Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

svchost.exe

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

svchost.exe

#1 Příspěvek od lubik7 »

Dobrý den,
mám problém s procesem svchost.exe, už jsem zde na fóru i jinde různě na netu našel spoustu návodů a i záplatu přímo od windowsu ( Windows6.1-KB2889748-x64 ), nic nepomáhá a záplata mi nejde nainstalovat.
spustil jsem tedy combofix a chtěl bych vás požádat o zkouknutí Logu a navržení dalšího postupu.
Předem děkuji za odpověd.

ComboFix 16-12-06.01 - Lubik 07.12.2016 13:04:01.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2011 [GMT 1:00]
Spuštěný z: c:\users\Lubik\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-11-07 do 2016-12-07 )))))))))))))))))))))))))))))))
.
.
2016-12-07 12:35 . 2016-12-07 12:35 -------- d-----w- c:\users\hedev\AppData\Local\temp
2016-12-07 12:35 . 2016-12-07 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-07 10:58 . 2016-11-10 07:44 11781064 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B86D894D-24BB-45FE-97C0-B9C9C101147D}\mpengine.dll
2016-12-07 09:33 . 2016-12-07 09:33 -------- d-----w- c:\program files\CCleaner
2016-12-06 18:20 . 2016-11-10 07:44 11781064 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-12-05 21:19 . 2016-12-05 21:19 -------- d-----w- c:\users\Lubik\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-05 21:18 . 2016-12-06 00:07 -------- d-----w- c:\program files\Plumbytes Software
2016-12-05 20:06 . 2016-12-05 20:06 -------- d-----w- c:\users\Lubik\AppData\Local\Zemana
2016-12-05 19:44 . 2016-12-05 20:54 -------- d-----w- c:\programdata\HitmanPro
2016-12-04 13:55 . 2016-12-04 13:55 -------- d-----w- c:\program files\Common Files\AV
2016-12-04 13:50 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2016-12-04 13:49 . 2016-12-04 13:49 -------- d-----w- c:\windows\ELAMBKUP
2016-12-04 13:49 . 2016-12-07 11:32 -------- d-----w- c:\programdata\Kaspersky Lab
2016-12-04 13:49 . 2016-12-04 13:49 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2016-12-04 13:48 . 2016-06-26 14:10 189264 ----a-w- c:\windows\system32\drivers\klflt.sys
2016-12-04 13:48 . 2016-12-06 18:14 1036512 ----a-w- c:\windows\system32\drivers\klif.sys
2016-12-04 10:45 . 2016-12-07 11:07 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-12-04 10:45 . 2016-03-10 13:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-12-04 10:45 . 2016-03-10 13:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-12-04 10:45 . 2016-03-10 13:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-12-04 10:45 . 2016-12-04 10:45 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-30 19:40 . 2016-05-12 10:02 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EFAF962-887F-4A35-AF1C-ABB98C1A9013}\gapaengine.dll
2016-11-08 19:30 . 2016-10-27 18:28 25763328 ----a-w- c:\windows\system32\mshtml.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-06 18:14 . 2016-06-20 16:29 57936 ----a-w- c:\windows\system32\drivers\klim6.sys
2016-12-06 18:14 . 2016-06-02 21:39 134880 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-12-04 13:57 . 2016-06-20 16:51 305496 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-11-09 20:10 . 2012-03-31 08:24 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-09 20:10 . 2011-05-15 06:45 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-11-08 19:44 . 2010-12-23 08:25 141011376 -c--a-w- c:\windows\system32\MRT.exe
2016-10-31 07:42 . 2015-05-16 07:28 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-10-28 01:22 . 2010-12-22 09:28 485032 ------w- c:\windows\system32\MpSigStub.exe
2016-10-13 14:39 . 2016-10-13 14:39 59528 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-10-11 15:32 . 2016-11-17 19:01 345600 ----a-w- c:\windows\system32\schannel.dll
2016-10-11 15:32 . 2016-11-17 19:01 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-10-11 15:18 . 2016-11-17 19:01 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-10-11 15:18 . 2016-11-17 19:01 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-10-11 15:18 . 2016-11-17 19:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-09-23 21:11 . 2016-09-23 21:11 34818624 ----a-w- c:\windows\system32\nvoglv64.dll
2016-09-23 21:11 . 2016-09-23 21:11 28223544 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2016-09-23 21:10 . 2016-09-23 21:10 14127040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-09-23 21:10 . 2016-09-23 21:10 952376 ----a-w- c:\windows\system32\NvIFR64.dll
2016-09-23 21:10 . 2016-09-23 21:10 903736 ----a-w- c:\windows\SysWow64\NvIFR.dll
2016-09-23 21:10 . 2016-09-23 21:10 63440 ----a-w- c:\windows\system32\nvhdap64.dll
2016-09-23 21:09 . 2016-09-23 21:09 1597392 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2016-09-23 21:09 . 2016-09-23 21:09 232016 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2016-09-23 21:09 . 2016-09-23 21:09 1029184 ----a-w- c:\windows\system32\NvFBC64.dll
2016-09-23 21:09 . 2016-09-23 21:09 965568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2016-09-23 21:09 . 2016-09-23 21:09 1593792 ----a-w- c:\windows\system32\nvdispgenco6437290.dll
2016-09-23 21:09 . 2016-09-23 21:09 1931328 ----a-w- c:\windows\system32\nvdispco6437290.dll
2016-09-23 21:09 . 2016-09-23 21:09 3604536 ----a-w- c:\windows\system32\nvcuvid.dll
2016-09-23 21:09 . 2016-09-23 21:09 3169736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2016-09-23 21:08 . 2016-09-23 21:08 40078912 ----a-w- c:\windows\system32\nvcompiler.dll
2016-09-23 21:08 . 2016-09-23 21:08 35189704 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2016-09-23 20:42 . 2016-01-25 16:24 20036576 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-09-23 20:41 . 2016-09-23 20:41 421768 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2016-09-23 20:41 . 2016-09-23 20:41 10972208 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2016-09-23 20:41 . 2016-09-23 20:41 8964016 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2016-09-23 20:41 . 2016-09-23 20:41 10849640 ----a-w- c:\windows\system32\nvopencl.dll
2016-09-23 20:41 . 2016-09-23 20:41 141776 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2016-09-23 20:41 . 2016-09-23 20:41 190440 ----a-w- c:\windows\system32\nvinitx.dll
2016-09-23 20:41 . 2016-09-23 20:41 703736 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2016-09-23 20:41 . 2016-09-23 20:41 592032 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2016-09-23 20:41 . 2016-09-23 20:41 17626552 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-09-23 20:40 . 2016-09-23 20:40 10386152 ----a-w- c:\windows\system32\nvcuda.dll
2016-09-23 20:40 . 2016-09-23 20:40 8769088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2016-09-23 20:40 . 2013-01-06 16:36 3961016 ----a-w- c:\windows\system32\nvapi64.dll
2016-09-23 20:36 . 2016-01-25 16:24 506864 ----a-w- c:\windows\system32\nvumdshimx.dll
2016-09-23 20:36 . 2016-01-25 16:24 17430888 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2016-09-23 20:35 . 2016-09-23 20:35 9179256 ----a-w- c:\windows\SysWow64\nvopencl.dll
2016-09-23 20:35 . 2016-09-23 20:35 167736 ----a-w- c:\windows\SysWow64\nvinit.dll
2016-09-23 20:35 . 2016-09-23 20:35 163456 ----a-w- c:\windows\system32\nvoglshim64.dll
2016-09-23 20:35 . 2016-01-25 16:24 14487936 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-09-23 20:35 . 2013-01-06 16:36 3497712 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-09-21 18:07 . 2016-09-21 18:07 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-09-21 18:07 . 2016-09-21 18:07 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-09-21 18:07 . 2016-09-21 18:07 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-09-21 18:07 . 2016-09-21 18:07 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-09-21 18:00 . 2016-09-21 18:00 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-09-21 18:00 . 2016-09-21 18:00 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-09-21 18:00 . 2016-09-21 18:00 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-09-21 18:00 . 2016-09-21 18:00 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-09-16 22:57 . 2010-07-31 07:52 6385720 ----a-w- c:\windows\system32\nvcpl.dll
2016-09-16 22:57 . 2010-07-31 07:52 2475064 ----a-w- c:\windows\system32\nvsvc64.dll
2016-09-16 22:57 . 2016-01-25 13:53 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-09-16 22:57 . 2016-01-25 13:53 546752 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-09-16 22:57 . 2010-07-31 07:52 69568 ----a-w- c:\windows\system32\nvshext.dll
2016-09-16 22:57 . 2010-07-31 07:52 392128 ----a-w- c:\windows\system32\nvmctray.dll
2016-09-16 22:57 . 2010-07-31 07:52 1762752 ----a-w- c:\windows\system32\nvsvcr.dll
2016-09-16 22:57 . 2010-07-31 07:52 1364024 ----a-w- c:\windows\system32\nvvsvc.exe
2016-09-16 22:30 . 2016-10-21 07:39 134712 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-09-16 07:40 . 2012-11-18 20:19 7379415 ----a-w- c:\windows\system32\nvcoproc.bin
2016-09-15 14:56 . 2016-10-21 07:31 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-09-13 15:37 . 2016-10-21 07:31 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-13 15:11 . 2016-10-21 07:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-12 21:17 . 2016-10-06 14:21 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-09-12 21:08 . 2016-10-21 07:31 107520 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 21:08 . 2016-10-06 14:21 1226752 ----a-w- c:\windows\system32\aeinv.dll
2016-09-12 20:49 . 2016-10-21 07:31 76800 ----a-w- c:\windows\SysWow64\adsmsext.dll
2016-09-12 19:08 . 2016-10-21 07:31 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-09-12 18:43 . 2016-10-21 07:31 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-09-12 18:43 . 2016-10-21 07:31 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-09-09 18:25 . 2016-10-21 07:39 269600 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-09-09 18:25 . 2016-09-09 18:25 269600 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-26-0.dll
2016-09-09 18:25 . 2016-10-21 07:39 110880 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-09-09 18:25 . 2016-09-09 18:25 110880 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 18:25 . 2016-10-21 07:39 261920 ----a-w- c:\windows\system32\vulkan-1.dll
2016-09-09 18:25 . 2016-09-09 18:25 261920 ----a-w- c:\windows\system32\vulkan-1-1-0-26-0.dll
2016-09-09 18:24 . 2016-10-21 07:39 125216 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-09-09 18:24 . 2016-09-09 18:24 125216 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-26-0.exe
2016-09-09 18:20 . 2016-10-21 07:31 756736 ----a-w- c:\windows\system32\win32spl.dll
2016-09-09 18:00 . 2016-10-21 07:31 497152 ----a-w- c:\windows\SysWow64\win32spl.dll
2016-09-09 15:54 . 2016-10-06 14:21 586752 ----a-w- c:\windows\system32\generaltel.dll
2016-09-09 15:54 . 2016-10-06 14:21 314368 ----a-w- c:\windows\system32\invagent.dll
2016-09-09 15:54 . 2016-10-06 14:21 575488 ----a-w- c:\windows\system32\devinv.dll
2016-09-09 15:54 . 2016-10-06 14:21 273408 ----a-w- c:\windows\system32\centel.dll
2016-09-09 15:54 . 2016-10-06 14:21 224256 ----a-w- c:\windows\system32\aepic.dll
2016-09-09 15:54 . 2016-10-06 14:21 1629184 ----a-w- c:\windows\system32\appraiser.dll
2016-09-09 15:54 . 2016-10-06 14:21 129024 ----a-w- c:\windows\system32\acmigration.dll
2016-09-08 20:34 . 2016-10-21 07:31 263680 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-21 07:31 108544 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 20:34 . 2016-10-21 07:31 208896 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-09-08 20:34 . 2016-10-21 07:31 87040 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-09-08 14:55 . 2016-10-21 07:31 142336 ----a-w- c:\windows\system32\drivers\mrxdav.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
2016-12-06 18:14 1028968 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{093F479D-712E-46CD-9E06-62E734A05F68}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll" [2016-12-06 1028968]
.
[HKEY_CLASSES_ROOT\clsid\{093f479d-712e-46cd-9e06-62e734a05f68}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-24 39408]
"Akamai NetSession Interface"="c:\users\Lubik\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2016-06-14 797328]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-11-15 9105112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2009-09-03 60928]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
c:\users\Lubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MATLAB License Server;MATLAB License Server;c:\program files\MATLAB\R2012b\etc\win64\lmgrd.exe;c:\program files\MATLAB\R2012b\etc\win64\lmgrd.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys;c:\windows\SYSNATIVE\Drivers\gHidPnp.Sys [x]
R3 gMouUsb16;USB 16-bit Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb16.sys;c:\windows\SYSNATIVE\DRIVERS\gMouUsb16.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 AVP17.0.0;Služba Kaspersky Anti-Virus 17.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-15 08:01 1364072 ----a-w- c:\program files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 20:10]
.
2016-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16 14:40]
.
2016-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16 14:40]
.
2016-12-07 c:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
- c:\program files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2013-04-03 17:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
2016-12-06 18:14 1253736 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{093F479D-712E-46CD-9E06-62E734A05F68}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll" [2016-12-06 1253736]
.
[HKEY_CLASSES_ROOT\CLSID\{093F479D-712E-46CD-9E06-62E734A05F68}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-01-12 2787264]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-01-12 1860120]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-12-07 13:46:21
ComboFix-quarantined-files.txt 2016-12-07 12:46
ComboFix2.txt 2016-12-07 10:54
.
Před spuštěním: Volných bajtů: 618 784 628 736
Po spuštění: Volných bajtů: 618 751 229 952
.
- - End Of File - - 8F173A9C5E7DAE32402011051E311E32
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#2 Příspěvek od Rudy »

Zdravím!
1. ComboFix je profi utilita, kterou, poukud spouští laik a neověří si, co CF všechno umí, riskuje poškození systému. Nám navíc komplikuje čištění systému, neboť CF maže stopy po případném malwaru.
2. V PC jsou 2 rezidentní antiviry. Jeden z nich odinstalujte.
3. Po odinstalaci dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#3 Příspěvek od lubik7 »

Dobrý den, zde zasílám log z RSIT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Lubik (administrator) on LUBIK-PC (07-12-2016 20:21:56)
Running from C:\Users\Lubik\Downloads
Loaded Profiles: Lubik (Available Profiles: Lubik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Genius\ioCentre\gTaskBar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Genius\ioCentre\gMouseTask.exe
() C:\Genius\ioCentre\gKbdTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIoCentreFunMgm.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIoCentreFunMgm.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Akamai Technologies, Inc.) C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe [60928 2009-09-03] ()
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-24] (Google Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-10-16]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0D38B642-1403-417A-8648-EA957A8366E4}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> DefaultScope {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {8119E34B-CBB4-4557-AC50-7632F0D5F657} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... 1I7ADFA_cs
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 [2016-12-07]
FF Homepage: Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 -> hxxp://www.seznam.cz/
FF Extension: (Diagnostics for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\abpwatcher@adblockplus.org.xpi [2016-05-11]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\elemhidehelper@adblockplus.org.xpi [2016-11-01]
FF Extension: (Firefox Hotfix) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-12-07]
FF Extension: (Adblock Plus Filter Uploader) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\uploader@adblockfilters.mozdev.org.xpi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF Extension: (Adblock Edge) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-05-11] [not signed]
FF HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @cabri.com/CabriIIPlus -> C:\Program Files (x86)\Cabri\Cabri II Plus Plug-in 1.4\npCabriIIPlus.dll [2011-09-23] (Cabrilog)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Prezentace Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-15]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-15]
CHR Extension: (Tabulky Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-04-15]
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-07]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Kalendář Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (\) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\picpigdgdkaekefkpcaenndmjhibibnk [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-02] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MATLAB License Server; C:\Program Files\MATLAB\R2012b\etc\win64\lmgrd.exe [1775440 2012-07-20] (Flexera Software, Inc.)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25088 2009-06-27] ()
S3 gMouUsb16; C:\Windows\System32\DRIVERS\gMouUsb16.sys [11776 2009-06-25] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-07] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1999-09-14] () [File not signed]
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 20:21 - 2016-12-07 20:22 - 00025345 _____ C:\Users\Lubik\Downloads\FRST.txt
2016-12-07 20:20 - 2016-12-07 20:20 - 02420224 _____ (Farbar) C:\Users\Lubik\Downloads\FRST64.exe
2016-12-07 13:47 - 2016-12-07 13:47 - 00026184 _____ C:\Users\Lubik\Desktop\combo fix log.txt
2016-12-07 13:46 - 2016-12-07 13:46 - 00026184 ____C C:\ComboFix.txt
2016-12-07 12:34 - 2016-12-07 12:35 - 00000000 ____D C:\Users\Lubik\Desktop\Nová složka
2016-12-07 11:31 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-07 11:31 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-07 11:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-07 11:29 - 2016-12-07 13:47 - 00000000 ___DC C:\Qoobox
2016-12-07 11:28 - 2016-12-07 11:50 - 00000000 ____D C:\Windows\erdnt
2016-12-07 11:10 - 2016-12-07 11:10 - 00262144 _____ C:\Windows\system32\config\elam
2016-12-07 11:01 - 2016-12-07 11:01 - 00499322 _____ C:\Users\Lubik\Documents\cc_20161207_110057.reg
2016-12-07 10:33 - 2016-12-07 10:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-07 10:33 - 2016-12-07 10:33 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\Program Files\CCleaner
2016-12-07 10:32 - 2016-12-07 10:32 - 08576448 _____ (Piriform Ltd) C:\Users\Lubik\Downloads\ccsetup524.exe
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{A8F0822D-79B9-4AED-9CBB-1A3986CF58BD}
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{465FACE1-154A-46E3-89D0-F9EB4F3AFD7A}
2016-12-07 08:35 - 2016-12-07 08:35 - 30659457 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3172605-x64.msu
2016-12-07 08:35 - 2016-12-07 08:35 - 09542472 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3177467-x64.msu
2016-12-06 20:51 - 2016-12-06 20:51 - 00000000 ____D C:\Users\Lubik\Desktop\proces explorer
2016-12-06 19:30 - 2016-12-06 19:33 - 00000000 ____D C:\Users\Lubik\Documents\SNAŽÍM SE VYŘEŠIT VYTÍŽENÍ CPU
2016-12-05 22:19 - 2016-12-05 22:19 - 00000000 ____D C:\Users\Lubik\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-05 22:18 - 2016-12-06 01:07 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-12-05 22:17 - 2016-12-05 22:17 - 00881936 _____ (Plumbytes Software) C:\Users\Lubik\Downloads\antimalwaresetup(1).exe
2016-12-05 22:16 - 2016-12-05 22:16 - 00881936 _____ (Plumbytes Software) C:\Users\Lubik\Downloads\antimalwaresetup.exe
2016-12-05 21:06 - 2016-12-05 21:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\Zemana
2016-12-05 20:44 - 2016-12-05 21:54 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-04 20:48 - 2016-12-04 20:48 - 00050738 _____ C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.srt
2016-12-04 14:55 - 2016-12-07 20:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-04 14:55 - 2016-12-07 12:22 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-04 14:49 - 2016-12-07 20:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-04 14:45 - 2016-12-04 14:45 - 01777624 ____C (Kaspersky Lab) C:\Users\Lubik\Downloads\kav15.0.2.361abccs_8416.exe
2016-12-04 11:45 - 2016-12-07 20:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-04 11:45 - 2016-12-04 11:45 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-04 11:45 - 2016-12-04 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-04 11:45 - 2016-12-04 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-04 11:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-04 11:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-04 11:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-02 22:22 - 2016-12-02 22:22 - 00023597 ____C C:\Users\Lubik\Downloads\Vikings.S04E11.HDTV.x264-KILLERS.srt
2016-12-02 21:41 - 2016-12-02 22:06 - 458668480 ____C C:\Users\Lubik\Downloads\The-Flash-S03E07-české-titulky-novinka.avi
2016-12-02 19:34 - 2016-12-02 19:55 - 385016124 ____C C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.avi
2016-12-01 20:16 - 2016-12-01 20:34 - 329208253 ____C C:\Users\Lubik\Downloads\Vikings.S04E11.HDTV.x264-KILLERS.mkv
2016-11-30 21:34 - 2016-11-30 21:38 - 00000000 ____D C:\Users\Lubik\Documents\výpisy
2016-11-28 10:20 - 2016-11-28 10:20 - 00193513 ____C C:\Users\Lubik\Downloads\document(5).pdf
2016-11-28 10:19 - 2016-11-28 10:19 - 00076485 ____C C:\Users\Lubik\Downloads\document(4).pdf
2016-11-28 09:57 - 2016-11-28 09:57 - 00373829 ____C C:\Users\Lubik\Downloads\document(3).pdf
2016-11-25 20:15 - 2016-11-25 20:15 - 00358557 ____C C:\Users\Lubik\Downloads\document(2).pdf
2016-11-25 20:02 - 2016-11-25 06:20 - 02119855 _____ C:\Users\Lubik\Desktop\CSAT-MP-6-2016_penzijnípřipojištění.pdf
2016-11-23 13:18 - 2016-11-23 13:18 - 00297672 ____C C:\Users\Lubik\Downloads\Prihlaska-na-zkousku(2).pdf
2016-11-20 15:34 - 2016-12-07 20:18 - 00000000 ____D C:\Users\Lubik\AppData\LocalLow\Mozilla
2016-11-19 17:04 - 2016-12-04 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-17 20:01 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-17 20:01 - 2016-10-11 16:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-17 20:01 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-17 20:01 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-17 20:01 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-17 20:01 - 2016-10-11 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-17 20:01 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-17 20:01 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-17 20:01 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-17 20:01 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-09 11:23 - 2016-11-09 11:24 - 00000000 ____D C:\Users\Lubik\Documents\Angličitna
2016-11-08 20:30 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-08 20:30 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-08 20:30 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-08 20:30 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-08 20:30 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-08 20:30 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-08 20:30 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-08 20:30 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-08 20:30 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-08 20:30 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-08 20:30 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-08 20:30 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-08 20:30 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-08 20:30 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-08 20:30 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-08 20:30 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-08 20:30 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-08 20:30 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-08 20:30 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-08 20:30 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-08 20:30 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-08 20:30 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-08 20:30 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-08 20:30 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-08 20:30 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-08 20:30 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-08 20:30 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-08 20:30 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-08 20:30 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-08 20:30 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-08 20:30 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-08 20:30 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-08 20:30 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-08 20:30 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-08 20:30 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-08 20:30 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-08 20:30 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-08 20:30 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-08 20:30 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-08 20:30 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-08 20:30 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-08 20:30 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-08 20:30 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-08 20:30 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-08 20:30 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-08 20:30 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-08 20:30 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-08 20:30 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-08 20:30 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-08 20:30 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-08 20:30 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-08 20:30 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-08 20:30 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-08 20:30 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-08 20:30 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-08 20:30 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-08 20:30 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-08 20:30 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-08 20:30 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-08 20:30 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-08 20:30 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-08 20:30 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-08 20:30 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-08 20:30 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-08 20:30 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-08 20:30 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-08 20:30 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-08 20:30 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-08 20:30 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-08 20:30 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-08 20:30 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-08 20:30 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-08 20:30 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-08 20:30 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-08 20:30 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-08 20:30 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-08 20:30 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-08 20:30 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-08 20:30 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-08 20:30 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-08 20:30 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-08 20:30 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-08 20:30 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-08 20:30 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 20:21 - 2014-01-01 11:37 - 00000000 ____D C:\FRST
2016-12-07 20:18 - 2012-12-08 11:05 - 00000000 ____D C:\Users\Lubik\AppData\Local\Akamai
2016-12-07 20:15 - 2013-04-03 09:26 - 00000546 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2016-12-07 20:14 - 2010-12-22 11:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-07 20:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-07 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-07 20:10 - 2013-10-27 16:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-07 20:00 - 2010-12-24 22:59 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-07 13:35 - 2009-07-14 03:34 - 00000215 ____C C:\Windows\system.ini
2016-12-07 12:54 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-07 12:54 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-07 12:34 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik\AppData\Local\VirtualStore
2016-12-07 12:07 - 2014-10-16 14:36 - 00002322 _____ C:\Windows\Sandboxie.ini
2016-12-07 11:39 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-12-07 11:18 - 2010-12-22 10:52 - 00161192 _____ C:\Users\Lubik\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-07 11:16 - 2009-07-14 05:45 - 00524480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-07 10:57 - 2016-03-17 11:09 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\Media Player Classic
2016-12-07 10:57 - 2016-03-13 19:23 - 00000000 ____D C:\Users\Lubik\AppData\Local\CrashDumps
2016-12-07 10:57 - 2012-10-02 20:36 - 00000000 ____D C:\Windows\Minidump
2016-12-07 10:57 - 2010-12-22 09:58 - 00000000 ____D C:\Windows\Panther
2016-12-07 10:29 - 2010-12-24 23:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\ElevatedDiagnostics
2016-12-06 21:37 - 2010-12-22 11:21 - 00002120 _____ C:\Windows\epplauncher.mif
2016-12-06 20:30 - 2009-07-14 06:08 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-06 19:38 - 2010-12-24 22:59 - 00000000 ____D C:\Users\Lubik\AppData\Local\Google
2016-12-06 04:34 - 2009-07-14 16:18 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-06 04:34 - 2009-07-14 16:18 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-06 04:34 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-04 21:40 - 2015-04-19 11:51 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\vlc
2016-12-04 17:54 - 2016-10-17 11:13 - 00000000 ____D C:\Users\Lubik\Documents\Průkaz leteckého mechanika B1
2016-12-04 17:53 - 2016-10-11 13:25 - 00000000 ____D C:\Users\Lubik\Documents\PRÁCE - čsa technics
2016-12-04 14:52 - 2014-01-01 20:53 - 00000000 ____D C:\Users\hedev
2016-12-04 14:36 - 2016-10-17 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-03 20:57 - 2014-12-24 13:02 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-11-30 21:39 - 2012-03-09 18:08 - 00000000 ____D C:\Users\Lubik\Documents\E-KNIHY
2016-11-30 21:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-11-30 20:22 - 2016-06-25 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-30 20:22 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik
2016-11-30 20:21 - 2014-10-16 19:49 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-30 20:21 - 2011-11-12 09:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-30 20:21 - 2010-12-24 23:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-30 20:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-29 20:48 - 2011-02-12 18:04 - 00000000 ____D C:\Users\Lubik\AppData\Local\Adobe
2016-11-29 10:02 - 2016-06-22 13:22 - 00000000 ____D C:\Users\Lubik\Desktop\kupní smlouvy
2016-11-18 11:02 - 2014-07-22 19:21 - 00006144 _____ C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-17 20:08 - 2010-12-22 11:20 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-15 09:01 - 2014-10-16 19:37 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-15 09:01 - 2014-10-16 19:37 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-09 21:10 - 2013-10-27 16:58 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-09 21:10 - 2012-03-31 09:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-09 21:10 - 2011-05-15 07:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 20:50 - 2013-08-15 23:21 - 00000000 ____D C:\Windows\system32\MRT
2016-11-08 20:44 - 2010-12-23 09:25 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-07 19:42 - 2015-05-16 08:37 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2011-02-14 18:48 - 2011-02-14 18:48 - 0000048 _____ () C:\Users\Lubik\AppData\Roaming\mainhst.zgh
2015-10-02 22:19 - 2015-10-02 22:19 - 0000079 _____ () C:\Users\Lubik\AppData\Roaming\mbam.context.scan
2014-07-22 19:21 - 2016-11-18 11:02 - 0006144 _____ () C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-21 22:15 - 2015-05-14 17:39 - 0007611 _____ () C:\Users\Lubik\AppData\Local\Resmon.ResmonCfg
2015-03-14 01:28 - 2015-03-14 01:28 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{46DE577D-E827-4FC5-BD15-F7E5E1A29014}
2011-07-13 19:53 - 2011-07-13 19:53 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{A7BF902A-7021-4C6D-8129-8F7E2E5FB452}
2015-05-28 10:14 - 2015-05-28 10:15 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{F4454D36-3EF5-4387-A867-CAE550BB7E2D}
2016-05-14 19:30 - 2016-05-14 19:30 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{FD264A44-BE4E-43F0-B18C-FBE7864C83FD}
2010-12-30 16:09 - 2016-05-11 14:13 - 0004128 _____ () C:\ProgramData\hpzinstall.log
2012-12-08 11:37 - 2012-12-08 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-09-24 17:43 - 2012-09-30 13:44 - 0000771 _____ () C:\ProgramData\NCIDebug.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-11 10:25

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#4 Příspěvek od Rudy »

Teď spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#5 Příspěvek od lubik7 »

Dobrý večer, zde přikládám log z ADWcleaneru

# AdwCleaner v6.040 - Log vytvořen 07/12/2016 v 23:30:38
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Lubik - LUBIK-PC
# Spuštěno z : C:\Users\Lubik\Desktop\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Lubik\AppData\Roaming\Babylon
[-] Složka smazána: C:\Genius
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\Babylon
[-] Složka smazána: C:\ProgramData\FileCure
[-] Složka smazána: C:\ProgramData\ICQ\ICQNewTab
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Babylon
[#] Složka smazána po restartu: C:\ProgramData\Application Data\FileCure
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ICQ\ICQNewTab


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\ParetoLogic
[-] Klíč smazán: HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Softonic
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2970943431-2344779201-316442953-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\ParetoLogic
[#] Klíč smazán po restartu: HKCU\Software\Softonic
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2970943431-2344779201-316442953-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\ParetoLogic
[#] Klíč smazán po restartu: [x64] HKCU\Software\Softonic
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****

[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: search.conduit.com
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: websearch.ask.com
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: ask search
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: ask.com
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: aaaaahaeginbdcckocjkhbciadcafnep
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: aaaaahlfahldnilidgnlikdckbfehhca
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: websearch.ask.com
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: ask search
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: search.conduit.com
[-] [C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: ask.com


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5549 Bajty] - [07/12/2016 23:30:38]
C:\AdwCleaner\AdwCleaner[R0].txt - [7748 Bajty] - [04/01/2014 09:39:28]
C:\AdwCleaner\AdwCleaner[R1].txt - [1067 Bajty] - [04/01/2014 09:52:10]
C:\AdwCleaner\AdwCleaner[R2].txt - [1113 Bajty] - [04/01/2014 09:57:32]
C:\AdwCleaner\AdwCleaner[R3].txt - [1233 Bajty] - [04/01/2014 10:07:39]
C:\AdwCleaner\AdwCleaner[R4].txt - [1353 Bajty] - [04/01/2014 11:45:49]
C:\AdwCleaner\AdwCleaner[S0].txt - [7528 Bajty] - [04/01/2014 09:48:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [1131 Bajty] - [04/01/2014 09:53:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [1175 Bajty] - [04/01/2014 09:58:49]
C:\AdwCleaner\AdwCleaner[S3].txt - [1295 Bajty] - [04/01/2014 10:09:30]
C:\AdwCleaner\AdwCleaner[S4].txt - [1415 Bajty] - [04/01/2014 11:47:04]
C:\AdwCleaner\AdwCleaner[S5].txt - [6374 Bajty] - [07/12/2016 23:27:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6425 Bajty] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#6 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#7 Příspěvek od lubik7 »

Dobrý den,
nový log z FRST

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Lubik (08-12-2016 19:06:58)
Running from C:\Users\Lubik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-22 09:13:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2970943431-2344779201-316442953-500 - Administrator - Disabled)
Guest (S-1-5-21-2970943431-2344779201-316442953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2970943431-2344779201-316442953-1002 - Limited - Enabled)
Lubik (S-1-5-21-2970943431-2344779201-316442953-1000 - Administrator - Enabled) => C:\Users\Lubik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
A.I.M. (HKLM-x32\...\{9B77B482-054A-411D-9011-7F03A5FFFAB1}_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Czech (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Czech (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD Civil 3D 2013 – čeština (Czech) (HKLM\...\AutoCAD Civil 3D 2013 – čeština (Czech)) (Version: 10.0.1111.0 - Autodesk)
AutoCAD Civil 3D 2013 – čeština (Czech) (Version: 10.0.1111.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Professional 2014 - čeština (Czech) (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - čeština (Czech) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabri II Plus Plug-in 1.4.5 (HKLM-x32\...\{A4A74248-A609-4FE5-9370-64351D433D45}_is1) (Version: Cabri II Plus Plug-in 1.4.5 - Cabrilog S.A.S.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Desert Storm (HKLM-x32\...\{1C1212D0-9B68-474A-A376-EF01DCD204F1}) (Version: - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
DJ_AIO_03_F2200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
DraftSight (HKLM-x32\...\{EE7D7509-CC19-4DED-A439-F50B191C9E37}) (Version: 8.0.2123 - Dassault Systemes)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Easy Tune 6 B10.0521.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0521.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
F2200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.60.0 - International GeoGebra Institute)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{3690900F-85EA-447F-BAD1-5CA25AA9B627}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IL-2 Sturmovik: Forgotten Battles (HKLM-x32\...\InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}) (Version: 1.00.0000 - Ubi Soft)
IL-2 Sturmovik: Forgotten Battles (x32 Version: 1.00.0000 - Ubi Soft) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
ioCentre (HKLM-x32\...\{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}) (Version: 1.02.000 - KYE)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jazykový balíček Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Jazykový balíček Autodesk Vault Basic 2014 (Client) – čeština (Version: 18.0.86.0 - Autodesk) Hidden
Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Jazykový balíček pro aplikaci AutoCAD Civil 3D 2013 – čeština (Czech) (Version: 10.0.1111.0 - Autodesk) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.215.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Mozilla Firefox 50.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 cs)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden
NICI (64 bit) (HKLM\...\{559D2B32-5066-4762-A2F2-52831AC6F67B}) (Version: 2.7.6 - Novell, Inc.)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5922 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 372.90 (Version: 372.90 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Sandboxie 5.10 (64-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sins of a Solar Empire (HKLM-x32\...\{C3533E6A-5C16-489A-9CB1-F190439F071B}_is1) (Version: 1.11.038 - US - ACTION, s.r.o.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
STARWARS: The Battle of Endor version 2.1 (HKLM-x32\...\STARWARS: The Battle of Endor v2.1_is1) (Version: - Bruno R. Marcos)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version: - )
ubi.com (HKLM-x32\...\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}) (Version: - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.467 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
xKarel 2.0.0b5 (HKLM-x32\...\xKarel_is1) (Version: - )
XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0960A27D-F6D8-46B1-A3CA-5D542222D326} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {0D632040-C575-4C3A-A45D-70F5B69D16BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {1AB05FB5-7A2F-49CB-8CE6-7193535FFD44} - System32\Tasks\{DB9E02CB-B5B5-433A-A151-768F2E2F57BC} => Chrome.exe
Task: {1FCA438F-B140-404E-B125-C3C904AE357F} - System32\Tasks\{7FE5CEFA-9656-4E38-9A96-A7C673FA4CA4} => pcalua.exe -a C:\Users\Lubik\Documents\NCsoftLauncherSetup.exe -d C:\Users\Lubik\Desktop
Task: {23CD578E-6505-4C69-B2B1-7254EE8C296A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2D2E09FA-D2C2-4E44-BE44-DEDFBD40FB26} - System32\Tasks\{D0729B0D-DC61-4306-8469-C8D71692D4FE} => C:\Program Files (x86)\PSPad editor\PSPad.exe [2013-01-25] (Jan Fiala)
Task: {3B34455E-6159-48B0-BC1A-BCF41CCDA042} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3E728163-29A7-4002-86C2-EC8591C7ECC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {50BB2977-B3FB-4592-897C-2BC7AB35A84E} - System32\Tasks\{45FD886F-3096-4FCA-8168-D5317BD357D6} => Chrome.exe
Task: {54BFA29B-98B2-483A-B442-C3FB6662E9D5} - System32\Tasks\{1E6EE3F4-510D-44CF-AFE9-169392777B08} => Chrome.exe
Task: {54C46F92-C5DC-48C7-A599-A61ED0C5B77F} - System32\Tasks\{1611EA51-E121-45DF-BE0F-07BB01EFF173} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.60.104/cs/abandoninstall?page=tsProgressBar
Task: {5C301567-2AB0-427F-B35D-1320B1E836F3} - System32\Tasks\{A8F0822D-79B9-4AED-9CBB-1A3986CF58BD} => C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12] (Microsoft Corporation)
Task: {6BFF6D4D-EE92-427A-A6E6-294560E8BBD7} - System32\Tasks\{C7441B95-6143-4387-99F4-0B8463D7ACAD} => Chrome.exe
Task: {6D0E8BC1-C456-470E-B309-5288A01C91B4} - System32\Tasks\{086D947B-5516-4AA8-A3BE-25DFAC9B7230} => Chrome.exe
Task: {6E6F820C-9C09-411B-99D6-69F9AE9B051E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {707FC37C-808C-4E21-9365-C7DB8E54C50A} - System32\Tasks\{CFDFF321-8C59-4B81-B806-FBAAB0F25168} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_APGuitarSetup.zip\APGuitarSetup.exe <==== ATTENTION
Task: {71799DD5-1480-4239-B86A-DCA48A4CE2D4} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {79244C73-09E3-483D-B9AE-D6DF9FB88D40} - System32\Tasks\{6C6AD833-01E5-48F1-B822-3DE217543E45} => C:\Program Files (x86)\1C\AIM\aim.exe
Task: {7D6AA220-6A8C-44D6-BDF1-9BBDAFD88575} - System32\Tasks\{465FACE1-154A-46E3-89D0-F9EB4F3AFD7A} => C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12] (Microsoft Corporation)
Task: {95DC915A-3DC6-409F-A0D2-5552A1D1762C} - System32\Tasks\{AFB077DC-AECF-4346-86B8-578A4ACB083C} => C:\Program Files (x86)\PSPad editor\PSPad.exe [2013-01-25] (Jan Fiala)
Task: {99401165-E7B3-4DD8-B083-636E13F84610} - System32\Tasks\{7C46948B-323E-4406-9DEA-55F3D96A8B48} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\ubi7DB0.tmp.exe -d "C:\Program Files (x86)\Ubisoft\Assassin's Creed" <==== ATTENTION
Task: {9C96E773-2F64-4417-AD0D-A5929A19C691} - System32\Tasks\{6ADEC289-495E-4D66-8B95-15EA7FAAA209} => pcalua.exe -a "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed"
Task: {B6AD0ABA-02CB-40A6-BFEF-600116467804} - System32\Tasks\{C67061F9-1767-4140-9849-0F87A76D31B2} => pcalua.exe -a "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed\autorun.exe" -d "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed"
Task: {B7178609-852F-4810-B7C0-7DCD14F73EB2} - System32\Tasks\{53855BF3-2CD1-4D15-9264-B1D209ADF0F3} => pcalua.exe -a "C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe"
Task: {BD22D2D8-9402-44E8-BF77-5771A87B18D5} - System32\Tasks\{F81A66D8-D40E-41C0-A170-CF6299D340F6} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_matlab_R2012b_win64.zip\win64\matlab_R2012b_win64_installer.exe <==== ATTENTION
Task: {D53C634F-F555-49D4-9C63-ED8911C69518} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {E1DA8425-0DA1-43A5-82D5-498754731746} - System32\Tasks\{6CCDA7D8-6D84-4E36-AA92-607888412C7B} => Chrome.exe hxxp://www.skype.com/go/downloading?source=ins ... stError=-9
Task: {E41CDEC8-1E86-4B1D-9820-0F0526C8CABC} - System32\Tasks\{406E83DF-8E35-44AA-B3EB-465F76DFD2CA} => pcalua.exe -a C:\Users\Lubik\Downloads\dgt230.exe -d C:\Users\Lubik\Downloads
Task: {EF8D7AA3-E505-4549-916E-7008F4D3E577} - System32\Tasks\{45832887-DE73-4718-9B8D-BB73D1DEDA26} => pcalua.exe -a C:\Users\Lubik\Documents\pcad2009smarteng.exe -d C:\Users\Lubik\Documents
Task: {F1158F9C-78D9-4373-9DEF-161B4272057F} - System32\Tasks\{7BA856B3-F7A2-4E97-A119-F04CEE6F8E9E} => pcalua.exe -a "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed" <==== ATTENTION
Task: {F389D41E-8F87-4299-AA36-C6466E1B0B99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lubik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2012-11-18 21:19 - 2016-09-16 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-06 17:52 - 2012-11-06 17:56 - 03011072 _____ () C:\Windows\System32\SAFEQVS64.DLL
2012-11-06 17:52 - 2012-11-06 17:56 - 00519168 _____ () C:\Windows\System32\SafeQCairoLib64.dll
2010-12-26 16:42 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-01-25 12:58 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2012-11-30 03:06 - 2012-11-30 03:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-08-19 21:49 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-12-22 10:56 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-11-30 03:07 - 2012-11-30 03:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2005-08-14 21:09 - 2005-08-14 21:09 - 00111616 _____ () C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2016-03-16 12:50 - 2015-09-22 11:52 - 00252496 _____ () C:\Users\Lubik\AppData\Roaming\BSplayer\LAV Filters\libbluray.dll
2004-05-25 15:06 - 2004-05-25 15:06 - 00417792 _____ () C:\Windows\SysWow64\ac3filter.cpl
2016-10-27 12:35 - 2016-10-27 12:35 - 22825144 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 15:41 - 2016-05-03 15:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-07 11:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lubik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Lubik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ubisoft register.lnk => C:\Windows\pss\ubisoft register.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: SafeQ Client => "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{610EAE37-0556-4283-A89B-5BCECDB892AA}] => C:\Program Files\Sins of a Solar Empire\Sins of a Solar Empire.exe
FirewallRules: [{DC58280D-F83A-440E-8186-9632B3F52348}] => C:\Program Files\Sins of a Solar Empire\Sins of a Solar Empire.exe
FirewallRules: [TCP Query User{88DB9ECB-6245-418F-B17F-6133DCEC55AE}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{CCED5A45-1B5A-4205-B058-499B92E87F30}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{BB1B4385-B8A4-4BCB-80C6-DAC6F2A5CFC2}C:\users\lubik\appdata\local\akamai\netsession_win.exe] => C:\users\lubik\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7C8DB0CE-7410-4EE7-ABFC-24BA9E8AE94E}C:\users\lubik\appdata\local\akamai\netsession_win.exe] => C:\users\lubik\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5CDF57AD-C48C-4A9F-9DAE-7AB9DFF59AE3}C:\users\lubik\appdata\local\akamai\netsession_win.exe] => C:\users\lubik\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{269C6F32-2DE5-43FC-922A-FF27D7FAECA1}C:\users\lubik\appdata\local\akamai\netsession_win.exe] => C:\users\lubik\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2B992B87-91A1-4A4A-8D87-AC1D84EF2EFF}] => LPort=50248
FirewallRules: [{BCB40478-2134-4A5E-A75C-07D1892D2154}] => C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{1640B14A-0C03-4033-BFD7-60B50D64431F}] => C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{26170275-1B7B-4807-B68F-C7E85C2127D5}] => C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{AFFEE748-E17A-46AF-934D-A02156EE9D57}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{9A52CC74-DEFB-47C6-B0E3-A16EF21E69C9}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{D0D91AF1-781A-481E-BECF-601EDF94ED5D}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9EC5F899-500E-4596-AB6D-BDF387901717}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C3BF0360-BDAD-4BC5-B6A6-F9BAA6B4B829}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{47F2878C-65BB-46D2-855A-11BD7B5D59EB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0846537B-453B-4750-B68A-633F8218CE66}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6648D51C-F567-4830-9065-058268A90B84}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{55CA1E28-6C4F-47EC-80C8-829719D4D1A7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{83C658E7-B76F-4E3C-B290-73F3FB93F2BC}C:\program files (x86)\warthunder\win64\aces.exe] => C:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{766D4C47-F0B5-4B88-86D6-88B46188D0CB}C:\program files (x86)\warthunder\win64\aces.exe] => C:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{11B40D7B-AE72-44B6-9337-AACFDB35C8AC}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6DF7CD89-2E3D-4CC5-8722-4EF46E5C52C5}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1D785CD2-CEDB-4D92-9863-E6B72E3B6A54}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{161704E7-E81A-4D3A-9810-C010A9B09312}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E3C83D4E-C789-460A-BA3A-263354EF9307}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{05AAE2D3-79EF-46E4-B29C-E49B4F6D6585}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{772CCD4F-82FF-4119-B88B-735703BC78F7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{564A4BD4-13B7-4B71-8DC6-C28C1F76F91E}] => C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{8F4D64A2-D81F-4687-890B-49C806C9FA5A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{01933096-AFD5-48B2-A8D4-80894D09273A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{B47DE60B-4DDE-49F6-ADCA-C6FF32966A37}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0FA31F2D-EC36-48BE-8B68-E2C1CA2316AE}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{8A34A67C-3909-490E-88F3-B36BA88E80E7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{60B14F0E-E97E-4EA1-8723-AED0FB2F468A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{023DA082-EFB7-43AD-BB85-941F0065EEDA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{9FEC5A4B-54B0-48DE-8A87-64EC0E94523D}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{914BA4E1-579F-43B6-B915-465D8488AF85}] => C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{2892D815-7F08-494A-8E70-62A8EA2B8C4D}C:\users\lubik\appdata\roaming\utorrent\utorrent.exe] => C:\users\lubik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AB8B1967-F453-45CE-8638-2D4687A22B39}C:\users\lubik\appdata\roaming\utorrent\utorrent.exe] => C:\users\lubik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B0000174-0396-4400-B56C-0FC6FBE4409F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E36C633-FE2B-484B-B3F3-4B9666B3AB15}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9FC7576A-3A45-4528-B707-2164D7436F18}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

04-12-2016 14:17:11 Windows Update
04-12-2016 14:48:58 Windows Update
05-12-2016 00:50:58 Windows Update
06-12-2016 19:19:14 Windows Update
06-12-2016 19:45:53 Windows Update
06-12-2016 21:14:07 Windows Update
06-12-2016 21:36:57 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/08/2016 02:34:14 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/08/2016 02:33:57 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/08/2016 09:49:13 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/08/2016 09:48:52 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/07/2016 08:18:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/07/2016 08:18:09 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/07/2016 08:15:35 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/07/2016 08:14:58 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lubik-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Lubik\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (12/07/2016 08:10:48 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (StartServiceCtrlDispatcher failed [1063]).

Error: (12/06/2016 09:37:33 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: NT AUTHORITY)
Description: HRESULT:0x80070653
Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x80070653. (null)


System errors:
=============
Error: (12/08/2016 09:47:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MATLAB License Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2016 11:34:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MATLAB License Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2016 11:33:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Server byla ukončena s následující chybou:
Pro dokončení operace není dostatečný prostor.

Error: (12/07/2016 11:33:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Pro dokončení operace není dostatečný prostor.

Error: (12/07/2016 11:28:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/07/2016 11:28:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Support Solutions Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2016 11:28:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/07/2016 11:28:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/07/2016 11:28:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2016 11:28:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Úložná technologie Intel(R) Rapid byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-12-07 11:39:13.985
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-07 11:39:13.938
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:14:45.857
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:14:45.826
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:14:44.047
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:14:44.001
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:09:45.620
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:09:45.589
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:09:43.826
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2010-12-22 11:09:43.795
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 76%
Total physical RAM: 4087.42 MB
Available physical RAM: 968.71 MB
Total Virtual: 8173.03 MB
Available Virtual: 4281.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:573.99 GB) NTFS
Drive e: (Elements) (Fixed) (Total:1862.98 GB) (Free:1252.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CF08EA62)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 2C091C4E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#8 Příspěvek od Rudy »

Toto je pouze Addition. Prosil bych log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#9 Příspěvek od lubik7 »

Pardon a díky za trpělivost.

kScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Lubik (administrator) on LUBIK-PC (08-12-2016 20:54:04)
Running from C:\Users\Lubik\Desktop
Loaded Profiles: Lubik (Available Profiles: Lubik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Farbar) C:\Users\Lubik\Desktop\FRST64(1).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-24] (Google Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-10-16]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0D38B642-1403-417A-8648-EA957A8366E4}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> DefaultScope {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {8119E34B-CBB4-4557-AC50-7632F0D5F657} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... 1I7ADFA_cs
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 [2016-12-08]
FF Homepage: Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 -> hxxp://www.seznam.cz/
FF Extension: (Diagnostics for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\abpwatcher@adblockplus.org.xpi [2016-05-11]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\elemhidehelper@adblockplus.org.xpi [2016-11-01]
FF Extension: (Firefox Hotfix) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-12-07]
FF Extension: (Adblock Plus Filter Uploader) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\uploader@adblockfilters.mozdev.org.xpi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF Extension: (Adblock Edge) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-05-11] [not signed]
FF HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @cabri.com/CabriIIPlus -> C:\Program Files (x86)\Cabri\Cabri II Plus Plug-in 1.4\npCabriIIPlus.dll [2011-09-23] (Cabrilog)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Prezentace Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-15]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-15]
CHR Extension: (Tabulky Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-04-15]
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-07]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Kalendář Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (\) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\picpigdgdkaekefkpcaenndmjhibibnk [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-02] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MATLAB License Server; C:\Program Files\MATLAB\R2012b\etc\win64\lmgrd.exe [1775440 2012-07-20] (Flexera Software, Inc.)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U0 esutfc; C:\Windows\System32\drivers\pdtiiu.sys [79064 2016-12-08] (Malwarebytes)
S3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25088 2009-06-27] ()
S3 gMouUsb16; C:\Windows\System32\DRIVERS\gMouUsb16.sys [11776 2009-06-25] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1999-09-14] () [File not signed]
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-08 20:50 - 2016-12-08 20:50 - 00000000 ____D C:\Users\Lubik\Desktop\logy viry.cz
2016-12-08 19:49 - 2016-12-08 19:49 - 00021620 ____C C:\Users\Lubik\Downloads\Vikings.S04E12.HDTV.XviD-AFG.srt
2016-12-08 19:09 - 2016-12-08 20:54 - 00026202 _____ C:\Users\Lubik\Desktop\FRST.txt
2016-12-08 19:04 - 2016-12-08 19:03 - 02420224 ____C (Farbar) C:\Users\Lubik\Desktop\FRST64(1).exe
2016-12-08 18:48 - 2016-12-08 19:09 - 408939776 ____C C:\Users\Lubik\Downloads\Vikings.S04E12.HDTV.XviD-AFG.avi
2016-12-08 16:25 - 2016-12-08 16:25 - 00079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\pdtiiu.sys
2016-12-07 23:25 - 2016-12-07 23:25 - 03968464 ____C C:\Users\Lubik\Desktop\adwcleaner_6.040.exe
2016-12-07 22:22 - 2016-12-07 22:22 - 00022223 ____C C:\Users\Lubik\Downloads\Star.Wars.Rebels.S03E09.An.Inside.Man.720p.DSNY.WEBRip.AAC2.0.x264-TVSmash.srt
2016-12-07 21:45 - 2016-12-07 22:16 - 564816434 ____C C:\Users\Lubik\Downloads\Star.Wars.Rebels.S03E09.An.Inside.Man.720p.DSNY.WEBRip.AAC2.0.x264-TVSmash.mkv
2016-12-07 20:23 - 2016-12-07 20:24 - 00051651 _____ C:\Users\Lubik\Downloads\Addition.txt
2016-12-07 20:21 - 2016-12-07 20:24 - 00069872 _____ C:\Users\Lubik\Downloads\FRST.txt
2016-12-07 20:20 - 2016-12-07 20:20 - 02420224 _____ (Farbar) C:\Users\Lubik\Downloads\FRST64.exe
2016-12-07 13:46 - 2016-12-07 13:46 - 00026184 ____C C:\ComboFix.txt
2016-12-07 12:34 - 2016-12-07 12:35 - 00000000 ____D C:\Users\Lubik\Desktop\Nová složka
2016-12-07 11:31 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-07 11:31 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-07 11:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-07 11:29 - 2016-12-07 13:47 - 00000000 ___DC C:\Qoobox
2016-12-07 11:28 - 2016-12-07 11:50 - 00000000 ____D C:\Windows\erdnt
2016-12-07 11:10 - 2016-12-07 11:10 - 00262144 _____ C:\Windows\system32\config\elam
2016-12-07 11:01 - 2016-12-07 11:01 - 00499322 _____ C:\Users\Lubik\Documents\cc_20161207_110057.reg
2016-12-07 10:33 - 2016-12-07 10:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-07 10:33 - 2016-12-07 10:33 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\Program Files\CCleaner
2016-12-07 10:32 - 2016-12-07 10:32 - 08576448 _____ (Piriform Ltd) C:\Users\Lubik\Downloads\ccsetup524.exe
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{A8F0822D-79B9-4AED-9CBB-1A3986CF58BD}
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{465FACE1-154A-46E3-89D0-F9EB4F3AFD7A}
2016-12-07 08:35 - 2016-12-07 08:35 - 30659457 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3172605-x64.msu
2016-12-07 08:35 - 2016-12-07 08:35 - 09542472 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3177467-x64.msu
2016-12-06 20:51 - 2016-12-06 20:51 - 00000000 ____D C:\Users\Lubik\Desktop\proces explorer
2016-12-06 19:30 - 2016-12-06 19:33 - 00000000 ____D C:\Users\Lubik\Documents\SNAŽÍM SE VYŘEŠIT VYTÍŽENÍ CPU
2016-12-05 22:18 - 2016-12-06 01:07 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-12-05 21:06 - 2016-12-05 21:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\Zemana
2016-12-05 20:44 - 2016-12-05 21:54 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-04 20:48 - 2016-12-04 20:48 - 00050738 _____ C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.srt
2016-12-04 14:55 - 2016-12-07 20:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-04 14:49 - 2016-12-07 20:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-04 14:45 - 2016-12-04 14:45 - 01777624 ____C (Kaspersky Lab) C:\Users\Lubik\Downloads\kav15.0.2.361abccs_8416.exe
2016-12-04 11:45 - 2016-12-08 19:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-04 11:45 - 2016-12-04 11:45 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-04 11:45 - 2016-12-04 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-04 11:45 - 2016-12-04 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-04 11:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-04 11:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-04 11:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-02 22:22 - 2016-12-02 22:22 - 00023597 ____C C:\Users\Lubik\Downloads\Vikings.S04E11.HDTV.x264-KILLERS.srt
2016-12-02 21:41 - 2016-12-02 22:06 - 458668480 ____C C:\Users\Lubik\Downloads\The-Flash-S03E07-české-titulky-novinka.avi
2016-12-02 19:34 - 2016-12-02 19:55 - 385016124 ____C C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.avi
2016-11-30 21:34 - 2016-11-30 21:38 - 00000000 ____D C:\Users\Lubik\Documents\výpisy
2016-11-28 10:20 - 2016-11-28 10:20 - 00193513 ____C C:\Users\Lubik\Downloads\document(5).pdf
2016-11-28 10:19 - 2016-11-28 10:19 - 00076485 ____C C:\Users\Lubik\Downloads\document(4).pdf
2016-11-28 09:57 - 2016-11-28 09:57 - 00373829 ____C C:\Users\Lubik\Downloads\document(3).pdf
2016-11-25 20:15 - 2016-11-25 20:15 - 00358557 ____C C:\Users\Lubik\Downloads\document(2).pdf
2016-11-25 20:02 - 2016-11-25 06:20 - 02119855 _____ C:\Users\Lubik\Desktop\CSAT-MP-6-2016_penzijnípřipojištění.pdf
2016-11-23 13:18 - 2016-11-23 13:18 - 00297672 ____C C:\Users\Lubik\Downloads\Prihlaska-na-zkousku(2).pdf
2016-11-20 15:34 - 2016-12-08 16:09 - 00000000 ____D C:\Users\Lubik\AppData\LocalLow\Mozilla
2016-11-19 17:04 - 2016-12-04 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-17 20:01 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-17 20:01 - 2016-10-11 16:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-17 20:01 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-17 20:01 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-17 20:01 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-17 20:01 - 2016-10-11 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-17 20:01 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-17 20:01 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-17 20:01 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-17 20:01 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-09 11:23 - 2016-11-09 11:24 - 00000000 ____D C:\Users\Lubik\Documents\Angličitna
2016-11-08 20:30 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-08 20:30 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-08 20:30 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-08 20:30 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-08 20:30 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-08 20:30 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-08 20:30 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-08 20:30 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-08 20:30 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-08 20:30 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-08 20:30 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-08 20:30 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-08 20:30 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-08 20:30 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-08 20:30 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-08 20:30 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-08 20:30 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-08 20:30 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-08 20:30 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-08 20:30 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-08 20:30 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-08 20:30 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-08 20:30 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-08 20:30 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-08 20:30 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-08 20:30 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-08 20:30 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-08 20:30 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-08 20:30 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-08 20:30 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-08 20:30 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-08 20:30 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-08 20:30 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-08 20:30 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-08 20:30 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-08 20:30 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-08 20:30 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-08 20:30 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-08 20:30 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-08 20:30 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-08 20:30 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-08 20:30 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-08 20:30 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-08 20:30 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-08 20:30 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-08 20:30 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-08 20:30 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-08 20:30 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-08 20:30 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-08 20:30 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-08 20:30 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-08 20:30 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-08 20:30 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-08 20:30 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-08 20:30 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-08 20:30 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-08 20:30 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-08 20:30 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-08 20:30 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-08 20:30 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-08 20:30 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-08 20:30 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-08 20:30 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-08 20:30 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-08 20:30 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-08 20:30 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-08 20:30 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-08 20:30 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-08 20:30 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-08 20:30 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-08 20:30 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-08 20:30 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-08 20:30 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-08 20:30 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-08 20:30 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-08 20:30 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-08 20:30 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-08 20:30 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-08 20:30 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-08 20:30 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-08 20:30 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-08 20:30 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-08 20:30 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-08 20:30 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-08 20:30 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-08 20:30 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-08 20:30 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-08 20:30 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-08 20:30 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-08 20:30 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-08 20:54 - 2014-01-01 11:37 - 00000000 ____D C:\FRST
2016-12-08 20:43 - 2015-04-19 11:51 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\vlc
2016-12-08 20:10 - 2013-10-27 16:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-08 20:00 - 2010-12-24 22:59 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 19:29 - 2012-12-08 11:05 - 00000000 ____D C:\Users\Lubik\AppData\Local\Akamai
2016-12-08 13:04 - 2013-04-03 09:26 - 00000546 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2016-12-08 09:55 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-08 09:55 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-08 09:46 - 2010-12-22 11:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-08 09:46 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-07 23:30 - 2014-01-04 09:39 - 00000000 ____D C:\AdwCleaner
2016-12-07 23:30 - 2011-01-18 21:08 - 00000000 ____D C:\ProgramData\ICQ
2016-12-07 20:24 - 2014-10-16 14:36 - 00002322 _____ C:\Windows\Sandboxie.ini
2016-12-07 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-07 13:35 - 2009-07-14 03:34 - 00000215 ____C C:\Windows\system.ini
2016-12-07 12:34 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik\AppData\Local\VirtualStore
2016-12-07 11:39 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-12-07 11:18 - 2010-12-22 10:52 - 00161192 _____ C:\Users\Lubik\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-07 11:16 - 2009-07-14 05:45 - 00524480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-07 10:57 - 2016-03-17 11:09 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\Media Player Classic
2016-12-07 10:57 - 2016-03-13 19:23 - 00000000 ____D C:\Users\Lubik\AppData\Local\CrashDumps
2016-12-07 10:57 - 2012-10-02 20:36 - 00000000 ____D C:\Windows\Minidump
2016-12-07 10:57 - 2010-12-22 09:58 - 00000000 ____D C:\Windows\Panther
2016-12-07 10:29 - 2010-12-24 23:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\ElevatedDiagnostics
2016-12-06 21:37 - 2010-12-22 11:21 - 00002120 _____ C:\Windows\epplauncher.mif
2016-12-06 20:30 - 2009-07-14 06:08 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-06 19:38 - 2010-12-24 22:59 - 00000000 ____D C:\Users\Lubik\AppData\Local\Google
2016-12-06 04:34 - 2009-07-14 16:18 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-06 04:34 - 2009-07-14 16:18 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-06 04:34 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-04 17:54 - 2016-10-17 11:13 - 00000000 ____D C:\Users\Lubik\Documents\Průkaz leteckého mechanika B1
2016-12-04 17:53 - 2016-10-11 13:25 - 00000000 ____D C:\Users\Lubik\Documents\PRÁCE - čsa technics
2016-12-04 14:52 - 2014-01-01 20:53 - 00000000 ____D C:\Users\hedev
2016-12-04 14:36 - 2016-10-17 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-03 20:57 - 2014-12-24 13:02 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-11-30 21:39 - 2012-03-09 18:08 - 00000000 ____D C:\Users\Lubik\Documents\E-KNIHY
2016-11-30 21:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-11-30 20:22 - 2016-06-25 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-30 20:22 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik
2016-11-30 20:21 - 2014-10-16 19:49 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-30 20:21 - 2011-11-12 09:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-30 20:21 - 2010-12-24 23:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-30 20:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-29 20:48 - 2011-02-12 18:04 - 00000000 ____D C:\Users\Lubik\AppData\Local\Adobe
2016-11-29 10:02 - 2016-06-22 13:22 - 00000000 ____D C:\Users\Lubik\Desktop\kupní smlouvy
2016-11-18 11:02 - 2014-07-22 19:21 - 00006144 _____ C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-17 20:08 - 2010-12-22 11:20 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-15 09:01 - 2014-10-16 19:37 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-15 09:01 - 2014-10-16 19:37 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-09 21:10 - 2013-10-27 16:58 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-09 21:10 - 2012-03-31 09:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-09 21:10 - 2011-05-15 07:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 20:50 - 2013-08-15 23:21 - 00000000 ____D C:\Windows\system32\MRT
2016-11-08 20:44 - 2010-12-23 09:25 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-02-14 18:48 - 2011-02-14 18:48 - 0000048 _____ () C:\Users\Lubik\AppData\Roaming\mainhst.zgh
2015-10-02 22:19 - 2015-10-02 22:19 - 0000079 _____ () C:\Users\Lubik\AppData\Roaming\mbam.context.scan
2014-07-22 19:21 - 2016-11-18 11:02 - 0006144 _____ () C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-21 22:15 - 2015-05-14 17:39 - 0007611 _____ () C:\Users\Lubik\AppData\Local\Resmon.ResmonCfg
2015-03-14 01:28 - 2015-03-14 01:28 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{46DE577D-E827-4FC5-BD15-F7E5E1A29014}
2011-07-13 19:53 - 2011-07-13 19:53 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{A7BF902A-7021-4C6D-8129-8F7E2E5FB452}
2015-05-28 10:14 - 2015-05-28 10:15 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{F4454D36-3EF5-4387-A867-CAE550BB7E2D}
2016-05-14 19:30 - 2016-05-14 19:30 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{FD264A44-BE4E-43F0-B18C-FBE7864C83FD}
2010-12-30 16:09 - 2016-05-11 14:13 - 0004128 _____ () C:\ProgramData\hpzinstall.log
2012-12-08 11:37 - 2012-12-08 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-09-24 17:43 - 2012-09-30 13:44 - 0000771 _____ () C:\ProgramData\NCIDebug.log

Some files in TEMP:
====================
C:\Users\Lubik\AppData\Local\Temp\libeay32.dll
C:\Users\Lubik\AppData\Local\Temp\msvcr120.dll
C:\Users\Lubik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-11 10:25

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Users\Lubik\AppData\Local\Akamai
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-24] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Lubik\AppData\Local\Akamai
C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Lubik\AppData\Local\Temp
Task: {1FCA438F-B140-404E-B125-C3C904AE357F} - System32\Tasks\{7FE5CEFA-9656-4E38-9A96-A7C673FA4CA4} => pcalua.exe -a C:\Users\Lubik\Documents\NCsoftLauncherSetup.exe -d C:\Users\Lubik\Desktop
Task: {23CD578E-6505-4C69-B2B1-7254EE8C296A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3B34455E-6159-48B0-BC1A-BCF41CCDA042} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {707FC37C-808C-4E21-9365-C7DB8E54C50A} - System32\Tasks\{CFDFF321-8C59-4B81-B806-FBAAB0F25168} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_APGuitarSetup.zip\APGuitarSetup.exe <==== ATTENTION
Task: {99401165-E7B3-4DD8-B083-636E13F84610} - System32\Tasks\{7C46948B-323E-4406-9DEA-55F3D96A8B48} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\ubi7DB0.tmp.exe -d "C:\Program Files (x86)\Ubisoft\Assassin's Creed" <==== ATTENTION
Task: {9C96E773-2F64-4417-AD0D-A5929A19C691} - System32\Tasks\{6ADEC289-495E-4D66-8B95-15EA7FAAA209} => pcalua.exe -a "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed"
Task: {B6AD0ABA-02CB-40A6-BFEF-600116467804} - System32\Tasks\{C67061F9-1767-4140-9849-0F87A76D31B2} => pcalua.exe -a "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed\autorun.exe" -d "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed"
Task: {B7178609-852F-4810-B7C0-7DCD14F73EB2} - System32\Tasks\{53855BF3-2CD1-4D15-9264-B1D209ADF0F3} => pcalua.exe -a "C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe"
Task: {BD22D2D8-9402-44E8-BF77-5771A87B18D5} - System32\Tasks\{F81A66D8-D40E-41C0-A170-CF6299D340F6} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_matlab_R2012b_win64.zip\win64\matlab_R2012b_win64_installer.exe <==== ATTENTION
Task: {E41CDEC8-1E86-4B1D-9820-0F0526C8CABC} - System32\Tasks\{406E83DF-8E35-44AA-B3EB-465F76DFD2CA} => pcalua.exe -a C:\Users\Lubik\Downloads\dgt230.exe -d C:\Users\Lubik\Downloads
Task: {EF8D7AA3-E505-4549-916E-7008F4D3E577} - System32\Tasks\{45832887-DE73-4718-9B8D-BB73D1DEDA26} => pcalua.exe -a C:\Users\Lubik\Documents\pcad2009smarteng.exe -d C:\Users\Lubik\Documents
Task: {F1158F9C-78D9-4373-9DEF-161B4272057F} - System32\Tasks\{7BA856B3-F7A2-4E97-A119-F04CEE6F8E9E} => pcalua.exe -a "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed" <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#11 Příspěvek od lubik7 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Lubik (08-12-2016 21:33:11) Run:1
Running from C:\Users\Lubik\Desktop
Loaded Profiles: Lubik (Available Profiles: Lubik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Lubik\AppData\Local\Akamai
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-24] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lubik\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Lubik\AppData\Local\Akamai
C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Lubik\AppData\Local\Temp
Task: {1FCA438F-B140-404E-B125-C3C904AE357F} - System32\Tasks\{7FE5CEFA-9656-4E38-9A96-A7C673FA4CA4} => pcalua.exe -a C:\Users\Lubik\Documents\NCsoftLauncherSetup.exe -d C:\Users\Lubik\Desktop
Task: {23CD578E-6505-4C69-B2B1-7254EE8C296A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3B34455E-6159-48B0-BC1A-BCF41CCDA042} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {707FC37C-808C-4E21-9365-C7DB8E54C50A} - System32\Tasks\{CFDFF321-8C59-4B81-B806-FBAAB0F25168} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_APGuitarSetup.zip\APGuitarSetup.exe <==== ATTENTION
Task: {99401165-E7B3-4DD8-B083-636E13F84610} - System32\Tasks\{7C46948B-323E-4406-9DEA-55F3D96A8B48} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\ubi7DB0.tmp.exe -d "C:\Program Files (x86)\Ubisoft\Assassin's Creed" <==== ATTENTION
Task: {9C96E773-2F64-4417-AD0D-A5929A19C691} - System32\Tasks\{6ADEC289-495E-4D66-8B95-15EA7FAAA209} => pcalua.exe -a "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\Documents\assasin creed\creed\Assassin's Creed"
Task: {B6AD0ABA-02CB-40A6-BFEF-600116467804} - System32\Tasks\{C67061F9-1767-4140-9849-0F87A76D31B2} => pcalua.exe -a "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed\autorun.exe" -d "C:\Users\Lubik\Desktop\Nová složka\Assassin's Creed"
Task: {B7178609-852F-4810-B7C0-7DCD14F73EB2} - System32\Tasks\{53855BF3-2CD1-4D15-9264-B1D209ADF0F3} => pcalua.exe -a "C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe"
Task: {BD22D2D8-9402-44E8-BF77-5771A87B18D5} - System32\Tasks\{F81A66D8-D40E-41C0-A170-CF6299D340F6} => pcalua.exe -a C:\Users\Lubik\AppData\Local\Temp\Temp1_matlab_R2012b_win64.zip\win64\matlab_R2012b_win64_installer.exe <==== ATTENTION
Task: {E41CDEC8-1E86-4B1D-9820-0F0526C8CABC} - System32\Tasks\{406E83DF-8E35-44AA-B3EB-465F76DFD2CA} => pcalua.exe -a C:\Users\Lubik\Downloads\dgt230.exe -d C:\Users\Lubik\Downloads
Task: {EF8D7AA3-E505-4549-916E-7008F4D3E577} - System32\Tasks\{45832887-DE73-4718-9B8D-BB73D1DEDA26} => pcalua.exe -a C:\Users\Lubik\Documents\pcad2009smarteng.exe -d C:\Users\Lubik\Documents
Task: {F1158F9C-78D9-4373-9DEF-161B4272057F} - System32\Tasks\{7BA856B3-F7A2-4E97-A119-F04CEE6F8E9E} => pcalua.exe -a "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed\setup.exe" -d "C:\Users\Lubik\AppData\Local\Temp\Rar$EX00.319\Assassin's Creed" <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]

EmptyTemp:
End
*****************


"C:\Users\Lubik\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Lubik\AppData\Local\Akamai" => Scheduled to move on reboot.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
C:\Program Files (x86)\Google\GoogleToolbarNotifier => moved successfully
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => value removed successfully
"HKU\S-1-5-21-2970943431-2344779201-316442953-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

"C:\Users\Lubik\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Lubik\AppData\Local\Akamai" => Scheduled to move on reboot.

C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Lubik\AppData\Local\Temp" folder move:

Could not move "C:\Users\Lubik\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FCA438F-B140-404E-B125-C3C904AE357F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FCA438F-B140-404E-B125-C3C904AE357F}" => key removed successfully
C:\Windows\System32\Tasks\{7FE5CEFA-9656-4E38-9A96-A7C673FA4CA4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7FE5CEFA-9656-4E38-9A96-A7C673FA4CA4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23CD578E-6505-4C69-B2B1-7254EE8C296A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23CD578E-6505-4C69-B2B1-7254EE8C296A}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B34455E-6159-48B0-BC1A-BCF41CCDA042}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B34455E-6159-48B0-BC1A-BCF41CCDA042}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{707FC37C-808C-4E21-9365-C7DB8E54C50A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{707FC37C-808C-4E21-9365-C7DB8E54C50A}" => key removed successfully
C:\Windows\System32\Tasks\{CFDFF321-8C59-4B81-B806-FBAAB0F25168} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CFDFF321-8C59-4B81-B806-FBAAB0F25168}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99401165-E7B3-4DD8-B083-636E13F84610}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99401165-E7B3-4DD8-B083-636E13F84610}" => key removed successfully
C:\Windows\System32\Tasks\{7C46948B-323E-4406-9DEA-55F3D96A8B48} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7C46948B-323E-4406-9DEA-55F3D96A8B48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C96E773-2F64-4417-AD0D-A5929A19C691}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C96E773-2F64-4417-AD0D-A5929A19C691}" => key removed successfully
C:\Windows\System32\Tasks\{6ADEC289-495E-4D66-8B95-15EA7FAAA209} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6ADEC289-495E-4D66-8B95-15EA7FAAA209}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6AD0ABA-02CB-40A6-BFEF-600116467804}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6AD0ABA-02CB-40A6-BFEF-600116467804}" => key removed successfully
C:\Windows\System32\Tasks\{C67061F9-1767-4140-9849-0F87A76D31B2} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C67061F9-1767-4140-9849-0F87A76D31B2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7178609-852F-4810-B7C0-7DCD14F73EB2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7178609-852F-4810-B7C0-7DCD14F73EB2}" => key removed successfully
C:\Windows\System32\Tasks\{53855BF3-2CD1-4D15-9264-B1D209ADF0F3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{53855BF3-2CD1-4D15-9264-B1D209ADF0F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD22D2D8-9402-44E8-BF77-5771A87B18D5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD22D2D8-9402-44E8-BF77-5771A87B18D5}" => key removed successfully
C:\Windows\System32\Tasks\{F81A66D8-D40E-41C0-A170-CF6299D340F6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F81A66D8-D40E-41C0-A170-CF6299D340F6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E41CDEC8-1E86-4B1D-9820-0F0526C8CABC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E41CDEC8-1E86-4B1D-9820-0F0526C8CABC}" => key removed successfully
C:\Windows\System32\Tasks\{406E83DF-8E35-44AA-B3EB-465F76DFD2CA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{406E83DF-8E35-44AA-B3EB-465F76DFD2CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF8D7AA3-E505-4549-916E-7008F4D3E577}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF8D7AA3-E505-4549-916E-7008F4D3E577}" => key removed successfully
C:\Windows\System32\Tasks\{45832887-DE73-4718-9B8D-BB73D1DEDA26} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{45832887-DE73-4718-9B8D-BB73D1DEDA26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1158F9C-78D9-4373-9DEF-161B4272057F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1158F9C-78D9-4373-9DEF-161B4272057F}" => key removed successfully
C:\Windows\System32\Tasks\{7BA856B3-F7A2-4E97-A119-F04CEE6F8E9E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7BA856B3-F7A2-4E97-A119-F04CEE6F8E9E}" => key removed successfully
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6863631 B
Java, Flash, Steam htmlcache => 998 B
Windows/system/drivers => 140981 B
Edge => 0 B
Chrome => 7499880 B
Firefox => 382979342 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 111271 B
systemprofile32 => 31748827 B
LocalService => 132244 B
NetworkService => 43976908 B
Lubik => 32250246 B
UpdatusUser => 0 B

RecycleBin => 123463 B
EmptyTemp: => 490.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-12-2016 21:37:50)

C:\Users\Lubik\AppData\Local\Akamai => Is moved successfully
C:\Users\Lubik\AppData\Local\Akamai => Is moved successfully
C:\Users\Lubik\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:37:51 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#12 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#13 Příspěvek od lubik7 »

Dobrý den, drobná změna nastala, jeden ze 2 těch největších svchost.exe procesů se zmenšil na 20 000kB druhý má stále min. 78 000 kB a RAM spadly z 85 % na nějakých 60%.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: svchost.exe

#14 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubik7
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 07 pro 2016 12:57

Re: svchost.exe

#15 Příspěvek od lubik7 »

Malwarebytes nic nenašel, log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Lubik (administrator) on LUBIK-PC (09-12-2016 21:45:14)
Running from C:\Users\Lubik\Desktop
Loaded Profiles: Lubik (Available Profiles: Lubik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(NVIDIA Corporation) C:\Users\Lubik\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Lubik\Desktop\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-10-16]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0D38B642-1403-417A-8648-EA957A8366E4}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2970943431-2344779201-316442953-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> DefaultScope {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {8119E34B-CBB4-4557-AC50-7632F0D5F657} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... 1I7ADFA_cs
SearchScopes: HKU\S-1-5-21-2970943431-2344779201-316442953-1000 -> {BC0D1F80-163B-4043-BED3-94793552CE0D} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ411
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 [2016-12-09]
FF Homepage: Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956 -> hxxp://www.seznam.cz/
FF Extension: (Diagnostics for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\abpwatcher@adblockplus.org.xpi [2016-05-11]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\elemhidehelper@adblockplus.org.xpi [2016-11-01]
FF Extension: (Firefox Hotfix) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-12-07]
FF Extension: (Adblock Plus Filter Uploader) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\uploader@adblockfilters.mozdev.org.xpi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF Extension: (Adblock Edge) - C:\Users\Lubik\AppData\Roaming\Mozilla\Firefox\Profiles\7v7pzs7h.default-1445004368956\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-05-11] [not signed]
FF HKU\S-1-5-21-2970943431-2344779201-316442953-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @cabri.com/CabriIIPlus -> C:\Program Files (x86)\Cabri\Cabri II Plus Plug-in 1.4\npCabriIIPlus.dll [2011-09-23] (Cabrilog)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Prezentace Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-15]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-15]
CHR Extension: (Tabulky Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-04-15]
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-08]
CHR Profile: C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-08]
CHR Extension: (Prezentace Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-08]
CHR Extension: (Disk Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-08]
CHR Extension: (YouTube) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-08]
CHR Extension: (Tabulky Google) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-08]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-12-08]
CHR Extension: (Gmail) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\Lubik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-02] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MATLAB License Server; C:\Program Files\MATLAB\R2012b\etc\win64\lmgrd.exe [1775440 2012-07-20] (Flexera Software, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2016-11-29] ()
S3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25088 2009-06-27] ()
S3 gMouUsb16; C:\Windows\System32\DRIVERS\gMouUsb16.sys [11776 2009-06-25] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-13] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-09] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1999-09-14] () [File not signed]
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 MBAMProtector; \??\C:\Windows\system32\drivers\ [X]
S3 MWAC; \??\C:\Windows\system32\drivers\ [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 21:13 - 2016-12-09 21:13 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-09 21:12 - 2016-12-09 21:18 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-09 21:12 - 2016-12-09 21:17 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-09 21:12 - 2016-12-09 21:17 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-09 21:12 - 2016-12-09 21:12 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-09 21:12 - 2016-12-09 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-09 21:12 - 2016-12-09 21:12 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-09 21:12 - 2016-11-29 06:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-09 21:10 - 2016-12-09 21:11 - 51969976 ____C (Malwarebytes ) C:\Users\Lubik\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-09 20:55 - 2016-12-09 20:55 - 00003584 _____ C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-08 21:33 - 2016-12-08 21:37 - 00015775 _____ C:\Users\Lubik\Desktop\Fixlog.txt
2016-12-08 20:54 - 2016-12-08 21:32 - 00050859 _____ C:\Users\Lubik\Desktop\Addition.txt
2016-12-08 20:50 - 2016-12-08 20:50 - 00000000 ____D C:\Users\Lubik\Desktop\logy viry.cz
2016-12-08 19:49 - 2016-12-08 19:49 - 00021620 ____C C:\Users\Lubik\Downloads\Vikings.S04E12.HDTV.XviD-AFG.srt
2016-12-08 19:09 - 2016-12-09 21:49 - 00023868 _____ C:\Users\Lubik\Desktop\FRST.txt
2016-12-08 19:04 - 2016-12-08 19:03 - 02420224 ____C (Farbar) C:\Users\Lubik\Desktop\FRST64(1).exe
2016-12-08 18:48 - 2016-12-08 19:09 - 408939776 ____C C:\Users\Lubik\Downloads\Vikings.S04E12.HDTV.XviD-AFG.avi
2016-12-07 23:25 - 2016-12-07 23:25 - 03968464 ____C C:\Users\Lubik\Desktop\adwcleaner_6.040.exe
2016-12-07 22:22 - 2016-12-07 22:22 - 00022223 ____C C:\Users\Lubik\Downloads\Star.Wars.Rebels.S03E09.An.Inside.Man.720p.DSNY.WEBRip.AAC2.0.x264-TVSmash.srt
2016-12-07 21:45 - 2016-12-07 22:16 - 564816434 ____C C:\Users\Lubik\Downloads\Star.Wars.Rebels.S03E09.An.Inside.Man.720p.DSNY.WEBRip.AAC2.0.x264-TVSmash.mkv
2016-12-07 20:23 - 2016-12-07 20:24 - 00051651 _____ C:\Users\Lubik\Downloads\Addition.txt
2016-12-07 20:21 - 2016-12-07 20:24 - 00069872 _____ C:\Users\Lubik\Downloads\FRST.txt
2016-12-07 20:20 - 2016-12-07 20:20 - 02420224 _____ (Farbar) C:\Users\Lubik\Downloads\FRST64.exe
2016-12-07 13:46 - 2016-12-07 13:46 - 00026184 ____C C:\ComboFix.txt
2016-12-07 12:34 - 2016-12-07 12:35 - 00000000 ____D C:\Users\Lubik\Desktop\Nová složka
2016-12-07 11:31 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-07 11:31 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-07 11:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-07 11:31 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-07 11:29 - 2016-12-07 13:47 - 00000000 ___DC C:\Qoobox
2016-12-07 11:28 - 2016-12-07 11:50 - 00000000 ____D C:\Windows\erdnt
2016-12-07 11:10 - 2016-12-07 11:10 - 00262144 _____ C:\Windows\system32\config\elam
2016-12-07 11:01 - 2016-12-07 11:01 - 00499322 _____ C:\Users\Lubik\Documents\cc_20161207_110057.reg
2016-12-07 10:33 - 2016-12-07 10:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-07 10:33 - 2016-12-07 10:33 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-07 10:33 - 2016-12-07 10:33 - 00000000 ____D C:\Program Files\CCleaner
2016-12-07 10:32 - 2016-12-07 10:32 - 08576448 _____ (Piriform Ltd) C:\Users\Lubik\Downloads\ccsetup524.exe
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{A8F0822D-79B9-4AED-9CBB-1A3986CF58BD}
2016-12-07 10:17 - 2016-12-07 10:17 - 00002974 _____ C:\Windows\System32\Tasks\{465FACE1-154A-46E3-89D0-F9EB4F3AFD7A}
2016-12-07 08:35 - 2016-12-07 08:35 - 30659457 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3172605-x64.msu
2016-12-07 08:35 - 2016-12-07 08:35 - 09542472 _____ C:\Users\Lubik\Downloads\Windows6.1-KB3177467-x64.msu
2016-12-06 20:51 - 2016-12-06 20:51 - 00000000 ____D C:\Users\Lubik\Desktop\proces explorer
2016-12-06 19:30 - 2016-12-06 19:33 - 00000000 ____D C:\Users\Lubik\Documents\SNAŽÍM SE VYŘEŠIT VYTÍŽENÍ CPU
2016-12-05 22:18 - 2016-12-06 01:07 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-12-05 21:06 - 2016-12-05 21:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\Zemana
2016-12-05 20:44 - 2016-12-05 21:54 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-04 20:48 - 2016-12-04 20:48 - 00050738 _____ C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.srt
2016-12-04 14:55 - 2016-12-08 21:35 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-04 14:49 - 2016-12-07 20:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-04 14:45 - 2016-12-04 14:45 - 01777624 ____C (Kaspersky Lab) C:\Users\Lubik\Downloads\kav15.0.2.361abccs_8416.exe
2016-12-04 11:45 - 2016-12-09 21:16 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-02 22:22 - 2016-12-02 22:22 - 00023597 ____C C:\Users\Lubik\Downloads\Vikings.S04E11.HDTV.x264-KILLERS.srt
2016-12-02 21:41 - 2016-12-02 22:06 - 458668480 ____C C:\Users\Lubik\Downloads\The-Flash-S03E07-české-titulky-novinka.avi
2016-12-02 19:34 - 2016-12-02 19:55 - 385016124 ____C C:\Users\Lubik\Downloads\The.Flash.2014.S03E06.HDTV.XviD-AFG.CZ.avi
2016-11-30 21:34 - 2016-11-30 21:38 - 00000000 ____D C:\Users\Lubik\Documents\výpisy
2016-11-28 10:20 - 2016-11-28 10:20 - 00193513 ____C C:\Users\Lubik\Downloads\document(5).pdf
2016-11-28 10:19 - 2016-11-28 10:19 - 00076485 ____C C:\Users\Lubik\Downloads\document(4).pdf
2016-11-28 09:57 - 2016-11-28 09:57 - 00373829 ____C C:\Users\Lubik\Downloads\document(3).pdf
2016-11-25 20:15 - 2016-11-25 20:15 - 00358557 ____C C:\Users\Lubik\Downloads\document(2).pdf
2016-11-25 20:02 - 2016-11-25 06:20 - 02119855 _____ C:\Users\Lubik\Desktop\CSAT-MP-6-2016_penzijnípřipojištění.pdf
2016-11-23 13:18 - 2016-11-23 13:18 - 00297672 ____C C:\Users\Lubik\Downloads\Prihlaska-na-zkousku(2).pdf
2016-11-20 15:34 - 2016-12-08 22:07 - 00000000 ____D C:\Users\Lubik\AppData\LocalLow\Mozilla
2016-11-19 17:04 - 2016-12-04 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-17 20:01 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-17 20:01 - 2016-10-11 16:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-17 20:01 - 2016-10-11 16:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-17 20:01 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-17 20:01 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-17 20:01 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-17 20:01 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-17 20:01 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-17 20:01 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-17 20:01 - 2016-10-11 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-17 20:01 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-17 20:01 - 2016-10-11 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-17 20:01 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-17 20:01 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-17 20:01 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-17 20:01 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-17 20:01 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-17 20:01 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-17 20:01 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-17 20:01 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-09 11:23 - 2016-11-09 11:24 - 00000000 ____D C:\Users\Lubik\Documents\Angličitna

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 21:45 - 2014-01-01 11:37 - 00000000 ____D C:\FRST
2016-12-09 21:31 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-09 21:31 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-09 21:15 - 2013-04-03 09:26 - 00000546 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2016-12-09 21:14 - 2010-12-22 11:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-09 21:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-09 21:12 - 2014-01-04 10:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-09 21:10 - 2013-10-27 16:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-09 20:16 - 2014-10-16 19:37 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-09 20:16 - 2014-10-16 19:37 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-08 22:09 - 2014-01-04 09:39 - 00000000 ____D C:\AdwCleaner
2016-12-08 21:33 - 2013-01-10 17:01 - 00000000 ____D C:\Users\Lubik\AppData\LocalLow\Temp
2016-12-08 21:33 - 2010-12-24 22:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-08 20:43 - 2015-04-19 11:51 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\vlc
2016-12-07 23:30 - 2011-01-18 21:08 - 00000000 ____D C:\ProgramData\ICQ
2016-12-07 20:24 - 2014-10-16 14:36 - 00002322 _____ C:\Windows\Sandboxie.ini
2016-12-07 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-07 13:35 - 2009-07-14 03:34 - 00000215 ____C C:\Windows\system.ini
2016-12-07 12:34 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik\AppData\Local\VirtualStore
2016-12-07 11:39 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-12-07 11:18 - 2010-12-22 10:52 - 00161192 _____ C:\Users\Lubik\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-07 11:16 - 2009-07-14 05:45 - 00524480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-07 10:57 - 2016-03-17 11:09 - 00000000 ____D C:\Users\Lubik\AppData\Roaming\Media Player Classic
2016-12-07 10:57 - 2016-03-13 19:23 - 00000000 ____D C:\Users\Lubik\AppData\Local\CrashDumps
2016-12-07 10:57 - 2012-10-02 20:36 - 00000000 ____D C:\Windows\Minidump
2016-12-07 10:57 - 2010-12-22 09:58 - 00000000 ____D C:\Windows\Panther
2016-12-07 10:29 - 2010-12-24 23:06 - 00000000 ____D C:\Users\Lubik\AppData\Local\ElevatedDiagnostics
2016-12-06 21:37 - 2010-12-22 11:21 - 00002120 _____ C:\Windows\epplauncher.mif
2016-12-06 20:30 - 2009-07-14 06:08 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-06 19:38 - 2010-12-24 22:59 - 00000000 ____D C:\Users\Lubik\AppData\Local\Google
2016-12-06 04:34 - 2009-07-14 16:18 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-06 04:34 - 2009-07-14 16:18 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-06 04:34 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-04 17:54 - 2016-10-17 11:13 - 00000000 ____D C:\Users\Lubik\Documents\Průkaz leteckého mechanika B1
2016-12-04 17:53 - 2016-10-11 13:25 - 00000000 ____D C:\Users\Lubik\Documents\PRÁCE - čsa technics
2016-12-04 14:52 - 2014-01-01 20:53 - 00000000 ____D C:\Users\hedev
2016-12-04 14:36 - 2016-10-17 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-03 20:57 - 2014-12-24 13:02 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-11-30 21:39 - 2012-03-09 18:08 - 00000000 ____D C:\Users\Lubik\Documents\E-KNIHY
2016-11-30 21:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-11-30 20:22 - 2016-06-25 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-30 20:22 - 2010-12-22 10:13 - 00000000 ____D C:\Users\Lubik
2016-11-30 20:21 - 2014-10-16 19:49 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-30 20:21 - 2011-11-12 09:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-30 20:21 - 2010-12-24 23:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-30 20:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-29 20:48 - 2011-02-12 18:04 - 00000000 ____D C:\Users\Lubik\AppData\Local\Adobe
2016-11-29 10:02 - 2016-06-22 13:22 - 00000000 ____D C:\Users\Lubik\Desktop\kupní smlouvy
2016-11-17 20:08 - 2010-12-22 11:20 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-09 21:10 - 2013-10-27 16:58 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-09 21:10 - 2012-03-31 09:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-09 21:10 - 2011-05-15 07:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2011-02-14 18:48 - 2011-02-14 18:48 - 0000048 _____ () C:\Users\Lubik\AppData\Roaming\mainhst.zgh
2015-10-02 22:19 - 2015-10-02 22:19 - 0000079 _____ () C:\Users\Lubik\AppData\Roaming\mbam.context.scan
2016-12-09 20:55 - 2016-12-09 20:55 - 0003584 _____ () C:\Users\Lubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-21 22:15 - 2015-05-14 17:39 - 0007611 _____ () C:\Users\Lubik\AppData\Local\Resmon.ResmonCfg
2015-03-14 01:28 - 2015-03-14 01:28 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{46DE577D-E827-4FC5-BD15-F7E5E1A29014}
2011-07-13 19:53 - 2011-07-13 19:53 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{A7BF902A-7021-4C6D-8129-8F7E2E5FB452}
2015-05-28 10:14 - 2015-05-28 10:15 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{F4454D36-3EF5-4387-A867-CAE550BB7E2D}
2016-05-14 19:30 - 2016-05-14 19:30 - 0000000 _____ () C:\Users\Lubik\AppData\Local\{FD264A44-BE4E-43F0-B18C-FBE7864C83FD}
2010-12-30 16:09 - 2016-05-11 14:13 - 0004128 _____ () C:\ProgramData\hpzinstall.log
2012-12-08 11:37 - 2012-12-08 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-09-24 17:43 - 2012-09-30 13:44 - 0000771 _____ () C:\ProgramData\NCIDebug.log

Some files in TEMP:
====================
C:\Users\Lubik\AppData\Local\Temp\libeay32.dll
C:\Users\Lubik\AppData\Local\Temp\msvcr120.dll
C:\Users\Lubik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-11 10:25

==================== End of FRST.txt ============================
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“