Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2016-06-21 17:23:13
Microsoft Windows 10 Home
System drive C: has 387 GB (90%) free of 431 GB
Total RAM: 2009 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:23:32, on 21.6.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)
Boot mode: Normal
Running processes:
C:\windows\system32\sihost.exe
C:\windows\system32\taskhostw.exe
C:\windows\Explorer.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Windows\FixCamera.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\windows\system32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Zdeněk\Downloads\RSIT.exe
C:\Program Files\trend micro\Zdeněk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [FixCamera] C:\windows\FixCamera.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @oem33.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\windows\system32\BtwRSupportService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
--
End of file - 5047 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nprjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-09-29 4114288]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-09-29 5064560]
"FixCamera"=C:\windows\FixCamera.exe [2007-02-12 20480]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-11 6111312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-04-19 382144]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-06-01 6690520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8]
C:\Program Files\Google\Chrome\Application\chrome.exe [2016-06-15 941720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2016-06-15 26424448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-06-21 17:23:14 ----D---- C:\Program Files\trend micro
2016-06-21 17:23:13 ----D---- C:\rsit
2016-06-20 20:45:45 ----SHD---- C:\Config.Msi
2016-06-20 20:37:54 ----A---- C:\windows\PKZIP.PIF
2016-06-20 20:37:54 ----A---- C:\windows\PKUNZIP.PIF
2016-06-20 19:45:22 ----A---- C:\windows\system32\WudfUpdate_01011.dll
2016-06-20 19:16:29 ----D---- C:\windows\Downloaded Installations
2016-06-20 17:39:43 ----D---- C:\Program Files\CCleaner
2016-06-18 07:51:29 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-06-18 07:51:29 ----A---- C:\windows\system32\appraiser.dll
2016-06-18 07:51:25 ----A---- C:\windows\system32\ieframe.dll
2016-06-18 07:51:22 ----A---- C:\windows\system32\mos.dll
2016-06-18 07:51:19 ----A---- C:\windows\system32\AppXDeploymentServer.dll
2016-06-18 07:51:18 ----A---- C:\windows\system32\mshtml.dll
2016-06-18 07:51:11 ----A---- C:\windows\system32\edgehtml.dll
2016-06-18 07:51:06 ----A---- C:\windows\system32\Chakra.dll
2016-06-18 07:51:01 ----A---- C:\windows\system32\twinui.dll
2016-06-18 07:50:57 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-06-18 07:50:55 ----A---- C:\windows\system32\jscript9.dll
2016-06-18 07:50:53 ----A---- C:\windows\system32\BingMaps.dll
2016-06-18 07:50:51 ----A---- C:\windows\system32\iertutil.dll
2016-06-18 07:50:50 ----A---- C:\windows\system32\LocationFramework.dll
2016-06-18 07:50:48 ----A---- C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-18 07:50:48 ----A---- C:\windows\system32\gpsvc.dll
2016-06-18 07:50:47 ----A---- C:\windows\system32\SettingsHandlers_nt.dll
2016-06-18 07:50:46 ----A---- C:\windows\system32\tdlrecover.exe
2016-06-18 07:50:46 ----A---- C:\windows\system32\NetworkMobileSettings.dll
2016-06-18 07:50:45 ----A---- C:\windows\system32\ActiveSyncProvider.dll
2016-06-18 07:50:44 ----A---- C:\windows\system32\Windows.UI.Logon.dll
2016-06-18 07:50:43 ----A---- C:\windows\system32\vbscript.dll
2016-06-18 07:50:43 ----A---- C:\windows\system32\d3d10warp.dll
2016-06-18 07:50:43 ----A---- C:\windows\system32\atmfd.dll
2016-06-18 07:50:42 ----A---- C:\windows\system32\tileobjserver.dll
2016-06-18 07:50:41 ----A---- C:\windows\system32\MFMediaEngine.dll
2016-06-18 07:50:40 ----A---- C:\windows\system32\iphlpsvc.dll
2016-06-18 07:50:39 ----A---- C:\windows\system32\Windows.UI.Immersive.dll
2016-06-18 07:50:39 ----A---- C:\windows\system32\gdi32.dll
2016-06-18 07:50:38 ----A---- C:\windows\system32\AppContracts.dll
2016-06-18 07:50:37 ----A---- C:\windows\system32\MapsStore.dll
2016-06-18 07:50:36 ----A---- C:\windows\system32\dxgi.dll
2016-06-18 07:50:35 ----A---- C:\windows\system32\winhttp.dll
2016-06-18 07:50:34 ----A---- C:\windows\system32\setupapi.dll
2016-06-18 07:50:34 ----A---- C:\windows\system32\MapControlCore.dll
2016-06-18 07:50:33 ----A---- C:\windows\system32\StructuredQuery.dll
2016-06-18 07:50:32 ----A---- C:\windows\system32\urlmon.dll
2016-06-18 07:50:32 ----A---- C:\windows\system32\NetSetupEngine.dll
2016-06-18 07:50:32 ----A---- C:\windows\system32\fontdrvhost.exe
2016-06-18 07:50:31 ----A---- C:\windows\system32\WWAHost.exe
2016-06-18 07:50:31 ----A---- C:\windows\system32\MBMediaManager.dll
2016-06-18 07:50:31 ----A---- C:\windows\system32\MapConfiguration.dll
2016-06-18 07:50:30 ----A---- C:\windows\system32\win32kfull.sys
2016-06-18 07:50:29 ----A---- C:\windows\system32\ws2_32.dll
2016-06-18 07:50:29 ----A---- C:\windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-18 07:50:28 ----A---- C:\windows\explorer.exe
2016-06-18 07:50:27 ----A---- C:\windows\system32\Windows.UI.Shell.dll
2016-06-18 07:50:27 ----A---- C:\windows\system32\SystemEventsBrokerServer.dll
2016-06-18 07:50:26 ----A---- C:\windows\system32\MessagingDataModel2.dll
2016-06-18 07:50:26 ----A---- C:\windows\system32\invagent.dll
2016-06-18 07:50:26 ----A---- C:\windows\system32\drivers\dumpsdport.sys
2016-06-18 07:50:24 ----A---- C:\windows\system32\ntoskrnl.exe
2016-06-18 07:50:21 ----A---- C:\windows\system32\wscsvc.dll
2016-06-18 07:50:21 ----A---- C:\windows\system32\SRHInproc.dll
2016-06-18 07:50:21 ----A---- C:\windows\system32\drivers\srv2.sys
2016-06-18 07:50:20 ----A---- C:\windows\system32\LockAppHost.exe
2016-06-18 07:50:20 ----A---- C:\windows\system32\DeviceEnroller.exe
2016-06-18 07:50:19 ----A---- C:\windows\system32\SharedStartModel.dll
2016-06-18 07:50:19 ----A---- C:\windows\system32\AppxPackaging.dll
2016-06-18 07:50:18 ----A---- C:\windows\system32\wuaueng.dll
2016-06-18 07:50:18 ----A---- C:\windows\system32\ole32.dll
2016-06-18 07:50:14 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2016-06-18 07:50:12 ----A---- C:\windows\system32\acmigration.dll
2016-06-18 07:50:09 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll
2016-06-18 07:50:00 ----A---- C:\windows\system32\usocore.dll
2016-06-18 07:49:59 ----A---- C:\windows\system32\msfeeds.dll
2016-06-18 07:49:58 ----A---- C:\windows\system32\drivers\netbt.sys
2016-06-18 07:49:57 ----A---- C:\windows\system32\halmacpi.dll
2016-06-18 07:49:57 ----A---- C:\windows\system32\hal.dll
2016-06-18 07:49:55 ----A---- C:\windows\system32\wininet.dll
2016-06-18 07:49:52 ----A---- C:\windows\system32\bisrv.dll
2016-06-18 07:49:51 ----A---- C:\windows\system32\drivers\pci.sys
2016-06-18 07:49:51 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-06-18 07:49:47 ----A---- C:\windows\system32\ncryptsslp.dll
2016-06-18 07:49:46 ----A---- C:\windows\system32\mswsock.dll
2016-06-18 07:49:46 ----A---- C:\windows\system32\mdmmigrator.dll
2016-06-18 07:49:45 ----A---- C:\windows\system32\moshost.dll
2016-06-18 07:49:45 ----A---- C:\windows\system32\drivers\srv.sys
2016-06-18 07:49:43 ----A---- C:\windows\system32\drivers\cng.sys
2016-06-18 07:49:27 ----A---- C:\windows\system32\JpMapControl.dll
2016-06-18 07:49:20 ----A---- C:\windows\system32\drivers\dxgmms2.sys
2016-06-18 07:49:19 ----A---- C:\windows\system32\MosHostClient.dll
2016-06-18 07:49:18 ----A---- C:\windows\system32\RDXService.dll
2016-06-18 07:49:14 ----A---- C:\windows\system32\VEEventDispatcher.dll
2016-06-18 07:49:13 ----A---- C:\windows\system32\tetheringservice.dll
2016-06-18 07:49:13 ----A---- C:\windows\system32\drivers\tpm.sys
2016-06-18 07:49:11 ----A---- C:\windows\system32\SyncController.dll
2016-06-18 07:49:11 ----A---- C:\windows\system32\IPSECSVC.DLL
2016-06-18 07:49:11 ----A---- C:\windows\system32\gpapi.dll
2016-06-18 07:49:11 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-06-18 07:49:11 ----A---- C:\windows\system32\bcryptprimitives.dll
2016-06-18 07:49:10 ----A---- C:\windows\system32\rastls.dll
2016-06-18 07:49:09 ----A---- C:\windows\system32\SRH.dll
2016-06-18 07:49:09 ----A---- C:\windows\system32\NetworkUXBroker.exe
2016-06-18 07:49:09 ----A---- C:\windows\system32\devinv.dll
2016-06-18 07:49:09 ----A---- C:\windows\system32\aeinv.dll
2016-06-18 07:49:08 ----A---- C:\windows\system32\drivers\partmgr.sys
2016-06-18 07:49:08 ----A---- C:\windows\system32\dhcpcore6.dll
2016-06-18 07:49:07 ----A---- C:\windows\system32\wuauclt.exe
2016-06-18 07:49:07 ----A---- C:\windows\system32\StoreAgent.dll
2016-06-18 07:49:07 ----A---- C:\windows\system32\SettingsHandlers_Privacy.dll
2016-06-18 07:49:07 ----A---- C:\windows\system32\RDXTaskFactory.dll
2016-06-18 07:49:07 ----A---- C:\windows\system32\MosStorage.dll
2016-06-18 07:49:07 ----A---- C:\windows\system32\cryptsvc.dll
2016-06-18 07:49:06 ----A---- C:\windows\system32\polstore.dll
2016-06-18 07:49:06 ----A---- C:\windows\system32\NetSetupApi.dll
2016-06-18 07:49:06 ----A---- C:\windows\system32\drivers\ufx01000.sys
2016-06-18 07:49:06 ----A---- C:\windows\system32\BrokerLib.dll
2016-06-18 07:49:05 ----A---- C:\windows\system32\newdev.dll
2016-06-18 07:49:05 ----A---- C:\windows\system32\moshostcore.dll
2016-06-18 07:49:04 ----A---- C:\windows\system32\vpnike.dll
2016-06-18 07:49:04 ----A---- C:\windows\system32\dmenrollengine.dll
2016-06-18 07:49:03 ----A---- C:\windows\system32\omadmclient.exe
2016-06-18 07:49:03 ----A---- C:\windows\system32\internetmail.dll
2016-06-18 07:49:02 ----A---- C:\windows\system32\olepro32.dll
2016-06-18 07:49:02 ----A---- C:\windows\system32\enterprisecsps.dll
2016-06-18 07:49:01 ----A---- C:\windows\system32\updatepolicy.dll
2016-06-18 07:49:01 ----A---- C:\windows\system32\GnssAdapter.dll
2016-06-18 07:49:01 ----A---- C:\windows\system32\cdd.dll
2016-06-18 07:49:00 ----A---- C:\windows\system32\ngcpopkeysrv.dll
2016-06-18 07:49:00 ----A---- C:\windows\system32\httpprxm.dll
2016-06-18 07:49:00 ----A---- C:\windows\system32\drivers\Ndu.sys
2016-06-18 07:48:59 ----A---- C:\windows\system32\drivers\bthport.sys
2016-06-18 07:48:59 ----A---- C:\windows\system32\dhcpcsvc6.dll
2016-06-18 07:48:59 ----A---- C:\windows\system32\dhcpcsvc.dll
2016-06-18 07:48:59 ----A---- C:\windows\system32\adhsvc.dll
2016-06-18 07:48:58 ----A---- C:\windows\system32\drivers\hidclass.sys
2016-06-18 07:48:57 ----A---- C:\windows\system32\Windows.Internal.Management.dll
2016-06-18 07:48:57 ----A---- C:\windows\system32\httpprxp.dll
2016-06-18 07:48:57 ----A---- C:\windows\system32\dhcpcore.dll
2016-06-18 07:48:56 ----A---- C:\windows\system32\win32kbase.sys
2016-06-18 07:48:56 ----A---- C:\windows\system32\MusUpdateHandlers.dll
2016-06-18 07:48:56 ----A---- C:\windows\system32\FwRemoteSvr.dll
2016-06-18 07:48:56 ----A---- C:\windows\system32\dmcertinst.exe
2016-06-18 07:48:55 ----A---- C:\windows\system32\NMAA.dll
2016-06-18 07:48:55 ----A---- C:\windows\system32\MusNotification.exe
2016-06-18 07:48:55 ----A---- C:\windows\system32\mapsupdatetask.dll
2016-06-18 07:48:53 ----A---- C:\windows\system32\MapsBtSvc.dll
2016-06-18 07:48:52 ----A---- C:\windows\system32\mdmregistration.dll
2016-06-18 07:48:52 ----A---- C:\windows\system32\MapsCSP.dll
2016-06-18 07:48:52 ----A---- C:\windows\system32\fontsub.dll
2016-06-18 07:48:52 ----A---- C:\windows\system32\enrollmentapi.dll
2016-06-18 07:48:52 ----A---- C:\windows\system32\browserbroker.dll
2016-06-18 07:48:47 ----A---- C:\windows\system32\NetSetupSvc.dll
2016-06-18 07:48:47 ----A---- C:\windows\system32\InstallAgent.exe
2016-06-18 07:48:46 ----A---- C:\windows\system32\AppCapture.dll
2016-06-18 07:48:45 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2016-06-18 07:48:45 ----A---- C:\windows\system32\bcastdvr.exe
2016-06-18 07:48:44 ----A---- C:\windows\system32\drivers\bthenum.sys
2016-06-18 07:48:44 ----A---- C:\windows\system32\atmlib.dll
2016-06-17 14:55:08 ----AD---- C:\Program Files\Common Files\Skype
2016-06-17 14:55:07 ----RD---- C:\Program Files\Skype
2016-05-26 18:48:26 ----A---- C:\windows\system32\iMDriverHelper.dll
======List of files/folders modified in the last 1 month======
2016-06-21 17:23:14 ----RD---- C:\Program Files
2016-06-21 17:06:59 ----HD---- C:\Program Files\WindowsApps
2016-06-21 17:06:45 ----D---- C:\windows\Temp
2016-06-21 17:03:29 ----D---- C:\windows\AppReadiness
2016-06-21 17:02:32 ----D---- C:\windows\Prefetch
2016-06-21 17:00:45 ----D---- C:\windows\system32\sru
2016-06-20 21:27:20 ----D---- C:\windows\rescache
2016-06-20 20:48:07 ----SHD---- C:\windows\Installer
2016-06-20 20:47:43 ----RSD---- C:\windows\assembly
2016-06-20 20:47:38 ----D---- C:\Program Files\Microsoft.NET
2016-06-20 20:47:38 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-06-20 20:47:37 ----D---- C:\windows\System32
2016-06-20 20:47:33 ----D---- C:\Program Files\Common Files
2016-06-20 20:46:44 ----RSD---- C:\windows\Fonts
2016-06-20 20:46:28 ----D---- C:\ProgramData\Microsoft Help
2016-06-20 20:44:51 ----D---- C:\windows\ShellNew
2016-06-20 20:44:41 ----A---- C:\windows\win.ini
2016-06-20 20:37:54 ----D---- C:\Windows
2016-06-20 20:37:54 ----D---- C:\Program Files\totalcmd
2016-06-20 20:00:46 ----D---- C:\ProgramData\Lenovo
2016-06-20 19:58:42 ----D---- C:\windows\system32\drivers
2016-06-20 19:54:25 ----D---- C:\Users\Zdeněk\AppData\Roaming\Lenovo
2016-06-20 19:47:08 ----D---- C:\windows\system32\drivers\UMDF
2016-06-20 19:45:41 ----D---- C:\windows\system32\DriverStore
2016-06-20 19:45:41 ----D---- C:\windows\INF
2016-06-20 19:18:58 ----D---- C:\Program Files\Lenovo
2016-06-20 19:18:21 ----D---- C:\DRIVERS
2016-06-20 18:46:48 ----AD---- C:\Program Files\Malwarebytes Anti-Malware
2016-06-20 17:55:57 ----D---- C:\Program Files\vag-com-max2000
2016-06-20 17:48:58 ----D---- C:\Program Files\Google
2016-06-20 17:43:39 ----D---- C:\Users\Zdeněk\AppData\Roaming\DAEMON Tools Lite
2016-06-20 17:42:33 ----DC---- C:\windows\Panther
2016-06-20 17:42:33 ----D---- C:\windows\ModemLogs
2016-06-20 17:42:31 ----D---- C:\windows\debug
2016-06-20 17:39:47 ----D---- C:\windows\system32\Tasks
2016-06-20 17:39:18 ----D---- C:\windows\system32\config
2016-06-20 17:38:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-06-20 17:32:20 ----D---- C:\windows\WinSxS
2016-06-20 17:27:21 ----SD---- C:\windows\system32\DiagSvcs
2016-06-20 17:27:21 ----D---- C:\windows\system32\SystemResetPlatform
2016-06-20 17:27:21 ----D---- C:\windows\system32\cs-CZ
2016-06-20 17:27:19 ----D---- C:\windows\system32\migration
2016-06-20 17:27:19 ----D---- C:\windows\bcastdvr
2016-06-20 17:27:19 ----D---- C:\windows\apppatch
2016-06-20 17:27:19 ----D---- C:\Program Files\Internet Explorer
2016-06-20 17:18:36 ----D---- C:\windows\Microsoft.NET
2016-06-20 17:12:10 ----D---- C:\windows\CbsTemp
2016-06-20 16:32:57 ----D---- C:\windows\system32\MRT
2016-06-20 16:32:54 ----A---- C:\windows\system32\MRT.exe
2016-06-20 16:28:51 ----SHD---- C:\System Volume Information
2016-06-19 10:08:44 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2016-06-17 15:17:02 ----D---- C:\windows\system32\catroot2
2016-06-17 14:55:03 ----D---- C:\ProgramData\Skype
2016-06-14 20:33:01 ----A---- C:\windows\system32\FlashPlayerApp.exe
2016-05-27 16:07:28 ----D---- C:\windows\system32\oobe
2016-05-27 16:07:28 ----D---- C:\windows\system32\appraiser
2016-05-27 16:07:25 ----D---- C:\windows\Provisioning
2016-05-27 16:07:25 ----D---- C:\Program Files\Windows Journal
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-08-10 49776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-08-10 208664]
R0 iaStor;@oem39.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\windows\System32\drivers\iaStor.sys [2009-06-04 330264]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2013-08-30 21576]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-08-10 81728]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-11-11 794952]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-11-11 435464]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\windows\system32\drivers\filecrypt.sys [2016-04-23 76288]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2010-08-08 54800]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\windows\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-08-10 24016]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-08-10 76000]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-08-10 113592]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\windows\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\windows\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 ACPIVPC;@oem10.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-06-15 36176]
R3 ApfiltrService;@oem47.inf,%Filter.SvcDesc%;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2010-04-22 218744]
R3 b57nd60x;@netb57vx.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\System32\drivers\b57nd60x.sys [2015-10-30 402432]
R3 BCM43XX;@netbc63.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\System32\drivers\bcmwl63l.sys [2015-10-30 4715008]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2012-03-23 9036288]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-06-21 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 51928]
R3 MQAC;@mqutil.dll,-6101; C:\windows\system32\drivers\mqac.sys [2016-04-19 130560]
S0 LSI_SAS2i;LSI_SAS2i; C:\windows\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\windows\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\windows\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\windows\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\windows\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcbtums;@oem33.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\windows\system32\drivers\bcbtums.sys [2013-10-28 175320]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\windows\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2016-05-28 93184]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-10-30 102912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\drivers\BTHport.sys [2016-05-28 744448]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\drivers\BTHUSB.sys [2016-05-28 61952]
S3 btwampfl;@oem33.inf,%btwampfl.ServiceName%;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2013-10-28 144600]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\windows\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\windows\System32\drivers\capimg.sys [2016-04-19 96768]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2015-10-12 88576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\windows\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\windows\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\windows\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\windows\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\windows\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\windows\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2016-03-29 140288]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2015-10-12 184192]
S3 SWDUMon;SWDUMon; C:\windows\system32\DRIVERS\SWDUMon.sys [2016-04-20 13464]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\windows\System32\Drivers\UcmCx.sys [2016-04-23 46080]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\windows\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2015-10-30 37256]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-08-10 146600]
R2 BcmBtRSupport;@oem33.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\windows\system32\BtwRSupportService.exe [2013-10-28 1680088]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\windows\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\windows\System32\svchost.exe [2015-10-30 37256]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 MSMQ;@mqutil.dll,-6102; C:\windows\system32\mqsvc.exe [2016-04-19 25088]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_1612c8;Hostitel synchronizace_1612c8; C:\windows\system32\svchost.exe [2015-10-30 37256]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe [2010-03-25 445496]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\windows\system32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\windows\System32\svchost.exe [2015-10-30 37256]
R3 PimIndexMaintenanceSvc_1612c8;Data kontaktů_1612c8; C:\windows\system32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\windows\system32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\windows\System32\svchost.exe [2015-10-30 37256]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\windows\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_15fa9ee;Hostitel synchronizace_15fa9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_215a7b3;Hostitel synchronizace_215a7b3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_29499;Hostitel synchronizace_29499; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2e315a;Hostitel synchronizace_2e315a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_55cb7;Hostitel synchronizace_55cb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_bbe317;Hostitel synchronizace_bbe317; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_15fa9ee;Služba zasílání zpráv_15fa9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_1612c8;Služba zasílání zpráv_1612c8; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_215a7b3;Služba zasílání zpráv_215a7b3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_29499;Služba zasílání zpráv_29499; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2e315a;Služba zasílání zpráv_2e315a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_55cb7;Služba zasílání zpráv_55cb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_bbe317;Služba zasílání zpráv_bbe317; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_15fa9ee;Data kontaktů_15fa9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_215a7b3;Data kontaktů_215a7b3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_29499;Data kontaktů_29499; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2e315a;Data kontaktů_2e315a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_55cb7;Data kontaktů_55cb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_bbe317;Data kontaktů_bbe317; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\windows\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\windows\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\windows\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\windows\system32\TieringEngineService.exe [2015-10-30 256512]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-19 269000]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-10-30 45752]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\windows\system32\svchost.exe [2015-10-30 37256]
S4 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S4 ImControllerService;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2016-05-26 56144]
S4 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S4 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
S4 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-08 148080]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-05-23 324224]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\windows\system32\svchost.exe [2015-10-30 37256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu logu, Děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
Re: Prosím o preventivní kontrolu logu, Děkuji
# AdwCleaner v5.200 - Log vytvořen 22/06/2016 v 18:19:31
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-21.2 [Server]
# Operační system : Windows 10 Home (X86)
# Uživatelské jméno : Zdeněk - ZDENĚK-PC
# Spuštěno z : C:\Users\Zdeněk\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : swdumon
***** [ Složky ] *****
[-] Složka Smazáno : C:\Users\Public\Documents\Downloaded Installers
[-] Složka Smazáno : C:\Program Files\Mozilla Firefox\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka Smazáno : C:\Users\Zdeněk\AppData\Local\slimware utilities inc
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\windows\system32\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Klíč Smazáno : HKCU\Software\SlimWare Utilities Inc
[-] Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\RelevantKnowledge
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1461 bytů] - [22/06/2016 18:19:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1573 bytů] - [22/06/2016 18:14:45]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1607 bytů] ##########
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-21.2 [Server]
# Operační system : Windows 10 Home (X86)
# Uživatelské jméno : Zdeněk - ZDENĚK-PC
# Spuštěno z : C:\Users\Zdeněk\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : swdumon
***** [ Složky ] *****
[-] Složka Smazáno : C:\Users\Public\Documents\Downloaded Installers
[-] Složka Smazáno : C:\Program Files\Mozilla Firefox\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka Smazáno : C:\Users\Zdeněk\AppData\Local\slimware utilities inc
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\windows\system32\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Klíč Smazáno : HKCU\Software\SlimWare Utilities Inc
[-] Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\RelevantKnowledge
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1461 bytů] - [22/06/2016 18:19:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1573 bytů] - [22/06/2016 18:14:45]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1607 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
Re: Prosím o preventivní kontrolu logu, Děkuji
Nevím proč, ale nejde mi http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe otevřít. Hlásí mi to chybu HTTP 404.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Dejte to bez něj.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
Re: Prosím o preventivní kontrolu logu, Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2016 01
Ran by Zdeněk (administrator) on ZDENĚK-PC (22-06-2016 21:35:32)
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
() C:\Windows\FixCamera.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.45.1.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114288 2009-09-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064560 2009-09-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6111312 2015-11-11] (AVAST Software)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-08-10] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{405a13ac-6828-4e20-afd7-d18b9fa479c7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{bd51d244-f0d6-49e4-9d40-7a7b43a6e9d2}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10] (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-07-17] (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-01] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015-12-12]
Chrome:
=======
CHR HomePage: Profile 3 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 3 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-02-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-15]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-15]
CHR Extension: (Peněženka Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-12-30]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-04-13]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-11]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-08-10] (AVAST Software)
R2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
S4 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S4 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited)
S4 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 SAService; C:\windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\windows\System32\drivers\AcpiVpc.sys [36176 2015-06-15] (Lenovo Corporation)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24016 2015-08-10] (AVAST Software)
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [76000 2015-08-10] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-08-10] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49776 2015-08-10] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [794952 2015-11-11] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [435464 2015-11-11] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [113592 2015-08-10] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208664 2015-08-10] (AVAST Software)
S3 bcbtums; C:\windows\system32\drivers\bcbtums.sys [175320 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\windows\System32\drivers\bcmwl63l.sys [4715008 2015-10-30] (Broadcom Corporation)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
S3 btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [144600 2013-10-28] (Broadcom Corporation.)
R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2010-08-08] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 wdmirror; C:\windows\System32\drivers\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 21:35 - 2016-06-22 21:36 - 00015927 _____ C:\Users\Zdeněk\Desktop\FRST.txt
2016-06-22 21:35 - 2016-06-22 21:35 - 00000000 ____D C:\FRST
2016-06-22 19:32 - 2016-06-22 21:35 - 01738240 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2016-06-22 18:14 - 2016-06-22 18:19 - 00000000 ____D C:\AdwCleaner
2016-06-22 18:12 - 2016-06-22 18:14 - 03703360 _____ C:\Users\Zdeněk\Desktop\adwcleaner_5.200.exe
2016-06-21 17:23 - 2016-06-21 17:23 - 00000000 ____D C:\rsit
2016-06-21 17:23 - 2016-06-21 17:23 - 00000000 ____D C:\Program Files\trend micro
2016-06-21 17:22 - 2016-06-21 17:23 - 01107968 _____ C:\Users\Zdeněk\Downloads\RSIT.exe
2016-06-20 21:25 - 2016-06-20 21:26 - 36286296 _____ (Lenovo Group Limited ) C:\Users\Zdeněk\Downloads\8aax04ww.exe
2016-06-20 20:37 - 2016-06-20 20:37 - 03799848 _____ (Ghisler Software GmbH) C:\Users\Zdeněk\Downloads\tcmd852ax32.exe
2016-06-20 20:37 - 2016-06-20 20:37 - 00001064 _____ C:\Users\Zdeněk\Desktop\Total Commander.lnk
2016-06-20 20:37 - 2016-06-20 20:37 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-06-20 20:37 - 2015-09-17 08:52 - 00000545 _____ C:\windows\PKZIP.PIF
2016-06-20 20:37 - 2015-09-17 08:52 - 00000545 _____ C:\windows\PKUNZIP.PIF
2016-06-20 19:58 - 2016-06-20 19:58 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-06-20 19:54 - 2016-06-20 19:54 - 00000000 ____D C:\Users\Zdeněk\.QtWebEngineProcess
2016-06-20 19:54 - 2016-06-20 19:54 - 00000000 ____D C:\Users\Zdeněk\.LSC
2016-06-20 19:45 - 2016-06-20 19:45 - 02154872 _____ (Microsoft Corporation) C:\windows\system32\WudfUpdate_01011.dll
2016-06-20 19:41 - 2016-06-20 19:43 - 130152456 _____ (Lenovo ) C:\Users\Zdeněk\Downloads\SystemInterfaceFoundation (3).exe
2016-06-20 19:17 - 2016-06-20 19:17 - 00002160 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-06-20 19:16 - 2016-06-20 19:18 - 19471016 _____ (Lenovo Group Limited ) C:\Users\Zdeněk\Downloads\qo10ww22.exe
2016-06-20 19:16 - 2016-06-20 19:16 - 00000000 ____D C:\windows\Downloaded Installations
2016-06-20 19:15 - 2016-06-20 19:16 - 54291360 _____ (Lenovo) C:\Users\Zdeněk\Downloads\lscsetup_x86_33003.exe
2016-06-20 17:49 - 2016-06-20 17:49 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 17:48 - 2016-06-20 17:48 - 00987728 _____ (Google Inc.) C:\Users\Zdeněk\Downloads\ChromeSetup.exe
2016-06-20 17:39 - 2016-06-20 17:39 - 00001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-20 17:39 - 2016-06-20 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-20 17:39 - 2016-06-20 17:39 - 00000000 ____D C:\Program Files\CCleaner
2016-06-20 17:38 - 2016-06-20 17:38 - 06893008 _____ (Piriform Ltd) C:\Users\Zdeněk\Downloads\ccsetup518.exe
2016-06-20 16:17 - 2016-06-20 21:41 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Lenovo
2016-06-18 07:51 - 2016-05-28 08:05 - 01232576 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-18 07:51 - 2016-05-28 08:05 - 00042688 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-18 07:51 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2016-06-18 07:51 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-18 07:51 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2016-06-18 07:51 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\windows\system32\mos.dll
2016-06-18 07:51 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-18 07:51 - 2016-05-28 06:02 - 01896960 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2016-06-18 07:51 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2016-06-18 07:50 - 2016-05-28 08:05 - 00249536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-18 07:50 - 2016-05-28 08:05 - 00081088 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-18 07:50 - 2016-05-28 07:25 - 05797216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-06-18 07:50 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2016-06-18 07:50 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-18 07:50 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2016-06-18 07:50 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-18 07:50 - 2016-05-28 07:06 - 00613120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-18 07:50 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\windows\system32\LockAppHost.exe
2016-06-18 07:50 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 01714528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-06-18 07:50 - 2016-05-28 06:57 - 01396592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2016-06-18 07:50 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-18 07:50 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\tdlrecover.exe
2016-06-18 07:50 - 2016-05-28 06:31 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsdport.sys
2016-06-18 07:50 - 2016-05-28 06:19 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2016-06-18 07:50 - 2016-05-28 06:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-06-18 07:50 - 2016-05-28 06:16 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\MBMediaManager.dll
2016-06-18 07:50 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2016-06-18 07:50 - 2016-05-28 06:15 - 00274432 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2016-06-18 07:50 - 2016-05-28 06:14 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2016-06-18 07:50 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\MessagingDataModel2.dll
2016-06-18 07:50 - 2016-05-28 06:13 - 00604672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-18 07:50 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2016-06-18 07:50 - 2016-05-28 06:13 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\tileobjserver.dll
2016-06-18 07:50 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-18 07:50 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\windows\system32\SRHInproc.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00740352 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00612352 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-18 07:50 - 2016-05-28 06:06 - 03196928 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2016-06-18 07:50 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-18 07:50 - 2016-05-28 06:04 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2016-06-18 07:50 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 02974208 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2016-06-18 07:50 - 2016-05-28 06:03 - 01800704 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 01733632 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2016-06-18 07:50 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 02880512 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01193984 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-18 07:50 - 2016-05-28 06:00 - 01900032 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-06-18 07:50 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\windows\system32\ActiveSyncProvider.dll
2016-06-18 07:50 - 2016-05-28 05:56 - 01075200 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Shell.dll
2016-06-18 07:49 - 2016-05-28 08:05 - 00973504 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-18 07:49 - 2016-05-28 08:05 - 00440512 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00173920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-06-18 07:49 - 2016-05-28 07:25 - 00096096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2016-06-18 07:49 - 2016-05-28 07:22 - 00317280 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-18 07:49 - 2016-05-28 07:18 - 00023776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-06-18 07:49 - 2016-05-28 07:10 - 00136032 _____ (Microsoft Corporation) C:\windows\system32\NetworkUXBroker.exe
2016-06-18 07:49 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2016-06-18 07:49 - 2016-05-28 07:08 - 00260960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2016-06-18 07:49 - 2016-05-28 07:08 - 00203104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ufx01000.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00505136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-18 07:49 - 2016-05-28 07:04 - 00139616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00111608 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-18 07:49 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2016-06-18 07:49 - 2016-05-28 06:57 - 00484192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2016-06-18 07:49 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-06-18 07:49 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\MosHostClient.dll
2016-06-18 07:49 - 2016-05-28 06:22 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\omadmclient.exe
2016-06-18 07:49 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\MosStorage.dll
2016-06-18 07:49 - 2016-05-28 06:20 - 00180736 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-06-18 07:49 - 2016-05-28 06:20 - 00104960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Ndu.sys
2016-06-18 07:49 - 2016-05-28 06:20 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\moshost.dll
2016-06-18 07:49 - 2016-05-28 06:19 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-18 07:49 - 2016-05-28 06:18 - 00203264 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\BrokerLib.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\tetheringservice.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\newdev.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\GnssAdapter.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Privacy.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2016-06-18 07:49 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-06-18 07:49 - 2016-05-28 06:15 - 00527872 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-18 07:49 - 2016-05-28 06:14 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\VEEventDispatcher.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\mdmmigrator.dll
2016-06-18 07:49 - 2016-05-28 06:13 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-18 07:49 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2016-06-18 07:49 - 2016-05-28 06:12 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-18 07:49 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2016-06-18 07:49 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-18 07:49 - 2016-05-28 06:11 - 00453632 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2016-06-18 07:49 - 2016-05-28 06:09 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2016-06-18 07:49 - 2016-05-28 06:08 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2016-06-18 07:49 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\windows\system32\SyncController.dll
2016-06-18 07:49 - 2016-05-28 06:03 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\internetmail.dll
2016-06-18 07:49 - 2016-05-28 06:03 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2016-06-18 07:49 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2016-06-18 07:49 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-18 07:49 - 2016-05-28 05:54 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\ngcpopkeysrv.dll
2016-06-18 07:48 - 2016-05-28 06:31 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\MapsCSP.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\httpprxp.dll
2016-06-18 07:48 - 2016-05-28 06:24 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2016-06-18 07:48 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-18 07:48 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-18 07:48 - 2016-05-28 06:23 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\mapsupdatetask.dll
2016-06-18 07:48 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2016-06-18 07:48 - 2016-05-28 06:22 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\dmcertinst.exe
2016-06-18 07:48 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\MapsBtSvc.dll
2016-06-18 07:48 - 2016-05-28 06:21 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2016-06-18 07:48 - 2016-05-28 06:20 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2016-06-18 07:48 - 2016-05-28 06:20 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\AppCapture.dll
2016-06-18 07:48 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2016-06-18 07:48 - 2016-05-28 06:19 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2016-06-18 07:48 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll
2016-06-18 07:48 - 2016-05-28 06:18 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2016-06-18 07:48 - 2016-05-28 06:17 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2016-06-18 07:48 - 2016-05-28 06:15 - 00334336 _____ (Microsoft Corporation) C:\windows\system32\bcastdvr.exe
2016-06-18 07:48 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2016-06-18 07:48 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2016-06-18 07:48 - 2016-05-28 06:11 - 01152000 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2016-06-18 07:48 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\windows\system32\NMAA.dll
2016-06-18 07:48 - 2016-05-28 06:11 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2016-06-18 07:48 - 2016-05-28 06:10 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2016-06-18 07:48 - 2016-05-28 06:01 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\enrollmentapi.dll
2016-06-18 07:48 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2016-06-17 14:55 - 2016-06-19 09:57 - 00000000 ___RD C:\Program Files\Skype
2016-06-17 14:55 - 2016-06-17 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-17 14:55 - 2016-06-17 14:55 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-05-26 18:48 - 2016-05-26 18:48 - 00218448 _____ (Lenovo Group Limited) C:\windows\system32\iMDriverHelper.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 19:39 - 2012-06-08 15:19 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-22 19:35 - 2015-09-01 00:02 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\MicrosoftEdge
2016-06-22 18:21 - 2016-04-19 09:12 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-22 18:21 - 2015-05-19 08:47 - 00000964 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 18:20 - 2015-10-30 07:13 - 00262144 ___SH C:\windows\system32\config\BBI
2016-06-22 18:16 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-22 18:16 - 2015-10-30 07:48 - 00000000 ____D C:\windows\AppReadiness
2016-06-22 18:07 - 2015-03-24 18:27 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-20 21:38 - 2010-12-07 19:00 - 00000000 ____D C:\windows\pss
2016-06-20 21:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\rescache
2016-06-20 20:49 - 2016-04-19 08:42 - 00341320 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-20 20:47 - 2015-10-30 17:10 - 00000000 ____D C:\windows\ShellNew
2016-06-20 20:47 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-20 20:44 - 2009-07-14 04:04 - 00000644 _____ C:\windows\win.ini
2016-06-20 20:38 - 2010-10-14 16:52 - 00000000 ____D C:\Users\Zdeněk\Documents\Octavia
2016-06-20 20:37 - 2010-10-06 00:32 - 00000000 ____D C:\Program Files\totalcmd
2016-06-20 20:00 - 2015-09-01 00:12 - 00000000 ____D C:\ProgramData\Lenovo
2016-06-20 19:54 - 2016-04-19 08:50 - 00000000 ____D C:\Users\Zdeněk
2016-06-20 19:54 - 2014-08-20 22:16 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Lenovo
2016-06-20 19:45 - 2015-10-30 07:47 - 00000000 ____D C:\windows\INF
2016-06-20 19:18 - 2010-06-07 04:03 - 00000000 ____D C:\Program Files\Lenovo
2016-06-20 19:12 - 2010-10-05 23:29 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\ElevatedDiagnostics
2016-06-20 18:46 - 2015-03-24 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-20 18:46 - 2015-03-24 18:26 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-20 17:55 - 2010-10-14 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vag-com Max 2000
2016-06-20 17:55 - 2010-10-14 17:00 - 00000000 ____D C:\Program Files\vag-com-max2000
2016-06-20 17:48 - 2010-11-21 12:09 - 00000000 ____D C:\Program Files\Google
2016-06-20 17:43 - 2010-10-06 00:03 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\DAEMON Tools Lite
2016-06-20 17:42 - 2016-04-19 09:41 - 00000000 ___DC C:\windows\Panther
2016-06-20 17:42 - 2015-10-30 07:48 - 00000000 ____D C:\windows\ModemLogs
2016-06-20 17:38 - 2016-04-19 08:48 - 02004636 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-20 17:38 - 2015-10-30 17:08 - 00833804 _____ C:\windows\system32\perfh005.dat
2016-06-20 17:38 - 2015-10-30 17:08 - 00186512 _____ C:\windows\system32\perfc005.dat
2016-06-20 17:32 - 2015-08-31 23:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ___SD C:\windows\system32\DiagSvcs
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\bcastdvr
2016-06-20 17:12 - 2015-10-30 07:39 - 00000000 ____D C:\windows\CbsTemp
2016-06-20 17:12 - 2013-12-02 16:57 - 00000000 ____D C:\windows\system32\MRT
2016-06-20 16:32 - 2010-10-09 09:17 - 139785240 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-06-19 10:08 - 2010-10-09 09:06 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Skype
2016-06-19 09:58 - 2010-10-09 09:06 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 14:55 - 2014-08-20 13:28 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Skype
2016-06-14 20:33 - 2015-10-30 07:49 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-06-05 08:49 - 2016-04-20 17:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 16:07 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\oobe
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\appraiser
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\Provisioning
2016-05-27 16:06 - 2015-10-30 07:48 - 00015703 _____ C:\windows\system32\OEMDefaultAssociations.xml
==================== Files in the root of some directories =======
2015-07-18 07:53 - 2015-07-18 07:53 - 6420480 _____ () C:\Program Files\GUTD0A8.tmp
2010-12-31 12:03 - 2010-12-31 12:03 - 0000316 _____ () C:\Users\Zdeněk\AppData\Roaming\lenovo_config.dat
2014-01-14 16:05 - 2014-01-14 16:05 - 0003584 _____ () C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-28 17:56 - 2013-02-28 17:56 - 0007607 _____ () C:\Users\Zdeněk\AppData\Local\Resmon.ResmonCfg
2013-12-22 13:37 - 2013-12-22 18:31 - 0001112 _____ () C:\Users\Zdeněk\AppData\Local\SRDownloader.nast
2014-08-20 23:10 - 2014-08-20 23:10 - 0000088 _____ () C:\ProgramData\profile.xml
Some files in TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\libeay32.dll
C:\Users\Zdeněk\AppData\Local\Temp\msvcr120.dll
C:\Users\Zdeněk\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-20 17:15
==================== End of FRST.txt ============================
Ran by Zdeněk (administrator) on ZDENĚK-PC (22-06-2016 21:35:32)
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
() C:\Windows\FixCamera.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.45.1.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114288 2009-09-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064560 2009-09-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6111312 2015-11-11] (AVAST Software)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-08-10] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{405a13ac-6828-4e20-afd7-d18b9fa479c7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{bd51d244-f0d6-49e4-9d40-7a7b43a6e9d2}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-08-10] (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-07-17] (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-01] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015-12-12]
Chrome:
=======
CHR HomePage: Profile 3 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 3 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-02-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-15]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-15]
CHR Extension: (Peněženka Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-12-30]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-04-13]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-11]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-08-10] (AVAST Software)
R2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
S4 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S4 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited)
S4 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 SAService; C:\windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\windows\System32\drivers\AcpiVpc.sys [36176 2015-06-15] (Lenovo Corporation)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24016 2015-08-10] (AVAST Software)
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [76000 2015-08-10] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-08-10] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49776 2015-08-10] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [794952 2015-11-11] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [435464 2015-11-11] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [113592 2015-08-10] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208664 2015-08-10] (AVAST Software)
S3 bcbtums; C:\windows\system32\drivers\bcbtums.sys [175320 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\windows\System32\drivers\bcmwl63l.sys [4715008 2015-10-30] (Broadcom Corporation)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
S3 btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [144600 2013-10-28] (Broadcom Corporation.)
R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2010-08-08] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 wdmirror; C:\windows\System32\drivers\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 21:35 - 2016-06-22 21:36 - 00015927 _____ C:\Users\Zdeněk\Desktop\FRST.txt
2016-06-22 21:35 - 2016-06-22 21:35 - 00000000 ____D C:\FRST
2016-06-22 19:32 - 2016-06-22 21:35 - 01738240 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2016-06-22 18:14 - 2016-06-22 18:19 - 00000000 ____D C:\AdwCleaner
2016-06-22 18:12 - 2016-06-22 18:14 - 03703360 _____ C:\Users\Zdeněk\Desktop\adwcleaner_5.200.exe
2016-06-21 17:23 - 2016-06-21 17:23 - 00000000 ____D C:\rsit
2016-06-21 17:23 - 2016-06-21 17:23 - 00000000 ____D C:\Program Files\trend micro
2016-06-21 17:22 - 2016-06-21 17:23 - 01107968 _____ C:\Users\Zdeněk\Downloads\RSIT.exe
2016-06-20 21:25 - 2016-06-20 21:26 - 36286296 _____ (Lenovo Group Limited ) C:\Users\Zdeněk\Downloads\8aax04ww.exe
2016-06-20 20:37 - 2016-06-20 20:37 - 03799848 _____ (Ghisler Software GmbH) C:\Users\Zdeněk\Downloads\tcmd852ax32.exe
2016-06-20 20:37 - 2016-06-20 20:37 - 00001064 _____ C:\Users\Zdeněk\Desktop\Total Commander.lnk
2016-06-20 20:37 - 2016-06-20 20:37 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-06-20 20:37 - 2015-09-17 08:52 - 00000545 _____ C:\windows\PKZIP.PIF
2016-06-20 20:37 - 2015-09-17 08:52 - 00000545 _____ C:\windows\PKUNZIP.PIF
2016-06-20 19:58 - 2016-06-20 19:58 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-06-20 19:54 - 2016-06-20 19:54 - 00000000 ____D C:\Users\Zdeněk\.QtWebEngineProcess
2016-06-20 19:54 - 2016-06-20 19:54 - 00000000 ____D C:\Users\Zdeněk\.LSC
2016-06-20 19:45 - 2016-06-20 19:45 - 02154872 _____ (Microsoft Corporation) C:\windows\system32\WudfUpdate_01011.dll
2016-06-20 19:41 - 2016-06-20 19:43 - 130152456 _____ (Lenovo ) C:\Users\Zdeněk\Downloads\SystemInterfaceFoundation (3).exe
2016-06-20 19:17 - 2016-06-20 19:17 - 00002160 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-06-20 19:16 - 2016-06-20 19:18 - 19471016 _____ (Lenovo Group Limited ) C:\Users\Zdeněk\Downloads\qo10ww22.exe
2016-06-20 19:16 - 2016-06-20 19:16 - 00000000 ____D C:\windows\Downloaded Installations
2016-06-20 19:15 - 2016-06-20 19:16 - 54291360 _____ (Lenovo) C:\Users\Zdeněk\Downloads\lscsetup_x86_33003.exe
2016-06-20 17:49 - 2016-06-20 17:49 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 17:48 - 2016-06-20 17:48 - 00987728 _____ (Google Inc.) C:\Users\Zdeněk\Downloads\ChromeSetup.exe
2016-06-20 17:39 - 2016-06-20 17:39 - 00001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-20 17:39 - 2016-06-20 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-20 17:39 - 2016-06-20 17:39 - 00000000 ____D C:\Program Files\CCleaner
2016-06-20 17:38 - 2016-06-20 17:38 - 06893008 _____ (Piriform Ltd) C:\Users\Zdeněk\Downloads\ccsetup518.exe
2016-06-20 16:17 - 2016-06-20 21:41 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Lenovo
2016-06-18 07:51 - 2016-05-28 08:05 - 01232576 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-18 07:51 - 2016-05-28 08:05 - 00042688 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-18 07:51 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2016-06-18 07:51 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-18 07:51 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2016-06-18 07:51 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\windows\system32\mos.dll
2016-06-18 07:51 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-18 07:51 - 2016-05-28 06:02 - 01896960 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2016-06-18 07:51 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2016-06-18 07:50 - 2016-05-28 08:05 - 00249536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-18 07:50 - 2016-05-28 08:05 - 00081088 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-18 07:50 - 2016-05-28 07:25 - 05797216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-06-18 07:50 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2016-06-18 07:50 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-18 07:50 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-06-18 07:50 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2016-06-18 07:50 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-18 07:50 - 2016-05-28 07:06 - 00613120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-18 07:50 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\windows\system32\LockAppHost.exe
2016-06-18 07:50 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 01714528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-06-18 07:50 - 2016-05-28 06:57 - 01396592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2016-06-18 07:50 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2016-06-18 07:50 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-18 07:50 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\tdlrecover.exe
2016-06-18 07:50 - 2016-05-28 06:31 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsdport.sys
2016-06-18 07:50 - 2016-05-28 06:19 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2016-06-18 07:50 - 2016-05-28 06:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-06-18 07:50 - 2016-05-28 06:16 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\MBMediaManager.dll
2016-06-18 07:50 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2016-06-18 07:50 - 2016-05-28 06:15 - 00274432 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2016-06-18 07:50 - 2016-05-28 06:14 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2016-06-18 07:50 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\MessagingDataModel2.dll
2016-06-18 07:50 - 2016-05-28 06:13 - 00604672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-18 07:50 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2016-06-18 07:50 - 2016-05-28 06:13 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\tileobjserver.dll
2016-06-18 07:50 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-18 07:50 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\windows\system32\SRHInproc.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00740352 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00612352 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2016-06-18 07:50 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-18 07:50 - 2016-05-28 06:06 - 03196928 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2016-06-18 07:50 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-18 07:50 - 2016-05-28 06:04 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2016-06-18 07:50 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 02974208 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2016-06-18 07:50 - 2016-05-28 06:03 - 01800704 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 01733632 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2016-06-18 07:50 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2016-06-18 07:50 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 02880512 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-18 07:50 - 2016-05-28 06:01 - 01193984 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-18 07:50 - 2016-05-28 06:00 - 01900032 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-06-18 07:50 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\windows\system32\ActiveSyncProvider.dll
2016-06-18 07:50 - 2016-05-28 05:56 - 01075200 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Shell.dll
2016-06-18 07:49 - 2016-05-28 08:05 - 00973504 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-18 07:49 - 2016-05-28 08:05 - 00440512 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2016-06-18 07:49 - 2016-05-28 07:25 - 00173920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-06-18 07:49 - 2016-05-28 07:25 - 00096096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2016-06-18 07:49 - 2016-05-28 07:22 - 00317280 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-18 07:49 - 2016-05-28 07:18 - 00023776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-06-18 07:49 - 2016-05-28 07:10 - 00136032 _____ (Microsoft Corporation) C:\windows\system32\NetworkUXBroker.exe
2016-06-18 07:49 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2016-06-18 07:49 - 2016-05-28 07:08 - 00260960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2016-06-18 07:49 - 2016-05-28 07:08 - 00203104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ufx01000.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00505136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-18 07:49 - 2016-05-28 07:04 - 00139616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-18 07:49 - 2016-05-28 07:04 - 00111608 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-18 07:49 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2016-06-18 07:49 - 2016-05-28 06:57 - 00484192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2016-06-18 07:49 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-06-18 07:49 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\MosHostClient.dll
2016-06-18 07:49 - 2016-05-28 06:22 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\omadmclient.exe
2016-06-18 07:49 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\MosStorage.dll
2016-06-18 07:49 - 2016-05-28 06:20 - 00180736 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-06-18 07:49 - 2016-05-28 06:20 - 00104960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Ndu.sys
2016-06-18 07:49 - 2016-05-28 06:20 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\moshost.dll
2016-06-18 07:49 - 2016-05-28 06:19 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-18 07:49 - 2016-05-28 06:18 - 00203264 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\BrokerLib.dll
2016-06-18 07:49 - 2016-05-28 06:18 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\tetheringservice.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\newdev.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\GnssAdapter.dll
2016-06-18 07:49 - 2016-05-28 06:17 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Privacy.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-18 07:49 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2016-06-18 07:49 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-06-18 07:49 - 2016-05-28 06:15 - 00527872 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-18 07:49 - 2016-05-28 06:14 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\VEEventDispatcher.dll
2016-06-18 07:49 - 2016-05-28 06:14 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\mdmmigrator.dll
2016-06-18 07:49 - 2016-05-28 06:13 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-18 07:49 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2016-06-18 07:49 - 2016-05-28 06:12 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-18 07:49 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2016-06-18 07:49 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-18 07:49 - 2016-05-28 06:11 - 00453632 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2016-06-18 07:49 - 2016-05-28 06:09 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2016-06-18 07:49 - 2016-05-28 06:08 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2016-06-18 07:49 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\windows\system32\SyncController.dll
2016-06-18 07:49 - 2016-05-28 06:03 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\internetmail.dll
2016-06-18 07:49 - 2016-05-28 06:03 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2016-06-18 07:49 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2016-06-18 07:49 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-18 07:49 - 2016-05-28 05:54 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\ngcpopkeysrv.dll
2016-06-18 07:48 - 2016-05-28 06:31 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\MapsCSP.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-18 07:48 - 2016-05-28 06:25 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\httpprxp.dll
2016-06-18 07:48 - 2016-05-28 06:24 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2016-06-18 07:48 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-18 07:48 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-18 07:48 - 2016-05-28 06:23 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\mapsupdatetask.dll
2016-06-18 07:48 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2016-06-18 07:48 - 2016-05-28 06:22 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\dmcertinst.exe
2016-06-18 07:48 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\MapsBtSvc.dll
2016-06-18 07:48 - 2016-05-28 06:21 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2016-06-18 07:48 - 2016-05-28 06:20 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2016-06-18 07:48 - 2016-05-28 06:20 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\AppCapture.dll
2016-06-18 07:48 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2016-06-18 07:48 - 2016-05-28 06:19 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2016-06-18 07:48 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll
2016-06-18 07:48 - 2016-05-28 06:18 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2016-06-18 07:48 - 2016-05-28 06:17 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2016-06-18 07:48 - 2016-05-28 06:15 - 00334336 _____ (Microsoft Corporation) C:\windows\system32\bcastdvr.exe
2016-06-18 07:48 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2016-06-18 07:48 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2016-06-18 07:48 - 2016-05-28 06:11 - 01152000 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2016-06-18 07:48 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\windows\system32\NMAA.dll
2016-06-18 07:48 - 2016-05-28 06:11 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2016-06-18 07:48 - 2016-05-28 06:10 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2016-06-18 07:48 - 2016-05-28 06:01 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\enrollmentapi.dll
2016-06-18 07:48 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2016-06-17 14:55 - 2016-06-19 09:57 - 00000000 ___RD C:\Program Files\Skype
2016-06-17 14:55 - 2016-06-17 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-17 14:55 - 2016-06-17 14:55 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-05-26 18:48 - 2016-05-26 18:48 - 00218448 _____ (Lenovo Group Limited) C:\windows\system32\iMDriverHelper.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 19:39 - 2012-06-08 15:19 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-22 19:35 - 2015-09-01 00:02 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\MicrosoftEdge
2016-06-22 18:21 - 2016-04-19 09:12 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-22 18:21 - 2015-05-19 08:47 - 00000964 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 18:20 - 2015-10-30 07:13 - 00262144 ___SH C:\windows\system32\config\BBI
2016-06-22 18:16 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-22 18:16 - 2015-10-30 07:48 - 00000000 ____D C:\windows\AppReadiness
2016-06-22 18:07 - 2015-03-24 18:27 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-20 21:38 - 2010-12-07 19:00 - 00000000 ____D C:\windows\pss
2016-06-20 21:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\rescache
2016-06-20 20:49 - 2016-04-19 08:42 - 00341320 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-20 20:47 - 2015-10-30 17:10 - 00000000 ____D C:\windows\ShellNew
2016-06-20 20:47 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-20 20:44 - 2009-07-14 04:04 - 00000644 _____ C:\windows\win.ini
2016-06-20 20:38 - 2010-10-14 16:52 - 00000000 ____D C:\Users\Zdeněk\Documents\Octavia
2016-06-20 20:37 - 2010-10-06 00:32 - 00000000 ____D C:\Program Files\totalcmd
2016-06-20 20:00 - 2015-09-01 00:12 - 00000000 ____D C:\ProgramData\Lenovo
2016-06-20 19:54 - 2016-04-19 08:50 - 00000000 ____D C:\Users\Zdeněk
2016-06-20 19:54 - 2014-08-20 22:16 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Lenovo
2016-06-20 19:45 - 2015-10-30 07:47 - 00000000 ____D C:\windows\INF
2016-06-20 19:18 - 2010-06-07 04:03 - 00000000 ____D C:\Program Files\Lenovo
2016-06-20 19:12 - 2010-10-05 23:29 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\ElevatedDiagnostics
2016-06-20 18:46 - 2015-03-24 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-20 18:46 - 2015-03-24 18:26 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-20 17:55 - 2010-10-14 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vag-com Max 2000
2016-06-20 17:55 - 2010-10-14 17:00 - 00000000 ____D C:\Program Files\vag-com-max2000
2016-06-20 17:48 - 2010-11-21 12:09 - 00000000 ____D C:\Program Files\Google
2016-06-20 17:43 - 2010-10-06 00:03 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\DAEMON Tools Lite
2016-06-20 17:42 - 2016-04-19 09:41 - 00000000 ___DC C:\windows\Panther
2016-06-20 17:42 - 2015-10-30 07:48 - 00000000 ____D C:\windows\ModemLogs
2016-06-20 17:38 - 2016-04-19 08:48 - 02004636 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-20 17:38 - 2015-10-30 17:08 - 00833804 _____ C:\windows\system32\perfh005.dat
2016-06-20 17:38 - 2015-10-30 17:08 - 00186512 _____ C:\windows\system32\perfc005.dat
2016-06-20 17:32 - 2015-08-31 23:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ___SD C:\windows\system32\DiagSvcs
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2016-06-20 17:27 - 2015-10-30 07:48 - 00000000 ____D C:\windows\bcastdvr
2016-06-20 17:12 - 2015-10-30 07:39 - 00000000 ____D C:\windows\CbsTemp
2016-06-20 17:12 - 2013-12-02 16:57 - 00000000 ____D C:\windows\system32\MRT
2016-06-20 16:32 - 2010-10-09 09:17 - 139785240 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-06-19 10:08 - 2010-10-09 09:06 - 00000000 ____D C:\Users\Zdeněk\AppData\Roaming\Skype
2016-06-19 09:58 - 2010-10-09 09:06 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 14:55 - 2014-08-20 13:28 - 00000000 ____D C:\Users\Zdeněk\AppData\Local\Skype
2016-06-14 20:33 - 2015-10-30 07:49 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-06-05 08:49 - 2016-04-20 17:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 16:07 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\oobe
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\system32\appraiser
2016-05-27 16:07 - 2015-10-30 07:48 - 00000000 ____D C:\windows\Provisioning
2016-05-27 16:06 - 2015-10-30 07:48 - 00015703 _____ C:\windows\system32\OEMDefaultAssociations.xml
==================== Files in the root of some directories =======
2015-07-18 07:53 - 2015-07-18 07:53 - 6420480 _____ () C:\Program Files\GUTD0A8.tmp
2010-12-31 12:03 - 2010-12-31 12:03 - 0000316 _____ () C:\Users\Zdeněk\AppData\Roaming\lenovo_config.dat
2014-01-14 16:05 - 2014-01-14 16:05 - 0003584 _____ () C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-28 17:56 - 2013-02-28 17:56 - 0007607 _____ () C:\Users\Zdeněk\AppData\Local\Resmon.ResmonCfg
2013-12-22 13:37 - 2013-12-22 18:31 - 0001112 _____ () C:\Users\Zdeněk\AppData\Local\SRDownloader.nast
2014-08-20 23:10 - 2014-08-20 23:10 - 0000088 _____ () C:\ProgramData\profile.xml
Some files in TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\libeay32.dll
C:\Users\Zdeněk\AppData\Local\Temp\msvcr120.dll
C:\Users\Zdeněk\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-20 17:15
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (12.51 KiB) Staženo 85 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
U3 idsvc; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUTD0A8.tmp
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Zdeněk\AppData\Local\Temp
Task: {1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {314D2B21-A47F-404F-802F-81B0173B97DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {450B5109-DD81-44BB-94EB-4595098A557A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {600FA286-BFD3-4806-83AD-7AC8C7E5DF8A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6DDDEE01-7158-415B-974A-5FBD1DCD7912} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C648987-CE3C-463B-9D36-97367B5B40B1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DA4E3005-FED6-4494-A0B1-D41757490336} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
Re: Prosím o preventivní kontrolu logu, Děkuji
Fix result of Farbar Recovery Scan Tool (x86) Version: 20-06-2016 01
Ran by Zdeněk (2016-06-22 22:11:58) Run:1
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
U3 idsvc; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUTD0A8.tmp
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Zdeněk\AppData\Local\Temp
Task: {1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {314D2B21-A47F-404F-802F-81B0173B97DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {450B5109-DD81-44BB-94EB-4595098A557A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {600FA286-BFD3-4806-83AD-7AC8C7E5DF8A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6DDDEE01-7158-415B-974A-5FBD1DCD7912} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C648987-CE3C-463B-9D36-97367B5B40B1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DA4E3005-FED6-4494-A0B1-D41757490336} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
idsvc => service removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Program Files\GUTD0A8.tmp => moved successfully
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"C:\Users\Zdeněk\AppData\Local\Temp" folder move:
Could not move "C:\Users\Zdeněk\AppData\Local\Temp" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{314D2B21-A47F-404F-802F-81B0173B97DD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{314D2B21-A47F-404F-802F-81B0173B97DD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{450B5109-DD81-44BB-94EB-4595098A557A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{450B5109-DD81-44BB-94EB-4595098A557A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{600FA286-BFD3-4806-83AD-7AC8C7E5DF8A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{600FA286-BFD3-4806-83AD-7AC8C7E5DF8A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DDDEE01-7158-415B-974A-5FBD1DCD7912}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DDDEE01-7158-415B-974A-5FBD1DCD7912}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C648987-CE3C-463B-9D36-97367B5B40B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C648987-CE3C-463B-9D36-97367B5B40B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA4E3005-FED6-4494-A0B1-D41757490336}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4E3005-FED6-4494-A0B1-D41757490336}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-22 22:13:49)
C:\Users\Zdeněk\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:13:50 ====
Ran by Zdeněk (2016-06-22 22:11:58) Run:1
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
U3 idsvc; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUTD0A8.tmp
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Zdeněk\AppData\Local\Temp
Task: {1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {314D2B21-A47F-404F-802F-81B0173B97DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {450B5109-DD81-44BB-94EB-4595098A557A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {600FA286-BFD3-4806-83AD-7AC8C7E5DF8A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6DDDEE01-7158-415B-974A-5FBD1DCD7912} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C648987-CE3C-463B-9D36-97367B5B40B1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DA4E3005-FED6-4494-A0B1-D41757490336} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
idsvc => service removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Program Files\GUTD0A8.tmp => moved successfully
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"C:\Users\Zdeněk\AppData\Local\Temp" folder move:
Could not move "C:\Users\Zdeněk\AppData\Local\Temp" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D05A6BF-63F9-4B24-8B7E-98DBEFEF10B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{314D2B21-A47F-404F-802F-81B0173B97DD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{314D2B21-A47F-404F-802F-81B0173B97DD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{450B5109-DD81-44BB-94EB-4595098A557A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{450B5109-DD81-44BB-94EB-4595098A557A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{600FA286-BFD3-4806-83AD-7AC8C7E5DF8A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{600FA286-BFD3-4806-83AD-7AC8C7E5DF8A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DDDEE01-7158-415B-974A-5FBD1DCD7912}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DDDEE01-7158-415B-974A-5FBD1DCD7912}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C648987-CE3C-463B-9D36-97367B5B40B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C648987-CE3C-463B-9D36-97367B5B40B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4AA4D35-4A82-4999-AFB2-EC19F8EC6C03}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA4E3005-FED6-4494-A0B1-D41757490336}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4E3005-FED6-4494-A0B1-D41757490336}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-22 22:13:49)
C:\Users\Zdeněk\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:13:50 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zdenek6041
- Návštěvník
- Příspěvky: 111
- Registrován: 30 led 2008 16:10
Re: Prosím o preventivní kontrolu logu, Děkuji
Fajn. Dekuji
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu, Děkuji
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?