Disk na 100%

Zpráva

HellSpay · #1 Příspěvek od **HellSpay** » 09 črc 2016 23:26

Zdravím muj disk se dava na 100% ze hry kterou bych mel na 100% rozjet bez problemu. Nevim jestli je disk poskozen ci jsou v nem viry :C.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-07-10 00:14:34
Microsoft Windows 8.1
System drive C: has 70 GB (45%) free of 154 GB
Total RAM: 8135 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:41, on 10. 7. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
D:\Steam\Steam.exe
D:\Steam\bin\steamwebhelper.exe
D:\Steam\bin\steamwebhelper.exe
D:\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
C:\Users\David\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8941 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 42AE-A9AA-ABA463DBD3BF} ]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-05-17 1741096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"= []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-04-26 2022688]
"Spotify Web Helper"=C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-06-04 1554032]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-07-10 00:14:34 ----D---- C:\rsit
2016-07-10 00:14:34 ----D---- C:\Program Files (x86)\trend micro
2016-07-06 17:04:25 ----D---- C:\Nexon
2016-07-06 05:50:20 ----D---- C:\Users\David\AppData\Roaming\NexonLauncher
2016-06-25 07:50:32 ----D---- C:\Program Files (x86)\Rockstar Games
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\wudriver.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\wuapp.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\wuapi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\UserAccountBroker.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\shell32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\olepro32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\ole32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\msiexec.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\msi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\certutil.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\certenc.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\certcli.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SysWOW64\authui.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SysWOW64\wfapigp.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SysWOW64\netlogon.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SysWOW64\kerberos.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-21 20:53:58 ----A---- C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-21 20:53:58 ----A---- C:\Windows\SysWOW64\LocationApi.dll
2016-06-21 20:52:42 ----A---- C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-21 20:52:42 ----A---- C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-21 20:52:41 ----A---- C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-21 20:52:41 ----A---- C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\vsstrace.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\vssapi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\rasser.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\rasmxs.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\rasdiag.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\rascfg.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\rasapi32.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\mfplat.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\eventcls.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SysWOW64\DevicePairing.dll
2016-06-21 20:51:35 ----A---- C:\Windows\splwow64.exe
2016-06-21 20:37:08 ----D---- C:\Users\David\AppData\Roaming\ProductData
2016-06-21 20:37:07 ----D---- C:\ProgramData\ProductData
2016-06-21 20:36:30 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-06-21 20:36:28 ----D---- C:\Program Files (x86)\Common Files\IObit
2016-06-21 20:36:20 ----D---- C:\Users\David\AppData\Roaming\IObit
2016-06-21 20:36:17 ----D---- C:\ProgramData\IObit
2016-06-21 20:36:17 ----D---- C:\Program Files (x86)\IObit
2016-06-19 16:35:37 ----D---- C:\Users\David\AppData\Roaming\dvdcss
2016-06-16 20:26:18 ----A---- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 22:38:02 ----D---- C:\Program Files (x86)\Seznam.cz
2016-06-15 22:37:46 ----D---- C:\Users\David\AppData\Roaming\Seznam.cz
2016-06-15 22:37:28 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2016-06-15 15:25:28 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SysWOW64\polstore.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SysWOW64\gpapi.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 15:24:53 ----A---- C:\Windows\SysWOW64\twinui.dll
2016-06-15 15:24:47 ----A---- C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 15:24:47 ----A---- C:\Windows\SysWOW64\glcndFilter.dll
2016-06-15 15:24:46 ----A---- C:\Windows\SysWOW64\atmlib.dll
2016-06-15 15:24:46 ----A---- C:\Windows\SysWOW64\atmfd.dll
2016-06-15 15:24:44 ----A---- C:\Windows\SysWOW64\mshtml.dll
2016-06-15 15:24:42 ----A---- C:\Windows\SysWOW64\jscript9.dll
2016-06-15 15:24:42 ----A---- C:\Windows\SysWOW64\ieframe.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\wininet.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\webcheck.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\vbscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\urlmon.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\jscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\iepeers.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SysWOW64\winhttp.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SysWOW64\mswsock.dll
2016-06-15 15:23:52 ----A---- C:\Windows\SysWOW64\gdi32.dll

======List of files/folders modified in the last 1 month======

2016-07-10 00:14:40 ----D---- C:\Windows\Prefetch
2016-07-10 00:14:34 ----RD---- C:\Program Files (x86)
2016-07-09 23:53:59 ----D---- C:\Users\David\AppData\Roaming\TS3Client
2016-07-09 16:55:53 ----D---- C:\Windows\Inf
2016-07-09 13:35:44 ----D---- C:\Windows\Temp
2016-07-09 09:34:19 ----D---- C:\Windows\Microsoft.NET
2016-07-08 21:18:04 ----D---- C:\Users\David\AppData\Roaming\vlc
2016-07-08 18:59:10 ----D---- C:\Program Files (x86)\Common Files\Steam
2016-07-08 16:19:49 ----D---- C:\Windows\AppReadiness
2016-07-07 16:29:12 ----AD---- C:\Windows\System32
2016-07-07 14:36:51 ----D---- C:\Windows\rescache
2016-07-07 13:42:52 ----D---- C:\Windows\SoftwareDistribution
2016-07-07 12:54:09 ----D---- C:\Windows
2016-07-07 12:54:04 ----D---- C:\Windows\debug
2016-07-07 11:41:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-07-07 11:40:11 ----SHD---- C:\Windows\Installer
2016-07-07 11:30:20 ----RD---- C:\Program Files
2016-07-07 11:27:56 ----D---- C:\Windows\WinSxS
2016-07-07 11:27:56 ----D---- C:\Windows\CbsTemp
2016-07-07 11:27:22 ----SHD---- C:\System Volume Information
2016-07-06 21:37:27 ----D---- C:\ProgramData\NVIDIA
2016-07-05 08:20:11 ----RSD---- C:\Windows\assembly
2016-07-03 19:16:41 ----D---- C:\Users\David\AppData\Roaming\Spotify
2016-07-01 21:10:20 ----SHD---- C:\$Recycle.Bin
2016-07-01 17:04:45 ----D---- C:\Program Files (x86)\Common Files\mcafee
2016-07-01 17:04:44 ----HD---- C:\ProgramData
2016-07-01 14:20:18 ----D---- C:\Program Files (x86)\Overwatch
2016-06-29 11:19:44 ----D---- C:\Windows\Logs
2016-06-25 09:21:27 ----D---- C:\Program Files (x86)\Common Files\MAGIX Services
2016-06-25 09:21:09 ----D---- C:\Windows\Tasks
2016-06-24 09:02:56 ----D---- C:\Program Files (x86)\Common Files
2016-06-24 09:02:56 ----D---- C:\Program Files (x86)\ASUS
2016-06-24 09:00:19 ----HD---- C:\Windows\ELAMBKUP
2016-06-24 09:00:02 ----D---- C:\ProgramData\McAfee
2016-06-22 06:48:08 ----RD---- C:\Windows\ToastData
2016-06-22 06:48:08 ----D---- C:\Windows\SysWOW64\wbem
2016-06-22 06:48:08 ----AD---- C:\Windows\SysWOW64
2016-06-22 06:48:05 ----D---- C:\Windows\apppatch
2016-06-22 06:48:04 ----RSD---- C:\Windows\Fonts
2016-06-22 06:48:03 ----D---- C:\Windows\SysWOW64\setup
2016-06-22 06:48:03 ----D---- C:\Windows\SysWOW64\migration
2016-06-21 20:47:36 ----D---- C:\Windows\Panther
2016-06-19 21:28:00 ----D---- C:\Windows\SysWOW64\en-US
2016-06-19 21:28:00 ----D---- C:\Windows\SysWOW64\cs-CZ
2016-06-19 21:28:00 ----D---- C:\Program Files (x86)\Internet Explorer
2016-06-17 11:08:33 ----D---- C:\ProgramData\Microsoft Help
2016-06-14 18:13:19 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-12 16:57:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-12 16:57:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 assdv2;assdv2; C:\Windows\SysWOW64\drivers\assdv2.sys []
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys []
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys []
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\SysWOW64\drivers\Wof.sys []
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2013-10-07 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys []
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
R3 RSUSBSTOR;@oem10.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
R3 RTL8168;@oem5.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\Windows\System32\drivers\WSDPrint.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 33088]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-07 1450064]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-04-22 2960160]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-23 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-10-25 920736]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [2016-05-22 242960]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-02-01 887232]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-10 146888]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
S3 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-27 426040]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 10 črc 2016 08:36

Zdravim

Odinstalujte Advanced SystemCare. Dokaze to naborit system tak, ze pomuze jen preinstalace

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe

HellSpay · #3 Příspěvek od **HellSpay** » 10 črc 2016 09:36

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-07-10 10:27:13
Microsoft Windows 8.1
System drive C: has 72 GB (47%) free of 154 GB
Total RAM: 8135 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:15, on 10. 7. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AEGIS\AEGIS_AlertService.exe
C:\Program Files (x86)\ASUS\AEGIS\AsSysLevelUpSrc.exe
C:\Program Files (x86)\ASUS\AEGIS\AEGIS_SysMode.exe
C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8598 bytes

======Listing Processes======

wininit.exe

winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
dashost.exe {eb2f8c6d-b2b6-4875-96d8b1f59e8fa7cb}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"

"C:\Program Files (x86)\ASUS\AEGIS\AEGIS_AlertService.exe"
taskhostex.exe
"C:\Program Files (x86)\ASUS\AEGIS\AsSysLevelUpSrc.exe"
"C:\Program Files (x86)\ASUS\AEGIS\AEGIS_SysMode.exe"
"C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe"
"C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe"
"C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding

"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\Taskmgr.exe" /3

"C:\Windows\system32\wuauclt.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
taskeng.exe {E3AEF6A5-2504-4532-A70C-0F49BFE41F13}
C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\David\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe L_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run][2014-04-29 7575920]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-05-02 1767944]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-06-04 1554032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"= []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-07-10 10:27:13 ----D---- C:\Program Files\trend micro
2016-07-10 10:24:16 ----HD---- C:\$WINDOWS.~BT
2016-07-10 00:14:34 ----D---- C:\rsit
2016-07-10 00:14:34 ----D---- C:\Program Files (x86)\trend micro
2016-07-07 16:29:12 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2016-07-07 16:29:12 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2016-07-06 17:04:25 ----D---- C:\Nexon
2016-07-06 05:50:20 ----D---- C:\Users\David\AppData\Roaming\NexonLauncher
2016-06-25 07:50:32 ----D---- C:\Program Files (x86)\Rockstar Games
2016-06-24 09:14:04 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 20:55:08 ----AC---- C:\Windows\system32\drivers\hidusb.sys
2016-06-21 20:55:08 ----AC---- C:\Windows\system32\drivers\hidparse.sys
2016-06-21 20:55:08 ----AC---- C:\Windows\system32\drivers\hidclass.sys
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-06-21 20:55:08 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wuwebv.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wudriver.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wucltux.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wuaueng.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wuauclt.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wuapp.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\wuapi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\shell32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\ole32.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\msiexec.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\msi.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\KernelBase.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-06-21 20:55:08 ----A---- C:\Windows\system32\drivers\netvsc63.sys
2016-06-21 20:55:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-06-21 20:55:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-06-21 20:55:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-06-21 20:55:08 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-06-21 20:55:08 ----A---- C:\Windows\system32\certutil.exe
2016-06-21 20:55:08 ----A---- C:\Windows\system32\CertEnroll.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\certenc.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\certcli.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-06-21 20:55:08 ----A---- C:\Windows\system32\authui.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-06-21 20:53:59 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\wfapigp.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\MPSSVC.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\LocationApi.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\kerberos.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\httpprxp.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\httpprxm.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\fvecpl.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\fveapi.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-06-21 20:53:59 ----A---- C:\Windows\system32\bdesvc.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-06-21 20:53:59 ----A---- C:\Windows\system32\adhsvc.dll
2016-06-21 20:53:58 ----AC---- C:\Windows\system32\drivers\vhdmp.sys
2016-06-21 20:53:58 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-06-21 20:53:58 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-06-21 20:53:58 ----A---- C:\Windows\system32\rpcss.dll
2016-06-21 20:53:58 ----A---- C:\Windows\system32\netlogon.dll
2016-06-21 20:53:58 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-06-21 20:53:58 ----A---- C:\Windows\system32\drivers\mup.sys
2016-06-21 20:52:42 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2016-06-21 20:52:42 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2016-06-21 20:52:41 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-06-21 20:52:41 ----A---- C:\Windows\SYSWOW64\KBDAZST.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\system32\Windows.Globalization.dll
2016-06-21 20:52:41 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-06-21 20:52:41 ----A---- C:\Windows\system32\KBDAZST.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-06-21 20:52:41 ----A---- C:\Windows\system32\GlobCollationHost.dll
2016-06-21 20:51:58 ----A---- C:\Windows\system32\sppwinob.dll
2016-06-21 20:51:58 ----A---- C:\Windows\system32\sppsvc.exe
2016-06-21 20:51:58 ----A---- C:\Windows\system32\sppobjs.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\vsstrace.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\rasser.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\eventcls.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-06-21 20:51:35 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\WSDMon.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\vpnike.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\SyncEngine.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\spoolsv.exe
2016-06-21 20:51:35 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\SkyDrive.exe
2016-06-21 20:51:35 ----A---- C:\Windows\system32\rasser.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\rasmxs.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\rasdiag.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\rascfg.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\rasapi32.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\system32\QSHVHOST.DLL
2016-06-21 20:51:35 ----A---- C:\Windows\system32\mfplat.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-06-21 20:51:35 ----A---- C:\Windows\system32\drivers\wanarp.sys
2016-06-21 20:51:35 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2016-06-21 20:51:35 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2016-06-21 20:51:35 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2016-06-21 20:51:35 ----A---- C:\Windows\system32\DevicePairing.dll
2016-06-21 20:51:35 ----A---- C:\Windows\splwow64.exe
2016-06-21 20:51:34 ----A---- C:\Windows\system32\WSDApi.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\WinSCard.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\vsstrace.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\vssapi.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\eventcls.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\drivers\pdc.sys
2016-06-21 20:51:34 ----A---- C:\Windows\system32\drivers\dam.sys
2016-06-21 20:51:34 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-06-21 20:51:34 ----A---- C:\Windows\system32\dnsapi.dll
2016-06-21 20:51:33 ----AC---- C:\Windows\system32\drivers\intelpep.sys
2016-06-21 20:48:54 ----A---- C:\Windows\system32\SystemSettings.Handlers.dll
2016-06-21 20:48:54 ----A---- C:\Windows\system32\MDMAgent.exe
2016-06-21 20:37:08 ----D---- C:\Users\David\AppData\Roaming\ProductData
2016-06-21 20:37:07 ----D---- C:\ProgramData\ProductData
2016-06-21 20:36:30 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-06-21 20:36:20 ----D---- C:\Users\David\AppData\Roaming\IObit
2016-06-21 20:36:17 ----D---- C:\ProgramData\IObit
2016-06-21 20:36:17 ----D---- C:\Program Files (x86)\IObit
2016-06-19 16:35:37 ----D---- C:\Users\David\AppData\Roaming\dvdcss
2016-06-16 20:26:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-06-15 22:38:02 ----D---- C:\Program Files (x86)\Seznam.cz
2016-06-15 22:37:46 ----D---- C:\Users\David\AppData\Roaming\Seznam.cz
2016-06-15 22:37:28 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2016-06-15 15:25:28 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-06-15 15:25:28 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-06-15 15:25:27 ----A---- C:\Windows\system32\polstore.dll
2016-06-15 15:25:27 ----A---- C:\Windows\system32\gpsvc.dll
2016-06-15 15:25:27 ----A---- C:\Windows\system32\gpapi.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-06-15 15:25:26 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-06-15 15:25:26 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-06-15 15:25:26 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 15:24:53 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-06-15 15:24:53 ----A---- C:\Windows\system32\twinui.dll
2016-06-15 15:24:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-06-15 15:24:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-06-15 15:24:48 ----A---- C:\Windows\system32\drivers\srv.sys
2016-06-15 15:24:47 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-06-15 15:24:47 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-06-15 15:24:47 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 15:24:47 ----A---- C:\Windows\system32\win32k.sys
2016-06-15 15:24:47 ----A---- C:\Windows\system32\glcndFilter.dll
2016-06-15 15:24:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-06-15 15:24:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\pcasvc.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\invagent.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\generaltel.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\devinv.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-06-15 15:24:46 ----A---- C:\Windows\system32\centel.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\atmlib.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\atmfd.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\appraiser.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\aeinv.dll
2016-06-15 15:24:46 ----A---- C:\Windows\system32\acmigration.dll
2016-06-15 15:24:45 ----A---- C:\Windows\system32\mshtml.dll
2016-06-15 15:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-06-15 15:24:43 ----A---- C:\Windows\system32\jscript9.dll
2016-06-15 15:24:43 ----A---- C:\Windows\system32\ieframe.dll
2016-06-15 15:24:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-06-15 15:24:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-06-15 15:24:42 ----A---- C:\Windows\system32\wininet.dll
2016-06-15 15:24:42 ----A---- C:\Windows\system32\urlmon.dll
2016-06-15 15:24:42 ----A---- C:\Windows\system32\iertutil.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-06-15 15:24:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\webcheck.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\vbscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\mshtmled.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\msfeeds.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\jscript.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\inetcomm.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\iepeers.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\iedkcs32.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\ieapfltr.dll
2016-06-15 15:24:41 ----A---- C:\Windows\system32\dxtrans.dll
2016-06-15 15:24:37 ----A---- C:\Windows\system32\consent.exe
2016-06-15 15:24:37 ----A---- C:\Windows\system32\appinfo.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-06-15 15:24:19 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-06-15 15:24:19 ----A---- C:\Windows\system32\ws2_32.dll
2016-06-15 15:24:19 ----A---- C:\Windows\system32\winhttp.dll
2016-06-15 15:24:19 ----A---- C:\Windows\system32\mswsock.dll
2016-06-15 15:24:19 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-06-15 15:23:52 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-06-15 15:23:52 ----A---- C:\Windows\system32\gdi32.dll

======List of files/folders modified in the last 1 month======

2016-07-10 10:27:13 ----RD---- C:\Program Files
2016-07-10 10:26:57 ----D---- C:\Windows\Prefetch
2016-07-10 10:26:27 ----D---- C:\Windows\system32\Tasks
2016-07-10 10:26:25 ----D---- C:\Windows\system32\drivers
2016-07-10 10:26:11 ----D---- C:\Windows\Tasks
2016-07-10 10:24:21 ----D---- C:\Windows\Temp
2016-07-10 10:24:17 ----D---- C:\Windows\Panther
2016-07-10 10:00:00 ----D---- C:\Windows\system32\sru
2016-07-10 01:43:44 ----D---- C:\Windows\Microsoft.NET
2016-07-10 01:07:52 ----HD---- C:\Program Files\WindowsApps
2016-07-10 01:07:52 ----D---- C:\Windows\AppReadiness
2016-07-10 00:51:50 ----D---- C:\Users\David\AppData\Roaming\TS3Client
2016-07-10 00:14:34 ----RD---- C:\Program Files (x86)
2016-07-09 16:55:53 ----D---- C:\Windows\Inf
2016-07-08 21:18:04 ----D---- C:\Users\David\AppData\Roaming\vlc
2016-07-07 16:29:12 ----RAD---- C:\Windows\System32
2016-07-07 14:36:51 ----D---- C:\Windows\rescache
2016-07-07 13:42:52 ----D---- C:\Windows\SoftwareDistribution
2016-07-07 12:54:09 ----D---- C:\Windows
2016-07-07 12:54:04 ----D---- C:\Windows\debug
2016-07-07 11:41:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-07-07 11:40:11 ----SHD---- C:\Windows\Installer
2016-07-07 11:39:57 ----D---- C:\Program Files\CyberLink
2016-07-07 11:29:57 ----D---- C:\Windows\system32\config
2016-07-07 11:27:56 ----D---- C:\Windows\WinSxS
2016-07-07 11:27:56 ----D---- C:\Windows\CbsTemp
2016-07-07 11:27:31 ----D---- C:\Program Files\Windows Journal
2016-07-07 11:27:29 ----D---- C:\Windows\system32\catroot2
2016-07-07 11:27:22 ----SHD---- C:\System Volume Information
2016-07-06 21:37:27 ----D---- C:\ProgramData\NVIDIA
2016-07-05 08:20:11 ----RSD---- C:\Windows\assembly
2016-07-03 19:16:41 ----D---- C:\Users\David\AppData\Roaming\Spotify
2016-07-01 22:47:23 ----D---- C:\Program Files\TeamSpeak 3 Client
2016-07-01 21:10:20 ----SHD---- C:\$Recycle.Bin
2016-07-01 17:04:45 ----D---- C:\Program Files\Common Files\mcafee
2016-07-01 17:04:44 ----HD---- C:\ProgramData
2016-07-01 17:04:44 ----D---- C:\Program Files\Common Files
2016-07-01 14:20:18 ----D---- C:\Program Files (x86)\Overwatch
2016-06-29 11:19:44 ----D---- C:\Windows\Logs
2016-06-27 02:45:29 ----D---- C:\Windows\system32\DriverStore
2016-06-24 09:02:56 ----D---- C:\Program Files (x86)\Common Files
2016-06-24 09:02:56 ----D---- C:\Program Files (x86)\ASUS
2016-06-24 09:00:19 ----HD---- C:\Windows\ELAMBKUP
2016-06-24 09:00:02 ----D---- C:\ProgramData\McAfee
2016-06-22 06:48:08 ----RD---- C:\Windows\ToastData
2016-06-22 06:48:08 ----D---- C:\Windows\SYSWOW64\wbem
2016-06-22 06:48:08 ----AD---- C:\Windows\SysWOW64
2016-06-22 06:48:07 ----D---- C:\Windows\system32\wbem
2016-06-22 06:48:07 ----D---- C:\Windows\system32\en-US
2016-06-22 06:48:07 ----D---- C:\Windows\system32\cs-CZ
2016-06-22 06:48:05 ----D---- C:\Windows\system32\drivers\en-US
2016-06-22 06:48:05 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-06-22 06:48:05 ----D---- C:\Windows\apppatch
2016-06-22 06:48:04 ----RSD---- C:\Windows\Fonts
2016-06-22 06:48:03 ----D---- C:\Windows\SYSWOW64\setup
2016-06-22 06:48:03 ----D---- C:\Windows\SYSWOW64\migration
2016-06-22 06:48:03 ----D---- C:\Windows\system32\setup
2016-06-22 06:48:03 ----D---- C:\Windows\system32\migration
2016-06-22 06:48:03 ----D---- C:\Windows\system32\Boot
2016-06-19 21:28:00 ----D---- C:\Windows\SYSWOW64\en-US
2016-06-19 21:28:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-06-19 21:28:00 ----D---- C:\Program Files\Internet Explorer
2016-06-19 21:28:00 ----D---- C:\Program Files (x86)\Internet Explorer
2016-06-19 21:27:59 ----D---- C:\Windows\system32\appraiser
2016-06-17 11:08:33 ----D---- C:\ProgramData\Microsoft Help
2016-06-17 11:07:28 ----D---- C:\Windows\system32\MRT
2016-06-17 11:04:55 ----A---- C:\Windows\system32\MRT.exe
2016-06-14 18:13:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-12 17:03:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-12 16:57:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-12 16:57:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 assdv2;assdv2; C:\Windows\system32\drivers\assdv2.sys [2013-12-05 21816]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-04-03 645480]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2013-10-07 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-29 3950552]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-27 205456]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-04-27 12539960]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RSUSBSTOR;@oem10.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-08-27 264408]
R3 RTL8168;@oem5.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-17 843480]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-10-10 78848]
S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\Windows\System32\drivers\WSDPrint.sys [2013-08-22 20992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-04-22 2960160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-27 1264064]
R3 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-10-25 920736]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-23 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2016-05-22 242960]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-02-01 887232]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-10 146888]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
S3 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-07 1450064]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-27 426040]

-----------------EOF-----------------

HellSpay · #4 Příspěvek od **HellSpay** » 10 črc 2016 09:37

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/07/10 10:34:13

-- Controller Map ----------------------------------------------------------
- Řadič prostorů úložišť [SCSI]
+ Intel(R) Desktop/Workstation/Server Express Chipset SATA RAID Controller [SCSI]
- ST2000DX001-1CM164
- TSSTcorp CDDVDW SN-208FB

-- Disk List ---------------------------------------------------------------
(1) ST2000DX001-1CM164 : 2000,3 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST2000DX001-1CM164
----------------------------------------------------------------------------
Model : ST2000DX001-1CM164
Firmware : CC43
Serial Number : Z1E8BVVV
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 6793 hod.
Power On Count : 596 krát
Temperature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 00000911D5D0 Počet chyb čtení
03 _96 _95 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 00000000024A Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _83 _60 _30 00000D9B189F Počet chybných hledání
09 _93 _93 __0 000000001A89 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000254 Počet cyklů zapnutí zařízení
B7 _99 _99 __0 000000000001 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _63 _50 _45 000029170025 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000007A Počet vypnutí disku
C1 100 100 __0 000000000542 Počet cyklů načítání/vymazání
C2 _37 _50 __0 000500000025 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 DCB800001FFC Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0006685D67F3 Total Host Writes
F2 100 253 __0 0007E4FC1D2C Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A31 4538 4256 5656
020: 0000 0000 0004 4343 3433 2020 2020 5354 3230 3030
030: 4458 3030 312D 3143 4D31 3634 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 004C 0044
080: 03F0 001F 346B 7D09 4163 3469 BC09 4163 407F 006B
090: 006B 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0000 6003 0000 5000 C500
110: 6739 C3F2 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 88B0
130: E8E0 88B0 E8E0 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 5800 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1081 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A8A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 63 D0 D5 11 09 00 00 00 03 03
010: 00 60 5F 00 00 00 00 00 00 00 04 32 00 64 64 4A
020: 02 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 53 3C 9F 18 9B 0D 00 00 00 09 32
040: 00 5D 5D 89 1A 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 54 02 00 00 00
060: 00 00 B7 32 00 63 63 01 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 3F 32 25 00 17 29 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 7A 00 00 00 00
0C0: 00 00 C1 32 00 64 64 42 05 00 00 00 00 00 C2 22
0D0: 00 25 32 25 00 00 00 05 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD FC 1F 00 00 B8 DC 2D F1 00 00 64 FD F3
110: 67 5D 68 06 00 00 F2 00 00 64 FD 2C 1D FC E4 07
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 48 02 00 73
170: 03 00 01 00 01 DF 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 F8 04 00 00 01 05 05 04 04 04 05 04
190: 05 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 05 00 3D 96 F4 02 4D 16 00 00
1B0: 00 00 00 00 01 00 87 51 F3 67 5D 68 06 00 00 00
1C0: 2C 1D FC E4 07 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 80 0F 00 00 64 00 11 00
1E0: 00 00 00 00 90 2F 01 00 00 00 00 00 00 00 00 32
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 8E

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

#5 Příspěvek od **Márty84** » 10 črc 2016 12:01

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

HellSpay · #6 Příspěvek od **HellSpay** » 10 črc 2016 14:51

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 7. 2016
Čas skenování: 14:06
Protokol: MBAM.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.07.10.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: David

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 612263
Uplynulý čas: 1 hod, 41 min, 38 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

HellSpay · #7 Příspěvek od **HellSpay** » 10 črc 2016 14:57

# AdwCleaner v5.201 - Log vytvoĹ™en 10/07/2016 v 15:52:40
# AktualizovĂˇno 30/06/2016 by ToolsLib
# DatabĂˇze : 2016-07-10.1 [Server]
# OperaÄŤnĂ system : Windows 8.1 (X64)
# UĹľivatelskĂ© jmĂ©no : David - DAVID-PC
# SpuĹˇtÄ›no z : C:\Users\David\Desktop\adwcleaner_5.201.exe
# NastavenĂ : ÄŚiĹˇtÄ›nĂ
# Podpora : https://toolslib.net/forum

***** [ SluĹľby ] *****

***** [ SloĹľky ] *****

[-] SloĹľka SmazĂˇno : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Soubory ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ ZĂˇstupci ] *****

***** [ NaplĂˇnovanĂ© Ăşlohy ] *****

***** [ Registry ] *****

[-] KlĂÄŤ SmazĂˇno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] KlĂÄŤ SmazĂˇno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1

***** [ ProhlĂĹľeÄŤe ] *****

[-] [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\prefs.js] SmazĂˇno : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\user.js] SmazĂˇno : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

:: "Tracing" klĂÄŤe smazĂˇny
:: NastavenĂ Winsock vyÄŤiĹˇtÄ›no

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1420 bytĹŻ] - [10/07/2016 15:52:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [1446 bytĹŻ] - [10/07/2016 15:52:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1566 bytĹŻ] ##########

#8 Příspěvek od **Márty84** » 10 črc 2016 17:09

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

HellSpay · #9 Příspěvek od **HellSpay** » 10 črc 2016 17:56

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016
Ran by David (administrator) on DAVID-PC (10-07-2016 18:48:04)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: asus & David)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS\AsSysLevelUpSrc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS\AEGIS_SysMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS\AEGIS_AlertService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) D:\Steam\Steam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
() D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) D:\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575920 2014-04-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Driver Genius] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-06-04] (Spotify Ltd)
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\MountPoints2: {851300ae-142a-11e6-8263-7824af84ced0} - "E:\Lenovo_Suite.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{62ECA333-A8FF-42C7-84E6-651659B12E7D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-942442422-211351429-3173966364-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-942442422-211351429-3173966364-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-04-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-04-27] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\user.js [2016-07-10]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\searchplugins\McSiteAdvisor.xml [2016-05-06]
FF Extension: MEGA - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\Extensions\firefox@mega.co.nz.xpi [2016-07-08]
FF Extension: Adblock Plus - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-10-25] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [242960 2016-05-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-10-07] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-10 18:48 - 2016-07-10 18:48 - 00011899 _____ C:\Users\David\Desktop\FRST.txt
2016-07-10 18:46 - 2016-07-10 18:48 - 00000000 ____D C:\FRST
2016-07-10 18:44 - 2016-07-10 18:45 - 02390528 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-07-10 18:03 - 2016-07-10 18:03 - 00001129 _____ C:\Users\David\Desktop\AdwCleaner[C2].txt
2016-07-10 15:49 - 2016-07-10 18:03 - 00000000 ____D C:\AdwCleaner
2016-07-10 15:49 - 2016-07-10 15:49 - 03712064 _____ C:\Users\David\Desktop\adwcleaner_5.201.exe
2016-07-10 15:48 - 2016-07-10 15:48 - 00001146 _____ C:\Users\David\Desktop\MBAM.txt
2016-07-10 14:04 - 2016-07-10 14:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 14:04 - 2016-07-10 14:04 - 00001137 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-10 14:04 - 2016-07-10 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 14:04 - 2016-07-10 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-10 14:04 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 14:04 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 14:04 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 14:03 - 2016-07-10 14:03 - 22851472 _____ (Malwarebytes ) C:\Users\David\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 10:33 - 2016-07-10 10:33 - 00001227 _____ C:\Users\David\Desktop\CrystalDiskInfo.lnk
2016-07-10 10:33 - 2016-07-10 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-07-10 10:33 - 2016-07-10 10:33 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-07-10 10:27 - 2016-07-10 10:27 - 11346576 _____ C:\Users\David\Downloads\CrystalDiskInfo7_0_0-en.exe
2016-07-10 10:27 - 2016-07-10 10:27 - 00000000 ____D C:\Program Files\trend micro
2016-07-10 10:26 - 2016-07-10 10:26 - 01222144 _____ C:\Users\David\Downloads\RSITx64.exe
2016-07-10 10:24 - 2016-07-10 10:24 - 00000000 ___HD C:\$WINDOWS.~BT
2016-07-10 00:22 - 2016-07-10 00:22 - 00027328 _____ C:\Users\David\Desktop\info.txt
2016-07-10 00:14 - 2016-07-10 00:14 - 01107968 _____ C:\Users\David\Downloads\RSIT.exe
2016-07-10 00:14 - 2016-07-10 00:14 - 00000000 ____D C:\rsit
2016-07-10 00:14 - 2016-07-10 00:14 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-07-09 02:31 - 2016-07-09 02:32 - 00000043 _____ C:\Users\David\Desktop\Nový textový dokument.txt
2016-07-08 18:52 - 2016-07-08 19:01 - 359439379 _____ C:\Users\David\Desktop\[Taida] D.Gray-man Hallow 01 SK vz.1.rar
2016-07-08 14:47 - 2016-07-08 15:12 - 338088529 _____ C:\Users\David\Downloads\Blue-Apple-Amaama-to-Inazuma---01-720p-CZ.mkv
2016-07-07 22:42 - 2016-07-07 22:42 - 00000000 ____D C:\Users\David\Documents\ICARUS_DEV
2016-07-07 16:29 - 2016-07-07 16:29 - 00003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2016-07-07 16:29 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-07-07 16:29 - 2016-03-22 11:02 - 00036288 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-07-06 22:13 - 2016-07-10 18:23 - 00000000 ____D C:\Users\David\Desktop\kraviny
2016-07-06 21:50 - 2016-07-07 21:25 - 00000000 ____D C:\Users\David\Desktop\hry
2016-07-06 20:55 - 2016-07-06 20:55 - 00000000 ____D C:\Users\David\Documents\ICARUS
2016-07-06 17:04 - 2016-07-06 17:04 - 00000000 ____D C:\Nexon
2016-07-06 13:17 - 2016-07-06 13:19 - 60876068 _____ C:\Users\David\Downloads\com.nianticlabs.pokemongo_0.29.0-2016070500_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2016-07-06 05:50 - 2016-07-06 05:50 - 00000000 ____D C:\Users\David\AppData\Roaming\NexonLauncher
2016-07-06 05:50 - 2016-07-06 05:50 - 00000000 ____D C:\Users\David\AppData\Local\NexonLauncher
2016-07-06 05:50 - 2016-07-06 05:50 - 00000000 ____D C:\Users\David\AppData\Local\Crashpad
2016-07-06 05:46 - 2016-07-06 05:46 - 10274904 _____ C:\Users\David\Downloads\NexonLauncherSetup.exe
2016-07-06 00:14 - 2016-07-06 00:37 - 395522108 _____ C:\Users\David\Downloads\Koutetsujou-no-Kabaneri---12-[3Mka]-[A5286460].mkv
2016-06-25 07:50 - 2016-07-07 11:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-25 07:49 - 2016-06-25 09:21 - 00000000 ____D C:\Users\David\Documents\Rockstar Games
2016-06-24 09:14 - 2016-07-07 01:39 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-21 20:55 - 2016-06-21 20:55 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc63.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-06-21 20:55 - 2016-06-21 20:55 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00032512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-06-21 20:55 - 2016-06-21 20:55 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-06-21 20:55 - 2016-06-21 20:55 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-21 20:53 - 2016-06-21 20:53 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-21 20:53 - 2016-06-21 20:53 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-06-21 20:53 - 2016-06-21 20:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-06-21 20:53 - 2016-06-21 20:53 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-06-21 20:53 - 2016-06-21 20:53 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-21 20:53 - 2016-06-21 20:53 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-06-21 20:52 - 2016-06-21 20:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-06-21 20:52 - 2016-06-21 20:52 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-06-21 20:52 - 2016-06-21 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-06-21 20:51 - 2016-06-21 20:51 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-06-21 20:51 - 2016-06-21 20:51 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2016-06-21 20:51 - 2016-06-21 20:51 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-06-21 20:51 - 2016-06-21 20:51 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2016-06-21 20:51 - 2016-06-21 20:51 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2016-06-21 20:51 - 2016-06-21 20:51 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-06-21 20:51 - 2016-06-21 20:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2016-06-21 20:51 - 2016-06-21 20:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2016-06-21 20:51 - 2016-06-21 20:51 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2016-06-21 20:51 - 2016-06-21 20:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2016-06-21 20:51 - 2016-06-21 20:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2016-06-21 20:51 - 2016-06-21 20:51 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2016-06-21 20:51 - 2016-06-21 20:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2016-06-21 20:48 - 2016-06-21 20:48 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2016-06-21 20:48 - 2016-06-21 20:48 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-06-21 20:40 - 2016-06-21 20:40 - 05210112 _____ C:\Windows\system32\config\DRIVERS.iobit
2016-06-21 20:39 - 2016-06-21 20:40 - 99758080 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-06-21 20:39 - 2016-06-21 20:39 - 00663552 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-06-21 20:39 - 2016-06-21 20:39 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2016-06-21 20:39 - 2016-06-21 20:39 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2016-06-21 20:37 - 2016-07-09 09:23 - 00000000 ____D C:\ProgramData\ProductData
2016-06-21 20:37 - 2016-06-21 20:37 - 00000000 ____D C:\Users\David\AppData\Roaming\ProductData
2016-06-21 20:36 - 2016-07-10 10:26 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-21 20:36 - 2016-07-07 16:29 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
2016-06-21 20:36 - 2016-07-07 16:29 - 00000000 ____D C:\ProgramData\IObit
2016-06-21 20:36 - 2016-06-21 20:37 - 00000000 ____D C:\Users\David\AppData\LocalLow\IObit
2016-06-21 20:36 - 2016-06-21 20:36 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-06-21 20:36 - 2016-06-21 20:36 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-06-19 16:35 - 2016-06-19 16:35 - 00000000 ____D C:\Users\David\AppData\Roaming\dvdcss
2016-06-17 14:08 - 2016-06-17 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-06-16 20:26 - 2016-06-16 20:26 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-16 12:37 - 2016-06-16 12:37 - 00000000 ____D C:\Users\David\Documents\cfg
2016-06-15 22:39 - 2016-06-25 07:40 - 00000000 ____D C:\Users\David\AppData\LocalLow\uTorrent
2016-06-15 22:38 - 2016-06-15 22:38 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-06-15 22:37 - 2016-06-25 07:40 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2016-06-15 22:37 - 2016-06-21 14:26 - 00000000 ____D C:\Users\David\AppData\Roaming\Seznam.cz
2016-06-15 15:25 - 2016-05-12 19:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 15:25 - 2016-05-12 18:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 15:25 - 2016-05-12 17:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 15:25 - 2016-05-12 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 15:25 - 2016-05-12 17:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 15:25 - 2016-05-12 16:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 15:25 - 2016-05-12 16:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 15:25 - 2016-05-12 16:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 15:25 - 2016-05-06 16:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 15:25 - 2016-05-06 16:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 15:24 - 2016-06-03 18:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-15 15:24 - 2016-06-03 14:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 15:24 - 2016-06-02 18:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 15:24 - 2016-05-29 16:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 15:24 - 2016-05-29 16:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-15 15:24 - 2016-05-29 16:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 15:24 - 2016-05-29 16:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 15:24 - 2016-05-29 16:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-15 15:24 - 2016-05-29 16:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 15:24 - 2016-05-21 18:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 15:24 - 2016-05-21 17:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 15:24 - 2016-05-20 23:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 15:24 - 2016-05-20 23:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 15:24 - 2016-05-20 23:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 15:24 - 2016-05-20 22:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 15:24 - 2016-05-20 22:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 15:24 - 2016-05-20 22:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 15:24 - 2016-05-20 22:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 15:24 - 2016-05-20 22:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-15 15:24 - 2016-05-20 22:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 15:24 - 2016-05-20 22:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 15:24 - 2016-05-20 22:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 15:24 - 2016-05-20 22:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-15 15:24 - 2016-05-20 22:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 15:24 - 2016-05-20 22:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-15 15:24 - 2016-05-20 22:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-15 15:24 - 2016-05-20 22:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-15 15:24 - 2016-05-20 22:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 15:24 - 2016-05-20 22:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-15 15:24 - 2016-05-20 22:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 15:24 - 2016-05-20 22:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 15:24 - 2016-05-20 22:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 15:24 - 2016-05-20 22:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 15:24 - 2016-05-20 22:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 15:24 - 2016-05-20 22:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 15:24 - 2016-05-20 22:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 15:24 - 2016-05-20 21:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 15:24 - 2016-05-20 21:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 15:24 - 2016-05-20 21:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 15:24 - 2016-05-20 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 15:24 - 2016-05-20 21:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 15:24 - 2016-05-20 21:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 15:24 - 2016-05-18 06:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 15:24 - 2016-05-18 06:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 15:24 - 2016-05-14 21:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 15:24 - 2016-05-14 21:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 15:24 - 2016-05-14 00:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 15:24 - 2016-05-14 00:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 15:24 - 2016-05-14 00:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 15:24 - 2016-05-14 00:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 15:24 - 2016-05-14 00:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 15:24 - 2016-05-14 00:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 15:24 - 2016-05-13 23:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 15:24 - 2016-05-13 22:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 15:24 - 2016-05-13 22:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 15:24 - 2016-05-13 22:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 15:24 - 2016-05-13 22:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 15:24 - 2016-05-09 22:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-15 15:24 - 2016-05-09 21:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-15 15:24 - 2016-05-09 21:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 15:24 - 2016-05-09 21:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 15:24 - 2016-04-12 16:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 15:24 - 2016-04-12 16:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 15:24 - 2016-01-31 20:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-15 15:24 - 2016-01-31 19:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-15 15:23 - 2016-05-19 00:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 15:23 - 2016-05-18 21:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-10 16:44 - 2016-06-12 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-10 18:42 - 2016-05-04 18:02 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2016-07-10 18:34 - 2016-05-10 09:49 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-07-10 18:26 - 2016-05-05 16:25 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-10 18:06 - 2016-05-04 17:49 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-942442422-211351429-3173966364-1003
2016-07-10 18:01 - 2016-05-04 17:47 - 00000000 ___DO C:\Users\David\OneDrive
2016-07-10 18:00 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 16:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-10 15:53 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-10 10:24 - 2014-07-10 10:02 - 00000000 ____D C:\Windows\Panther
2016-07-10 01:07 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-09 20:25 - 2016-05-04 18:37 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-07-09 16:55 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-07-08 01:45 - 2016-05-04 17:43 - 00000000 ____D C:\Users\David
2016-07-07 14:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-07-07 11:41 - 2014-07-10 11:03 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-07-07 11:41 - 2014-07-10 10:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-07 11:39 - 2014-07-10 11:13 - 00000000 ____D C:\Program Files\CyberLink
2016-07-07 11:27 - 2013-08-22 20:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-07 11:27 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-06 21:37 - 2014-10-23 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-06 13:51 - 2016-05-06 22:29 - 00322560 ___SH C:\Users\David\Desktop\Thumbs.db
2016-07-03 19:48 - 2016-05-04 20:01 - 00000000 ____D C:\Users\David\AppData\Local\Battle.net
2016-07-03 19:17 - 2016-06-04 13:35 - 00000000 ____D C:\Users\David\AppData\Local\Spotify
2016-07-03 19:16 - 2016-06-04 13:33 - 00000000 ____D C:\Users\David\AppData\Roaming\Spotify
2016-07-01 22:47 - 2016-05-04 18:02 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-07-01 17:15 - 2016-06-08 17:53 - 00000000 ____D C:\Users\David\Desktop\songs
2016-07-01 17:15 - 2016-05-26 09:19 - 00273408 ___SH C:\Users\David\Downloads\Thumbs.db
2016-07-01 17:04 - 2014-07-10 11:09 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-07-01 14:20 - 2016-05-05 22:41 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-24 09:14 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-24 09:02 - 2014-07-10 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-06-24 09:02 - 2014-07-10 11:03 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-24 09:00 - 2014-07-10 11:09 - 00000000 ____D C:\ProgramData\McAfee
2016-06-24 09:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-23 23:47 - 2013-08-22 15:44 - 00564248 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-22 06:48 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-22 06:48 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-06-22 06:48 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\setup
2016-06-21 22:05 - 2016-05-04 17:43 - 00000000 ____D C:\Users\David\AppData\Local\Packages
2016-06-19 21:27 - 2016-05-05 02:11 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-17 11:08 - 2016-05-27 07:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-17 11:07 - 2016-05-04 21:05 - 00000000 ____D C:\Windows\system32\MRT
2016-06-17 11:04 - 2016-05-04 21:05 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-16 20:26 - 2016-05-05 16:25 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-14 18:13 - 2016-05-05 14:17 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 18:13 - 2016-05-05 14:17 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 17:03 - 2014-07-10 10:37 - 01749406 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 17:03 - 2014-03-13 11:22 - 00739720 _____ C:\Windows\system32\perfh005.dat
2016-06-12 17:03 - 2014-03-13 11:22 - 00151940 _____ C:\Windows\system32\perfc005.dat
2016-06-12 16:57 - 2016-05-04 21:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-07-10 10:43 - 2014-07-10 10:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\libeay32.dll
C:\Users\David\AppData\Local\Temp\msvcr120.dll
C:\Users\David\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-08 13:18

==================== End of FRST.txt ============================

HellSpay · #10 Příspěvek od **HellSpay** » 10 črc 2016 17:56

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016
Ran by David (2016-07-10 18:48:31)
Running from C:\Users\David\Desktop
Windows 8.1 (Update) (X64) (2016-05-04 16:43:45)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-942442422-211351429-3173966364-500 - Administrator - Disabled)
asus (S-1-5-21-942442422-211351429-3173966364-1002 - Administrator - Enabled) => C:\Users\asus
David (S-1-5-21-942442422-211351429-3173966364-1003 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-942442422-211351429-3173966364-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-942442422-211351429-3173966364-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
AEGIS (HKLM-x32\...\{FBCB3370-DA75-4896-B05A-3B80586B9F36}) (Version: 1.03.07 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
ASUS Command - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.10 - ASUSTeK Computer Inc.)
ASUS Command - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.03 - ASUSTeK Computer Inc.)
ASUS Command (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.03 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EAC eSports (HKLM\...\Steam App 282660) (Version: - EasyAntiCheat Ltd)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Fotogaléria (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.14 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 cs)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.10 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 365.10 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 365.10 (Version: 365.10 - NVIDIA Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7236 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Фотогалерия (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {222455E7-29DC-45B1-BD18-3F06DFEA7D27} - System32\Tasks\ASUS\System Level Up Helper => C:\Program Files (x86)\ASUS\AEGIS\AsSysLevelUpSrc.exe [2014-04-16] (ASUSTeK Computer Inc.)
Task: {29E221FD-7B38-4C7D-BA6C-60067FA9850C} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-04-03] ()
Task: {3D4611E5-D368-42F7-B52B-A1E821421708} - System32\Tasks\ASUS\AEGIS Alert Helper => C:\Program Files (x86)\ASUS\AEGIS\AEGIS_AlertService.exe [2014-04-17] (ASUSTeK Computer Inc.)
Task: {4BA036AD-E449-495C-A5D0-EB55E5227265} - System32\Tasks\ASUS\AEGIS SysInfo Helper => C:\Program Files (x86)\ASUS\AEGIS\AEGIS_SysMode.exe [2014-05-13] (ASUSTeK Computer Inc.)
Task: {5822E366-F63F-4A16-8ACC-2812FE63CEE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5E7AEECA-7677-4A1F-898A-0F1508828629} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {67608D3E-7C5F-497C-9003-788EC24620B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {789F1492-F25C-4CF3-9309-FF3F52B20F1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {B893B42D-EFEF-4252-A500-35EFC289745F} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-02-21] (ASUSTeK)
Task: {BB968818-A940-4ABC-B9EE-6BC14B01767A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C55B89FC-172F-4DFF-8E54-8782FC4D4C7B} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {DEB308DE-C869-4992-9CC4-1FA3D36A3D94} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {E329EE36-7039-4B4B-9D9A-ECD115419DB3} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
Task: {EAD2E2F3-A4AA-4D73-A7C9-D5AB52518882} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-10-23 19:48 - 2016-04-27 12:51 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-12 19:08 - 2016-04-12 19:08 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-23 19:53 - 2014-04-03 02:04 - 00933176 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2014-07-10 11:03 - 2013-10-25 03:31 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-04-25 14:12 - 2016-07-01 22:47 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-04-25 14:12 - 2016-07-01 22:47 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-04-25 14:12 - 2016-07-01 22:47 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2016-04-25 14:13 - 2016-07-01 22:47 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2016-04-25 14:13 - 2016-07-01 22:47 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00103424 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2016-06-21 20:36 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-05-04 17:57 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-06 15:00 - 2016-04-29 21:10 - 00785920 _____ () D:\Steam\SDL2.dll
2016-02-11 14:24 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam\v8.dll
2016-07-10 12:44 - 2016-07-09 02:06 - 02317904 _____ () D:\Steam\video.dll
2016-02-11 14:24 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam\icui18n.dll
2016-02-11 14:24 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam\icuuc.dll
2016-03-09 15:28 - 2016-02-09 00:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-03-09 15:28 - 2016-02-09 00:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-03-09 15:28 - 2016-02-09 00:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-03-09 15:28 - 2016-02-09 00:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-03-09 15:28 - 2016-02-09 00:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-07-10 12:44 - 2016-07-09 02:06 - 00829520 _____ () D:\Steam\bin\chromehtml.DLL
2016-07-08 00:40 - 2016-07-06 23:00 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-07-10 18:04 - 2016-07-10 18:04 - 00155232 ___HT () C:\Users\David\AppData\Local\Temp\~855E.tmp
2016-06-16 12:38 - 2016-06-14 20:14 - 49826080 _____ () D:\Steam\bin\libcef.dll
2016-07-10 18:01 - 2016-07-10 18:01 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-07-10 11:03 - 2013-10-07 06:14 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-02-11 14:24 - 2015-09-25 00:56 - 00119208 _____ () D:\Steam\winh264.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00198144 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00317952 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00203776 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00390656 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2016-07-02 11:07 - 2016-07-02 11:07 - 06607360 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00166912 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 01174528 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2016-07-02 11:07 - 2016-07-02 11:07 - 00863744 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00356352 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00610816 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00164864 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00708096 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00134656 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00957952 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00395264 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2016-07-02 11:07 - 2016-07-02 11:07 - 03107840 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00574976 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00143360 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00230912 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 01016320 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2016-07-02 11:07 - 2016-07-02 11:08 - 00584704 _____ () d:\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2016-07-10 12:44 - 2016-07-10 12:44 - 12381184 _____ () d:\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2016-07-02 11:07 - 2016-07-02 11:08 - 10281472 _____ () d:\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00094208 _____ () D:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00084992 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2016-06-01 10:59 - 2016-06-01 10:59 - 00071680 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2016-06-01 10:59 - 2016-06-01 10:59 - 00013312 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2016-06-01 10:59 - 2016-06-01 10:59 - 00055808 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2016-07-02 11:07 - 2016-07-02 11:07 - 00974848 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2016-06-29 11:45 - 2016-06-29 11:45 - 00184832 _____ () d:\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-06-24 09:02 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-942442422-211351429-3173966364-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5A9501F4-2606-487D-979A-AA2D1712831C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D8CF6FC8-C883-4528-913D-9B2F59A5E9DA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D110EC49-4A1C-4CDA-9BB5-3A67998B4272}] => (Allow) LPort=2869
FirewallRules: [{EAC9AEE9-C135-4EED-98F9-07B4F805AD84}] => (Allow) LPort=1900
FirewallRules: [{20AB585D-8088-459C-B937-CF43EB593084}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A8A0F272-4BDE-4510-A794-A994FAA374B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7B38FAB0-9C37-44BB-817F-3FC7FBF8EAD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{264B4547-1033-4A44-8938-1B2D611D8870}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{912C137B-1AA6-4654-AEBE-4A4E37848876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8741C5F5-630B-46C3-87EF-BF360441AF2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2486CA40-9F36-481D-A4FB-86E4F730BBD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{63075395-CF2A-48E2-A016-4A872AB70F61}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{8337D03E-0EAA-45B3-BCF1-1141A39AC78C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{F2B49209-00E3-4B78-9054-F8C90961D4ED}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{965A3D5C-0F0A-46D9-A907-9A31EB99F602}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{AD92164C-23C6-4151-8768-045432B2FEA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63135140-DD7E-4E70-BA23-A4AF4A4E2288}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{877DB650-1896-4C92-9B6F-6B359D8DC468}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B005FE68-2483-46D0-9048-BCF8BC24F130}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44249D87-E166-4995-87CE-468DAFAFEFE2}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{E4790D12-2168-464B-9323-AC187985244D}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{37C5852D-5B15-4036-B599-6EA12EE080CA}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{DB495247-19E5-45D1-BF12-8E212EA2DC0F}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{79C071AC-0D1A-46F7-B4AD-DA544627921B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0EF5F547-D182-464E-B0BD-BB3B64713B8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D782B886-547F-4C14-9E0D-48C061CFD359}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{80ADB690-6B91-45D0-B0DE-4792D78006ED}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A735FBAD-F232-4934-AB3D-ACC0B60E9857}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{45130009-E3D1-4639-9797-6EE4FA5DF891}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C21F6901-F81F-4298-99B2-95F1FCE0236E}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{53D51DEB-CFB4-47FE-819B-101FAC16B7DD}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B87102A3-E53B-453D-A727-533BB5CD4D4A}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{51C5BFD0-1041-44A7-8B1F-31E56780D961}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFBE54D2-A266-47B6-9E45-D80E789BB394}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{9E4651F8-9F89-4E21-859E-991C4E8EAEA3}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{D975E287-5E43-452E-8B01-6E3BC7BCF6F4}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{D8ACD2A3-C356-4D31-8635-A22CC91F6C57}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{1DF4A49E-2097-498C-8F28-35A892F7F30A}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{3659FD61-8071-41C3-AB2F-BAD4EB9E1851}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4D48FEB8-F49C-40C4-BDD6-1D6F535D3AFF}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{4F7F1926-1C84-40C5-9817-8ED433BC4C68}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{BD90CE9D-B7B0-410B-B2CA-90DBA2ED8C3D}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{125CE5F4-16DF-4DA5-BF36-A2D6CE119415}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{74D2920F-8424-4026-B27A-0A86DA64804C}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{7F020C99-7C98-4EA9-9C4D-0BA3D8DE65A9}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{C7111127-D31F-4789-937C-5457624D3029}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6941279F-691D-444C-91C7-98B3997B8EDD}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3375818-6987-4011-AFEF-39FA2528C95E}C:\nexon\library\icarus\appdata\bin64\launcher.exe] => (Allow) C:\nexon\library\icarus\appdata\bin64\launcher.exe
FirewallRules: [UDP Query User{5930C822-EBB7-41AB-BD65-A7CE1053CE80}C:\nexon\library\icarus\appdata\bin64\launcher.exe] => (Allow) C:\nexon\library\icarus\appdata\bin64\launcher.exe

==================== Restore Points =========================

03-07-2016 16:29:37 Naplánovaný kontrolní bod
07-07-2016 11:27:13 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2016 04:03:38 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (07/10/2016 10:23:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SetupHost.Exe verze 10.0.10586.164 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1718

Čas spuštění: 01d1da4c2e8967d0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\$WINDOWS.~BT\Sources\SetupHost.Exe

ID hlášení: f122b1ad-467f-11e6-8295-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/09/2016 08:25:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 47.0.0.5999 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1770

Čas spuštění: 01d1d9cab502625b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: db662704-460a-11e6-8294-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/09/2016 08:25:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 47.0.0.5999, časové razítko: 0x5753660e
Název chybujícího modulu: mozglue.dll, verze: 47.0.0.5999, časové razítko: 0x57535438
Kód výjimky: 0x80000003
Posun chyby: 0x0000f3ad
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (07/09/2016 01:58:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (07/08/2016 09:28:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 47.0.0.5999 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1250

Čas spuštění: 01d1d8f6b70cb5dd

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: 9572841e-454a-11e6-8293-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/08/2016 12:18:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (07/07/2016 12:30:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program nexon_client.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e0

Čas spuštění: 01d1d83e40788990

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Nexon Launcher\bin\nexon_client\nexon_client.exe

ID hlášení: 38ec3356-4436-11e6-828a-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/07/2016 12:30:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Launcher.exe verze 1.3.3718.38316 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 107c

Čas spuštění: 01d1d83e481b4a97

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Nexon\Library\icarus\appdata\Bin64\Launcher.exe

ID hlášení: 35143ad6-4436-11e6-828a-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/07/2016 01:09:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Launcher.exe verze 1.3.3718.38316 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 738

Čas spuštění: 01d1d7dd9463015d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Nexon\Library\icarus\appdata\Bin64\Launcher.exe

ID hlášení: 0100509d-43d7-11e6-8287-7824af84ced0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (07/10/2016 06:00:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
%%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/10/2016 06:00:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50 = Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/10/2016 06:00:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LiveUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA GeForce Experience Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (07/10/2016 06:00:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2016 03:52:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

CodeIntegrity:
===================================
Date: 2016-07-10 01:44:31.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-09 09:35:02.991
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-08 12:18:43.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-07 14:30:12.819
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-05 08:22:17.443
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-03 16:20:51.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-02 09:26:43.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-24 22:51:39.423
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 48%
Total physical RAM: 8135.23 MB
Available physical RAM: 4174.62 MB
Total Virtual: 9415.23 MB
Available Virtual: 4681.96 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:69.92 GB) NTFS
Drive d: (Data) (Fixed) (Total:1696.46 GB) (Free:1182.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 71412A49)

Partition: GPT.

==================== End of Addition.txt ============================

#11 Příspěvek od **Márty84** » 11 črc 2016 10:30

Napiste mi velikost adresare plochy (C:\Users\David\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-06-04] (Spotify Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File

FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\user.js [2016-07-10]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

HellSpay · #12 Příspěvek od **HellSpay** » 11 črc 2016 10:40

tu je ta plocha https://ctrlv.cz/jKKR a jdu delat jeste ten fix

HellSpay · #13 Příspěvek od **HellSpay** » 11 črc 2016 10:43

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by David (2016-07-11 11:37:09) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: asus & David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-942442422-211351429-3173966364-1003\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-06-04] (Spotify Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File

FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\user.js [2016-07-10]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-942442422-211351429-3173966364-1003\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => key removed successfully
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\0e2v2n80.default\user.js => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41499069 B
Java, Flash, Steam htmlcache => 48247087 B
Windows/system/drivers => 418928 B
Edge => 0 B
Chrome => 0 B
Firefox => 383400418 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1688018 B
systemprofile32 => 128 B
LocalService => 177582 B
NetworkService => 338926 B
UpdatusUser => 0 B
asus => 7342 B
David => 529126400 B

RecycleBin => 0 B
EmptyTemp: => 974.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:37:33 ====

#14 Příspěvek od **Márty84** » 12 črc 2016 01:03

HellSpay píše:tu je ta plocha https://ctrlv.cz/jKKR a jdu delat jeste ten fix

To ale neni velikost plochy, ale adresare David.

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

HellSpay · #15 Příspěvek od **HellSpay** » 12 črc 2016 09:40

po vsem to cisteni a defregmentaci jak sam muzete videt je to porad na 99%. https://ctrlv.cz/dC0t

VIRY.CZ

Disk na 100%

Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%

Re: Disk na 100%