 - 2013-12-11 07:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-26 22:51 - 2015-07-26 22:51 - 00000026 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-790963611-2055800212-2272835107-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jindra\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "NeroCheck"
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\StartupApproved\Run: => "SideSync"
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-790963611-2055800212-2272835107-1001\...\StartupApproved\Run: => "Advanced SystemCare 9"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{630AC65B-678F-4676-8A91-0C5F21BD311C}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [TCP Query User{2E7B7039-5B5D-497D-82B2-0397CC65E954}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [{BC9E419E-2A5F-4530-B618-2CC4BA07099D}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [UDP Query User{607193FB-4F80-41C5-82A8-0C006ACE8675}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7D8EB1B2-2DE9-4F5E-AE5E-140FEB505F6F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D78024E1-A8D2-49A4-AB89-1BE85EBDEEAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DE50802-F97B-4FE6-9559-8C25D28326DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7691C514-424A-434B-9AB1-A7D07AF2C0FA}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{39C6B4CC-5598-457B-BEDA-0BF16F7D4667}] => (Allow) LPort=54925
FirewallRules: [{38CD9060-CD5A-46F3-BA33-C736D2804651}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E3D862C-14AE-4B8F-90FB-7F1D74A0DDEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B94CC9-4221-41A5-8FF0-AD9D55B9647C}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{95DCA8B8-F5A7-4B8D-BE76-4FBB65F33046}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{C97AFF46-1067-4778-8EB5-F8D1123D402B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AA8B1E74-1B8E-4E06-9711-93F7BBB07CA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{486CF975-AA8D-4663-AC91-C5BD2970FC9E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{09C3A2C9-CF83-4A41-AA43-32A679D36378}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

==================== Restore Points =========================

29-05-2016 11:02:10 Naplánovaný kontrolní bod
07-06-2016 22:22:55 Naplánovaný kontrolní bod
15-06-2016 12:47:27 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2016 08:43:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: I5CORE)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (06/15/2016 08:35:49 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (06/15/2016 08:35:47 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - base\appmodel\search\search\ytrip\common\util\jetutil.cpp (203)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
0x8e5e0210 (0x8e5e0210)

Error: (06/15/2016 08:35:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (1536) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb000C7.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/15/2016 07:37:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: I5CORE)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

System errors:
=============
Error: (06/15/2016 08:44:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (06/15/2016 08:43:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/15/2016 08:43:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

CodeIntegrity:
===================================
Date: 2016-06-15 17:51:40.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.406
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.387
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-15 17:51:40.336
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 36%
Total physical RAM: 3976.96 MB
Available physical RAM: 2530.81 MB
Total Virtual: 8072.96 MB
Available Virtual: 6608.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:868.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#7 Příspěvek od **Rudy** » 15 čer 2016 20:26

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {064991D6-BA03-4C85-8E24-77E3BAA10362} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {182ED243-AAF8-4A71-A5EE-189D6323AE01} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1FF54212-DBA9-4E40-B7B6-5D784F021A5B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2B1491B8-4DEB-409A-8CAF-6C71C7499BE5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3365186B-74AE-41A9-9543-2FF89CE5DFEC} - System32\Tasks\{0391D18C-6445-4F72-90F3-EC9116681B75} => pcalua.exe -a C:\Users\Jindra\AppData\Local\Apps\2.0\3T3YQ15M.XJA\G12ENHRB.JBG\dell..tion_6d0a76327dca4869_0006.000c_9ebce3b7bfa8d3cd\Uninstaller.exe -c uninstall
Task: {34308973-54AF-4B0B-9745-B26210438029} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3FF6F3F4-C7CC-4FBD-8661-53D40B167695} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {43343109-6E8D-4451-844B-2FB3FAE26869} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A14EB20-2F96-4038-B924-0E6AE3EBB4A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {63738279-2200-4BDF-8A51-02AA0DCC49D2} - System32\Tasks\Wise Turbo Checker => C:\Users\Jindra\AppData\Local\Temp\Rar$EXa0.228\Wise Care 365\WiseTurbo.exe <==== ATTENTION
Task: {8DA543B7-80DF-4F34-B6B5-8123576842BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {91139CA2-23CF-491A-A751-C6091E118791} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F876D9F0-6B9B-4435-BE83-88A3FEB35595} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\Jindra\AppData\Local\Temp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

jindra.paryzek · #8 Příspěvek od **jindra.paryzek** » 15 čer 2016 20:40

Nic to nedělá
A přitom mám soubor na ploše zkopírován fixlist.txt.

#9 Příspěvek od **Rudy** » 15 čer 2016 21:37

Nemáte náhodou překlep v názvu souboru? A máte na ploše i FRST?

jindra.paryzek

Vše mám podle Vás a vše mám na ploše. Nápis souboru fixlist.txt.

#11 Příspěvek od **Rudy** » 15 čer 2016 21:46

Jestli je i s tou tečkou za txt, pak to nemůže fugovat. To je jen tečka za větou.

jindra.paryzek

Máte pravdu...ta .
Fix result of Farbar Recovery Scan Tool (x64) Version:15-06-2016
Ran by Jindra (2016-06-15 22:45:45) Run:1
Running from C:\Users\Jindra\Desktop
Loaded Profiles: Jindra (Available Profiles: Jindra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {064991D6-BA03-4C85-8E24-77E3BAA10362} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {182ED243-AAF8-4A71-A5EE-189D6323AE01} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1FF54212-DBA9-4E40-B7B6-5D784F021A5B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2B1491B8-4DEB-409A-8CAF-6C71C7499BE5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3365186B-74AE-41A9-9543-2FF89CE5DFEC} - System32\Tasks\{0391D18C-6445-4F72-90F3-EC9116681B75} => pcalua.exe -a C:\Users\Jindra\AppData\Local\Apps\2.0\3T3YQ15M.XJA\G12ENHRB.JBG\dell..tion_6d0a76327dca4869_0006.000c_9ebce3b7bfa8d3cd\Uninstaller.exe -c uninstall
Task: {34308973-54AF-4B0B-9745-B26210438029} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3FF6F3F4-C7CC-4FBD-8661-53D40B167695} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {43343109-6E8D-4451-844B-2FB3FAE26869} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A14EB20-2F96-4038-B924-0E6AE3EBB4A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {63738279-2200-4BDF-8A51-02AA0DCC49D2} - System32\Tasks\Wise Turbo Checker => C:\Users\Jindra\AppData\Local\Temp\Rar$EXa0.228\Wise Care 365\WiseTurbo.exe <==== ATTENTION
Task: {8DA543B7-80DF-4F34-B6B5-8123576842BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {91139CA2-23CF-491A-A751-C6091E118791} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F876D9F0-6B9B-4435-BE83-88A3FEB35595} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\Jindra\AppData\Local\Temp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{064991D6-BA03-4C85-8E24-77E3BAA10362}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{064991D6-BA03-4C85-8E24-77E3BAA10362}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{182ED243-AAF8-4A71-A5EE-189D6323AE01}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{182ED243-AAF8-4A71-A5EE-189D6323AE01}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FF54212-DBA9-4E40-B7B6-5D784F021A5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FF54212-DBA9-4E40-B7B6-5D784F021A5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B1491B8-4DEB-409A-8CAF-6C71C7499BE5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1491B8-4DEB-409A-8CAF-6C71C7499BE5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3365186B-74AE-41A9-9543-2FF89CE5DFEC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3365186B-74AE-41A9-9543-2FF89CE5DFEC}" => key removed successfully
C:\WINDOWS\System32\Tasks\{0391D18C-6445-4F72-90F3-EC9116681B75} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0391D18C-6445-4F72-90F3-EC9116681B75}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34308973-54AF-4B0B-9745-B26210438029}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34308973-54AF-4B0B-9745-B26210438029}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FF6F3F4-C7CC-4FBD-8661-53D40B167695}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FF6F3F4-C7CC-4FBD-8661-53D40B167695}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43343109-6E8D-4451-844B-2FB3FAE26869}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43343109-6E8D-4451-844B-2FB3FAE26869}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5A14EB20-2F96-4038-B924-0E6AE3EBB4A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A14EB20-2F96-4038-B924-0E6AE3EBB4A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63738279-2200-4BDF-8A51-02AA0DCC49D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63738279-2200-4BDF-8A51-02AA0DCC49D2}" => key removed successfully
C:\WINDOWS\System32\Tasks\Wise Turbo Checker => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wise Turbo Checker" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DA543B7-80DF-4F34-B6B5-8123576842BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA543B7-80DF-4F34-B6B5-8123576842BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91139CA2-23CF-491A-A751-C6091E118791}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91139CA2-23CF-491A-A751-C6091E118791}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F876D9F0-6B9B-4435-BE83-88A3FEB35595}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F876D9F0-6B9B-4435-BE83-88A3FEB35595}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Jindra\AppData\Local\Temp" folder move:

Could not move "C:\Users\Jindra\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-15 22:47:35)

C:\Users\Jindra\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:47:48 ====

#13 Příspěvek od **Rudy** » 15 čer 2016 21:54

Smazáno. Nastala nějaká změna?

jindra.paryzek

Pc se zdá rachlejší, jen pomaleji startuje, když probíhal restart, ale je možné, že něco při restartu předělával.
Každopádně Vám moc děkuji a přeji Vám hezký večer

#15 Příspěvek od **Rudy** » 16 čer 2016 19:01

OK, rádo se stalo!

VIRY.CZ

Prosím o kontrolu, pc se rapidně zpomalilo, přikládám log

Prosím o kontrolu, pc se rapidně zpomalilo, přikládám log

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo

Re: Prosím o kontrolu, pc se rapidně zpomalilo, přikládám lo