Dobrý den,
mám problém s vytížením disku na 99%.
Tento problém jsem měl již před cca 2 měsíci, na internetu jsem se dočetel, že ten to problém může způsovovat Chrome. Po odinstalování Cromu a nainstalování firefoxu bylo vše vpořádku až do dnes.
Přikládám screen správce úloh.
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by kohut at 2017-05-03 19:46:02
Microsoft Windows 10 Home
System drive C: has 268 GB (38%) free of 698 GB
Total RAM: 8007 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:11, on 03.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0873)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\PreSonus\AudioBox\AudioBox.exe
C:\Program Files\trend micro\kohut.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kohut\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Discord] C:\Users\kohut\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [AudioBox VSL] C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7f4bcb75-975e-4015-b783-0edcd44c8e32}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 12677 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a2556977-a44d-41fa-9f1a-e29dbde1d742 -SystemEventPortName:HostProcess-25c7dd65-4c16-4942-ba0c-9dc733534206 -IoCancelEventPortName:HostProcess-397a7d84-d926-4d83-840f-13b0dea02b8c -NonStateChangingEventPortName:HostProcess-b06a3970-3fdc-4e95-be71-99a99c8501c0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a6c06eb7-7678-46df-88fa-2d9638f00c9c -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000914
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\System32\svchost.exe -k AppReadiness
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\WiFiTask.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\kohut\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 628 632 640 8192 636
"C:\Program Files\PreSonus\AudioBox\AudioBox.exe" -startup
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\extensions\
safesearchplus@avira.com
trash
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-12 3242696]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\kohut\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-31 633024]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-03-23 3019552]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27230168]
"Discord"=C:\Users\kohut\AppData\Local\Discord\app-0.0.297\Discord.exe [2017-01-04 64290304]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
"AudioBox VSL"=C:\Program Files\PreSonus\AudioBox\AudioBox.exe [2014-07-16 7593984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2017-03-09 63432]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-05-02 912768]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-03-24 145208]
C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-05-03 19:35:57 ----D---- C:\rsit
2017-05-03 19:35:57 ----D---- C:\Program Files\trend micro
2017-04-18 20:04:05 ----D---- C:\Program Files (x86)\KAWAI
2017-04-18 19:54:28 ----D---- C:\Program Files\DIFX
2017-04-18 19:18:21 ----A---- C:\WINDOWS\system32\drivers\paeusbaudioks_x64.sys
2017-04-18 19:16:52 ----D---- C:\Program Files\PreSonus
2017-04-18 19:09:49 ----D---- C:\Users\kohut\AppData\Roaming\PreSonus
2017-04-18 19:07:43 ----A---- C:\WINDOWS\system32\drivers\paeusbaudiodsp_x64.sys
2017-04-18 19:07:38 ----A---- C:\WINDOWS\system32\drivers\paeusbaudio_x64.sys
2017-04-17 19:02:42 ----D---- C:\WINDOWS\pss
2017-04-16 19:17:04 ----HDC---- C:\ProgramData\{F59F27AC-CAA9-4410-BC3E-337735C03532}
2017-04-16 19:01:12 ----HDC---- C:\ProgramData\{A28F8603-B8F6-463F-ACBB-7A9A874FF255}
2017-04-16 18:57:34 ----HDC---- C:\ProgramData\{27AE6DBC-0CA4-4761-8752-2B1ADDB90175}
2017-04-16 17:58:26 ----D---- C:\Program Files\Common Files\Avid
2017-04-16 14:57:03 ----D---- C:\ProgramData\Apple
2017-04-16 14:57:03 ----AD---- C:\Program Files\Bonjour
2017-04-16 14:57:03 ----AD---- C:\Program Files (x86)\Bonjour
2017-04-16 11:46:33 ----D---- C:\Users\kohut\AppData\Roaming\Maize Sampler Player
2017-04-16 09:23:42 ----HDC---- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2017-04-16 09:23:20 ----AD---- C:\Program Files\Common Files\Native Instruments
2017-04-16 09:23:12 ----HDC---- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2017-04-16 09:23:06 ----D---- C:\ProgramData\Native Instruments
2017-04-16 09:23:06 ----AD---- C:\Program Files\Native Instruments
2017-04-15 23:07:59 ----D---- C:\Program Files (x86)\CheckPoint
2017-04-15 23:05:15 ----D---- C:\ProgramData\CheckPoint
2017-04-15 22:23:04 ----AD---- C:\Program Files\CCleaner
2017-04-15 21:37:25 ----A---- C:\WINDOWS\SYSWOW64\REX Shared Library.dll
2017-04-15 21:37:25 ----A---- C:\WINDOWS\SYSWOW64\ReWire.dll
2017-04-15 21:32:44 ----D---- C:\Program Files (x86)\Ableton
2017-04-15 19:28:43 ----D---- C:\ProgramData\Ableton
2017-04-15 19:06:31 ----D---- C:\Users\kohut\AppData\Roaming\Ableton
2017-04-15 19:06:31 ----D---- C:\Program Files\Common Files\Propellerhead Software
2017-04-15 09:54:06 ----D---- C:\WINDOWS\LastGood.Tmp
2017-04-15 09:53:59 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2017-04-15 09:53:59 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-12 18:05:38 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-12 18:05:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\WSSync.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-04-12 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-12 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-04-12 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-12 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-04-12 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-12 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-12 18:05:35 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-04-12 18:05:35 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-04-12 18:05:35 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-12 18:05:35 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-04-12 18:05:35 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-04-12 18:05:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2017-04-12 18:05:34 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-04-12 18:05:33 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-04-12 18:05:33 ----A---- C:\WINDOWS\SYSWOW64\oemlicense.dll
2017-04-12 18:05:33 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-04-12 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-04-12 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-04-12 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-04-12 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-04-12 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-04-12 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-04-12 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-04-12 18:05:29 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-04-12 18:05:25 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-04-12 18:05:23 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-04-12 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\licensingdiag.exe
2017-04-12 18:05:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:05:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-04-12 18:05:20 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2017-04-12 18:05:19 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-04-12 18:05:18 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2017-04-12 18:05:17 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-12 18:05:17 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-12 18:05:16 ----A---- C:\WINDOWS\system32\sppsvc.exe
2017-04-12 18:05:16 ----A---- C:\WINDOWS\system32\LsaIso.exe
2017-04-12 18:05:15 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 18:05:13 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-04-12 18:05:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-04-12 18:05:12 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 18:05:11 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 18:04:35 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-04-12 18:04:35 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-04-12 18:04:35 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 18:04:34 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:04:34 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-04-12 18:04:33 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-04-12 18:04:33 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-04-12 18:04:32 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-04-12 18:04:32 ----A---- C:\WINDOWS\system32\mos.dll
2017-04-12 18:04:32 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-04-12 18:04:31 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-04-12 18:04:31 ----A---- C:\WINDOWS\system32\shell32.dll
2017-04-12 18:04:31 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-04-12 18:04:28 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-04-12 18:04:28 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:04:21 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 18:04:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-04-12 18:04:20 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 18:04:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-12 18:04:18 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-12 18:04:18 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 18:04:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-04-12 18:04:17 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-04-12 18:04:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-12 18:04:16 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-04-12 18:04:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-12 18:04:15 ----A---- C:\WINDOWS\system32\WSSync.dll
2017-04-12 18:04:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-04-12 18:04:14 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-12 18:04:14 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-04-12 18:04:14 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-04-12 18:04:13 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-12 18:04:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-04-12 18:04:12 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-04-12 18:04:11 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-04-12 18:04:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 18:04:09 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2017-04-12 18:04:08 ----A---- C:\WINDOWS\system32\WSShared.dll
2017-04-12 18:04:08 ----A---- C:\WINDOWS\system32\WSService.dll
2017-04-12 18:04:08 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-04-12 18:04:07 ----A---- C:\WINDOWS\system32\asycfilt.dll
2017-04-12 18:04:06 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-04-12 18:04:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-04-12 18:04:06 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-04-12 18:04:05 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-04-12 18:04:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-04-12 18:04:04 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-04-12 18:04:04 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-04-12 18:04:02 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 18:04:01 ----A---- C:\WINDOWS\system32\wininet.dll
2017-04-12 18:04:01 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 18:04:01 ----A---- C:\WINDOWS\system32\ole32.dll
2017-04-12 18:04:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-04-12 18:04:00 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-04-12 18:04:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 18:03:59 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-04-12 18:03:58 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-04-12 18:03:48 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-04-12 18:03:48 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2017-04-12 18:03:48 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-04-12 18:03:46 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-04-12 18:03:46 ----A---- C:\WINDOWS\system32\oemlicense.dll
2017-04-12 18:03:44 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-04-12 18:03:44 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-04-12 18:03:44 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-04-12 18:03:43 ----A---- C:\WINDOWS\system32\sppwinob.dll
2017-04-12 18:03:43 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-04-12 18:03:43 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 18:03:42 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-12 18:03:41 ----A---- C:\WINDOWS\system32\quartz.dll
2017-04-12 18:03:41 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-04-12 18:03:40 ----A---- C:\WINDOWS\system32\wscapi.dll
2017-04-12 18:03:40 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-04-12 18:03:40 ----A---- C:\WINDOWS\system32\fdProxy.dll
2017-04-12 18:03:39 ----A---- C:\WINDOWS\system32\wscsvc.dll
2017-04-12 18:03:39 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-04-12 18:03:38 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-12 18:03:38 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-04-12 18:03:38 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-04-12 18:03:38 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 18:03:38 ----A---- C:\WINDOWS\system32\certcli.dll
2017-04-12 18:03:35 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 18:03:32 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-04-12 18:03:31 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-04-12 18:03:29 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 18:03:27 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2017-04-12 18:03:26 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-12 18:03:26 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 18:03:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-04-09 20:49:02 ----D---- C:\Users\kohut\AppData\Roaming\discord
======List of files/folders modified in the last 1 month======
2017-05-03 19:46:08 ----D---- C:\WINDOWS\Temp
2017-05-03 19:45:53 ----D---- C:\WINDOWS\Prefetch
2017-05-03 19:45:30 ----D---- C:\ProgramData\NVIDIA
2017-05-03 19:42:17 ----D---- C:\WINDOWS\system32\sru
2017-05-03 19:35:57 ----RD---- C:\Program Files
2017-05-03 19:30:25 ----D---- C:\WINDOWS\AppReadiness
2017-05-03 18:54:05 ----AD---- C:\Program Files (x86)\Battle.net
2017-05-02 20:31:33 ----SHD---- C:\System Volume Information
2017-05-02 17:02:32 ----AD---- C:\Program Files (x86)\Heroes of the Storm
2017-05-02 15:33:38 ----D---- C:\WINDOWS\Microsoft.NET
2017-05-02 15:26:55 ----HD---- C:\Program Files\WindowsApps
2017-05-01 16:06:02 ----AD---- C:\Program Files (x86)\Overwatch
2017-05-01 12:38:39 ----D---- C:\WINDOWS\system32\config
2017-04-29 23:58:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-29 23:58:56 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-04-29 23:58:17 ----D---- C:\WINDOWS\system32\CatRoot
2017-04-24 19:26:47 ----D---- C:\WINDOWS\System32
2017-04-24 19:26:47 ----D---- C:\WINDOWS\INF
2017-04-24 19:26:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-23 15:02:05 ----D---- C:\Program Files (x86)\Steam
2017-04-23 12:07:13 ----D---- C:\Users\kohut\AppData\Roaming\Azureus
2017-04-18 20:04:06 ----SHDC---- C:\WINDOWS\Installer
2017-04-18 20:04:05 ----RD---- C:\Program Files (x86)
2017-04-18 19:54:27 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-18 19:54:15 ----D---- C:\WINDOWS
2017-04-18 19:19:31 ----HD---- C:\ProgramData
2017-04-18 19:19:29 ----D---- C:\WINDOWS\system32\drivers
2017-04-17 19:46:51 ----D---- C:\WINDOWS\debug
2017-04-17 19:35:03 ----D---- C:\WINDOWS\system32\wbem
2017-04-17 19:32:44 ----D---- C:\WINDOWS\Tasks
2017-04-17 19:32:44 ----D---- C:\WINDOWS\system32\Tasks
2017-04-17 19:32:44 ----D---- C:\WINDOWS\system32\catroot2
2017-04-17 19:32:44 ----D---- C:\Users\kohut\AppData\Roaming\vlc
2017-04-17 19:32:44 ----D---- C:\Users\kohut\AppData\Roaming\Battle.net
2017-04-17 19:20:21 ----D---- C:\WINDOWS\registration
2017-04-17 19:07:57 ----D---- C:\WINDOWS\Logs
2017-04-17 07:15:31 ----D---- C:\Users\kohut\AppData\Roaming\DAEMON Tools Lite
2017-04-16 17:58:26 ----D---- C:\Program Files\Common Files
2017-04-16 17:58:26 ----D---- C:\Program Files (x86)\Common Files
2017-04-16 17:57:59 ----D---- C:\ProgramData\Package Cache
2017-04-16 14:57:03 ----D---- C:\WINDOWS\SysWOW64
2017-04-15 22:56:38 ----D---- C:\WINDOWS\system32\NDF
2017-04-15 22:53:28 ----SD---- C:\Users\kohut\AppData\Roaming\Microsoft
2017-04-15 22:40:10 ----D---- C:\WINDOWS\system32\drivers\etc
2017-04-15 22:32:22 ----D---- C:\Users\kohut\AppData\Roaming\TS3Client
2017-04-15 22:30:08 ----DC---- C:\WINDOWS\Panther
2017-04-15 22:29:50 ----D---- C:\WINDOWS\Minidump
2017-04-15 19:35:11 ----HD---- C:\WINDOWS\system32\GroupPolicy
2017-04-15 16:08:25 ----D---- C:\WINDOWS\rescache
2017-04-15 09:55:52 ----D---- C:\ProgramData\NVIDIA Corporation
2017-04-15 09:54:14 ----D---- C:\Program Files\NVIDIA Corporation
2017-04-15 09:54:14 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-04-14 13:03:48 ----D---- C:\WINDOWS\WinSxS
2017-04-14 11:52:39 ----RSD---- C:\WINDOWS\assembly
2017-04-13 23:36:19 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-04-13 23:36:19 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-04-13 23:36:14 ----SD---- C:\WINDOWS\system32\F12
2017-04-13 23:36:14 ----D---- C:\WINDOWS\system32\migration
2017-04-13 23:36:14 ----D---- C:\WINDOWS\system32\cs-CZ
2017-04-13 23:36:12 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-04-13 23:36:12 ----RD---- C:\WINDOWS\DevicesFlow
2017-04-13 23:36:12 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 23:36:12 ----D---- C:\Program Files (x86)\Windows Defender
2017-04-13 23:36:12 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 23:36:11 ----D---- C:\Program Files\Windows Photo Viewer
2017-04-13 23:36:11 ----D---- C:\Program Files\Windows Defender
2017-04-13 23:36:11 ----D---- C:\Program Files\Internet Explorer
2017-04-13 22:01:30 ----D---- C:\WINDOWS\system32\MRT
2017-04-13 21:58:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-04-13 21:58:46 ----D---- C:\WINDOWS\CbsTemp
2017-04-05 18:30:32 ----AD---- C:\Program Files (x86)\Hearthstone
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-03-17 47032]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2017-03-02 163976]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2017-03-02 44488]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2017-03-02 161824]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2017-03-02 88488]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2015-10-30 4207104]
R3 b57xdbd;@oem27.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem27.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 dtlitescsibus;@oem14.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-11-02 30264]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-12 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-10-12 3797424]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-03-30 454416]
R3 iwdbus;@oem47.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-10-30 446464]
R3 MEIx64;@oem16.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2017-03-17 14574640]
R3 nvvad_WaveExtensible;@oem58.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-03-28 47552]
R3 nvvhci;@oem57.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-03-17 59448]
R3 paeusbaudio;paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [2014-04-16 260096]
R3 paeusbaudiodsp;paeusbaudiodsp; C:\WINDOWS\System32\drivers\paeusbaudiodsp_x64.sys [2014-07-16 62464]
R3 paeusbaudioks;paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [2014-04-16 46080]
R3 Ps2Kb2Hid;@oem34.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-10-21 26736]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2017-03-04 78088]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-25 117248]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-07-13 283064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-10-25 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hw_usbdev;HUAWEISERSP; C:\WINDOWS\System32\drivers\hw_usbdev.sys [2011-10-24 116864]
S3 HWHandSet;HWUSBSERSPTMO; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [2011-10-24 223232]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-03-28 30144]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2015-04-27 452240]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-02-02 82640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-02-27 2227312]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-05-02 488920]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-05-02 488920]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-03-09 349560]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-12 144072]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-10-12 330136]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28 492480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-03-17 464440]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-03-28 425408]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-10-12 291744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-05-02 1119712]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-05-02 1520680]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_18cd11c;Hostitel synchronizace_18cd11c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1ee19c4;Hostitel synchronizace_1ee19c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1f1d538;Hostitel synchronizace_1f1d538; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_26c8d869;Hostitel synchronizace_26c8d869; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_31049fd;Hostitel synchronizace_31049fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_33cf0;Hostitel synchronizace_33cf0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3a7b7;Hostitel synchronizace_3a7b7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3bec2;Hostitel synchronizace_3bec2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_41b90;Hostitel synchronizace_41b90; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4516f61;Hostitel synchronizace_4516f61; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_946d42f;Hostitel synchronizace_946d42f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_c2f5b;Hostitel synchronizace_c2f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_c4685c3;Hostitel synchronizace_c4685c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_d5e3933;Hostitel synchronizace_d5e3933; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_fe02da2;Hostitel synchronizace_fe02da2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-03-25 1494024]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2017-02-20 363208]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_18cd11c;Služba zasílání zpráv_18cd11c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1ee19c4;Služba zasílání zpráv_1ee19c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1f1d538;Služba zasílání zpráv_1f1d538; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_26c8d869;Služba zasílání zpráv_26c8d869; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_31049fd;Služba zasílání zpráv_31049fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_33cf0;Služba zasílání zpráv_33cf0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3a7b7;Služba zasílání zpráv_3a7b7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3bec2;Služba zasílání zpráv_3bec2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_41b90;Služba zasílání zpráv_41b90; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4516f61;Služba zasílání zpráv_4516f61; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_946d42f;Služba zasílání zpráv_946d42f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_c2f5b;Služba zasílání zpráv_c2f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_c4685c3;Služba zasílání zpráv_c4685c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_d5e3933;Služba zasílání zpráv_d5e3933; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_fe02da2;Služba zasílání zpráv_fe02da2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-19 173512]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28 492480]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_18cd11c;Data kontaktů_18cd11c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1ee19c4;Data kontaktů_1ee19c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1f1d538;Data kontaktů_1f1d538; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_26c8d869;Data kontaktů_26c8d869; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_31049fd;Data kontaktů_31049fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_33cf0;Data kontaktů_33cf0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3a7b7;Data kontaktů_3a7b7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3bec2;Data kontaktů_3bec2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_41b90;Data kontaktů_41b90; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4516f61;Data kontaktů_4516f61; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_946d42f;Data kontaktů_946d42f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_c2f5b;Data kontaktů_c2f5b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_c4685c3;Data kontaktů_c4685c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_d5e3933;Data kontaktů_d5e3933; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_fe02da2;Data kontaktů_fe02da2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-03-23 1590560]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vytížení Disku na 99%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vytížení Disku na 99%
- Přílohy
-
- správce úloh.rar
- (172.29 KiB) Staženo 84 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
# AdwCleaner v6.046 - Log vytvořen 04/05/2017 v 16:45:30
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-05-03.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : kohut - DESKTOP-OG0MI7G
# Spuštěno z : C:\Users\kohut\Desktop\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\kohut\AppData\Local\MalwareProtectionLive
[-] Složka smazána: C:\Users\kohut\AppData\Roaming\RHEng
***** [ Soubory ] *****
[-] Soubor smazán: C:\END
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1488 Bajty] - [04/05/2017 16:45:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [1867 Bajty] - [04/05/2017 16:44:59]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1634 Bajty] ##########
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-05-03.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : kohut - DESKTOP-OG0MI7G
# Spuštěno z : C:\Users\kohut\Desktop\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\kohut\AppData\Local\MalwareProtectionLive
[-] Složka smazána: C:\Users\kohut\AppData\Roaming\RHEng
***** [ Soubory ] *****
[-] Soubor smazán: C:\END
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1488 Bajty] - [04/05/2017 16:45:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [1867 Bajty] - [04/05/2017 16:44:59]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1634 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05-2017
Ran by kohut (administrator) on DESKTOP-OG0MI7G (06-05-2017 13:28:20)
Running from C:\Users\kohut\Desktop
Loaded Profiles: kohut (Available Profiles: kohut)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\PreSonus\AudioBox\AudioBox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> avscan.exe
Failed to access process -> avscan.exe
(forum.viry.cz) C:\Users\kohut\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-05-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-03-24] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Discord] => C:\Users\kohut\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {6303d942-3a3a-11e6-8ec1-b888e3d0659d} - "E:\autorun.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d1872-8013-11e5-8e9e-b888e3d0659d} - "E:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d18b7-8013-11e5-8e9e-b888e3d0659d} - "F:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d23ee-8013-11e5-8e9e-b888e3d0659d} - "G:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
Startup: C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-09-16] ()
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f4bcb75-975e-4015-b783-0edcd44c8e32}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7f4bcb75-975e-4015-b783-0edcd44c8e32}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default [2017-05-06]
FF Extension: (Avira Browser Safety) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Avira SafeSearch Plus) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\Extensions\safesearchplus@avira.com [2015-10-12] [not signed]
FF Extension: (Shield Recipe Client) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\features\{64b3d945-3626-406f-a4ab-ab3c16221b34}\shield-recipe-client@mozilla.org.xpi [2017-05-02]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-02] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-03-25] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-02-20] (BitRaider, LLC)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-12] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-03-24] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-03-24] (Check Point Software Technologies Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-03-04] (BitRaider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-02] (Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2013-07-13] (Disc Soft Ltd)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-03-17] (NVIDIA Corporation)
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [260096 2014-04-16] ()
R3 paeusbaudiodsp; C:\WINDOWS\System32\drivers\paeusbaudiodsp_x64.sys [62464 2014-07-16] ()
R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [46080 2014-04-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-21] (Dritek System Inc.)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2017-03-24] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 iswSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 13:28 - 2017-05-06 13:30 - 00018180 _____ C:\Users\kohut\Desktop\FRST.txt
2017-05-06 13:27 - 2017-05-06 13:28 - 00000000 ____D C:\FRST
2017-05-06 13:27 - 2017-05-06 13:16 - 02429440 _____ (Farbar) C:\Users\kohut\FRST64.exe
2017-05-06 13:27 - 2017-05-03 19:35 - 01222144 _____ C:\Users\kohut\RSITx64.exe
2017-05-06 13:26 - 2017-05-06 13:26 - 00112640 _____ (forum.viry.cz) C:\Users\kohut\FRSTLauncher.exe
2017-05-06 13:16 - 2017-05-06 13:16 - 02429440 _____ (Farbar) C:\Users\kohut\Desktop\FRST64.exe
2017-05-06 13:11 - 2017-05-06 13:11 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-04 16:43 - 2017-05-04 16:45 - 00000000 ____D C:\AdwCleaner
2017-05-04 16:41 - 2017-05-04 16:42 - 04102600 _____ C:\Users\kohut\Desktop\adwcleaner_6.046.exe
2017-05-03 19:55 - 2017-05-03 19:55 - 00176430 _____ C:\Users\kohut\Desktop\správce úloh.rar
2017-05-03 19:35 - 2017-05-03 19:46 - 00000000 ____D C:\Program Files\trend micro
2017-05-03 19:35 - 2017-05-03 19:36 - 00000000 ____D C:\rsit
2017-05-03 19:35 - 2017-05-03 19:35 - 01222144 _____ C:\Users\kohut\Desktop\RSITx64.exe
2017-04-18 20:04 - 2017-04-18 20:14 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\VPC Editor
2017-04-18 20:00 - 2017-04-18 20:00 - 10165745 _____ C:\Users\kohut\Desktop\VpcEditor_EN.zip
2017-04-18 20:00 - 2017-04-18 20:00 - 02357430 _____ C:\Users\kohut\Desktop\MIDIMonitor.zip
2017-04-18 20:00 - 2017-04-18 20:00 - 00000000 ____D C:\Users\kohut\Desktop\VpcEditor_EN
2017-04-18 20:00 - 2017-04-18 20:00 - 00000000 ____D C:\Users\kohut\Desktop\MIDIMonitor
2017-04-18 19:54 - 2017-04-18 19:54 - 00000000 ____D C:\Users\kohut\Desktop\um_x64_22
2017-04-18 19:54 - 2017-04-18 19:54 - 00000000 ____D C:\Program Files\DIFX
2017-04-18 19:53 - 2017-04-18 19:53 - 00436958 _____ C:\Users\kohut\Desktop\um_x64_22.zip
2017-04-18 19:18 - 2014-04-16 11:22 - 00046080 _____ () C:\WINDOWS\system32\Drivers\paeusbaudioks_x64.sys
2017-04-18 19:16 - 2017-04-18 19:16 - 00000000 ____D C:\Program Files\PreSonus
2017-04-18 19:09 - 2017-04-18 19:09 - 00000000 ____D C:\Users\kohut\AppData\Roaming\PreSonus
2017-04-18 19:07 - 2014-07-16 16:54 - 00062464 _____ () C:\WINDOWS\system32\Drivers\paeusbaudiodsp_x64.sys
2017-04-18 19:07 - 2014-04-16 11:22 - 00260096 _____ () C:\WINDOWS\system32\Drivers\paeusbaudio_x64.sys
2017-04-18 19:05 - 2017-04-18 19:16 - 00000693 _____ C:\Users\Public\Desktop\AudioBox.lnk
2017-04-18 19:05 - 2017-04-18 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus
2017-04-18 19:03 - 2017-04-18 19:05 - 08431584 _____ (PreSonus ) C:\Users\kohut\Desktop\PreSonus_AudioBox_Installer_v1_3_5653.exe
2017-04-17 19:02 - 2017-04-17 19:02 - 00000000 ____D C:\WINDOWS\pss
2017-04-17 07:21 - 2017-04-17 07:21 - 00015136 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170417_072144.reg
2017-04-16 19:28 - 2017-04-16 19:28 - 00012338 _____ C:\Users\kohut\Desktop\[CzT]X_Men_Apokalypsa_X_Men_Apocalypse_2016_CZ_.torrent
2017-04-16 19:17 - 2017-04-17 19:32 - 00000000 __HDC C:\ProgramData\{F59F27AC-CAA9-4410-BC3E-337735C03532}
2017-04-16 19:01 - 2017-04-17 19:32 - 00000000 __HDC C:\ProgramData\{A28F8603-B8F6-463F-ACBB-7A9A874FF255}
2017-04-16 18:57 - 2017-04-16 18:57 - 00000000 __HDC C:\ProgramData\{27AE6DBC-0CA4-4761-8752-2B1ADDB90175}
2017-04-16 17:58 - 2017-04-16 17:58 - 00000000 ____D C:\Program Files\Common Files\Avid
2017-04-16 14:57 - 2017-04-16 14:57 - 00000000 ____D C:\ProgramData\Apple
2017-04-16 11:46 - 2017-04-16 11:47 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Maize Sampler Player
2017-04-16 11:40 - 2017-04-16 11:40 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-04-16 09:24 - 2017-04-16 19:17 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Native Instruments
2017-04-16 09:24 - 2017-04-16 19:17 - 00000000 ____D C:\Users\kohut\AppData\Local\Native Instruments
2017-04-16 09:23 - 2017-05-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-04-16 09:23 - 2017-05-03 20:11 - 00000000 ____D C:\Program Files\Native Instruments
2017-04-16 09:23 - 2017-04-17 19:32 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2017-04-16 09:23 - 2017-04-16 18:56 - 00000000 __HDC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2017-04-16 09:23 - 2017-04-16 09:23 - 00000000 ____D C:\ProgramData\Native Instruments
2017-04-16 09:20 - 2017-04-16 17:53 - 00000000 ____D C:\Users\kohut\Desktop\MUZIKA
2017-04-16 09:06 - 2017-04-16 09:06 - 00001662 _____ C:\Users\kohut\Desktop\Ableton Live 9 Suite – zástupce (2).lnk
2017-04-15 23:10 - 2017-04-15 23:10 - 00441296 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2017-04-15 23:09 - 2017-04-15 23:09 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2017-04-15 23:09 - 2017-04-15 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2017-04-15 23:07 - 2017-04-15 23:09 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2017-04-15 23:05 - 2017-04-15 23:05 - 00000000 ____D C:\ProgramData\CheckPoint
2017-04-15 23:02 - 2017-04-15 23:02 - 00005340 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_230207.reg
2017-04-15 22:40 - 2017-04-15 22:40 - 00000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2017-04-15 22:36 - 2017-04-15 22:36 - 00018530 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_223608.reg
2017-04-15 22:33 - 2017-04-15 22:33 - 00234644 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_223301.reg
2017-04-15 22:23 - 2017-04-15 22:23 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-15 22:23 - 2017-04-15 22:23 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-15 22:23 - 2017-04-15 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-15 22:23 - 2017-04-15 22:23 - 00000000 ____D C:\Program Files\CCleaner
2017-04-15 21:53 - 2017-04-15 21:53 - 00000861 _____ C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2017-04-15 21:32 - 2017-04-15 21:32 - 00000000 ____D C:\Program Files (x86)\Ableton
2017-04-15 19:57 - 2017-04-15 19:57 - 00000477 ____T C:\Users\kohut\OneDrive\Dokumenty\Authorizing Ableton Live Offline.txt
2017-04-15 19:35 - 2017-04-15 19:35 - 00000270 __RSH C:\ProgramData\ntuser.pol
2017-04-15 19:28 - 2017-04-15 23:13 - 00000000 ____D C:\ProgramData\Ableton
2017-04-15 19:09 - 2017-04-16 09:32 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Ableton
2017-04-15 19:09 - 2017-04-15 19:09 - 00001690 _____ C:\Users\kohut\Desktop\Ableton Live 9 Suite – zástupce.lnk
2017-04-15 19:06 - 2017-04-15 21:29 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Ableton
2017-04-15 19:06 - 2017-04-15 19:06 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2017-04-15 19:01 - 2017-04-15 19:48 - 00000000 ____D C:\Users\kohut\Desktop\ableton
2017-04-15 09:54 - 2017-04-15 09:54 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-15 09:53 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-15 09:53 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-12 18:05 - 2017-03-28 11:11 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-04-12 18:05 - 2017-03-28 11:05 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-04-12 18:05 - 2017-03-28 10:59 - 00262400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 18:05 - 2017-03-28 10:52 - 00168360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 18:05 - 2017-03-28 10:51 - 00602256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 18:05 - 2017-03-28 10:50 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 18:05 - 2017-03-28 09:53 - 06958304 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:05 - 2017-03-28 09:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 18:05 - 2017-03-28 09:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 18:05 - 2017-03-28 09:45 - 00958120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 18:05 - 2017-03-28 09:44 - 02944592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 18:05 - 2017-03-28 09:44 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-04-12 18:05 - 2017-03-28 09:41 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-12 18:05 - 2017-03-28 09:40 - 05240440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 18:05 - 2017-03-28 09:08 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 18:05 - 2017-03-28 09:08 - 00316248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 18:05 - 2017-03-28 09:06 - 01522664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 18:05 - 2017-03-28 09:06 - 01370736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 18:05 - 2017-03-28 08:41 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 08:37 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 18:05 - 2017-03-28 08:26 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 18:05 - 2017-03-28 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 18:05 - 2017-03-28 08:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 18:05 - 2017-03-28 08:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 18:05 - 2017-03-28 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 18:05 - 2017-03-28 08:10 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 18:05 - 2017-03-28 08:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 18:05 - 2017-03-28 08:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2017-04-12 18:05 - 2017-03-28 08:01 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2017-04-12 18:05 - 2017-03-28 07:57 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 18:05 - 2017-03-28 07:56 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 18:05 - 2017-03-28 07:53 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-04-12 18:05 - 2017-03-28 07:47 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:05 - 2017-03-28 07:43 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2017-04-12 18:05 - 2017-03-28 07:42 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 18:05 - 2017-03-28 07:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 07:35 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2017-04-12 18:05 - 2017-03-28 07:33 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 18:05 - 2017-03-28 07:33 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 07:32 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2017-04-12 18:05 - 2017-03-28 07:19 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 18:05 - 2017-03-28 07:18 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-12 18:05 - 2017-03-28 07:18 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 18:05 - 2017-03-28 07:11 - 01501696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 18:05 - 2017-03-28 07:08 - 02878976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 18:05 - 2017-03-28 07:04 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 18:05 - 2017-03-28 06:47 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-04-12 18:05 - 2017-03-28 06:45 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-04-12 18:05 - 2017-03-28 06:41 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 18:05 - 2017-03-28 06:13 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 18:05 - 2017-03-18 18:41 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-04-12 18:04 - 2017-03-28 12:20 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-04-12 18:04 - 2017-03-28 12:18 - 01997840 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 18:04 - 2017-03-28 12:17 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 18:04 - 2017-03-28 12:17 - 00800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 18:04 - 2017-03-28 11:51 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2017-04-12 18:04 - 2017-03-28 11:18 - 08710320 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:04 - 2017-03-28 11:12 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 18:04 - 2017-03-28 11:11 - 03698216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 18:04 - 2017-03-28 11:06 - 06604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 18:04 - 2017-03-28 10:51 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 18:04 - 2017-03-28 10:28 - 01777792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 18:04 - 2017-03-28 10:12 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 18:04 - 2017-03-28 10:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 18:04 - 2017-03-28 09:52 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 18:04 - 2017-03-28 09:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 18:04 - 2017-03-28 09:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 18:04 - 2017-03-28 09:31 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-12 18:04 - 2017-03-28 09:29 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 18:04 - 2017-03-28 09:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 18:04 - 2017-03-28 09:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 18:04 - 2017-03-28 09:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 18:04 - 2017-03-28 09:16 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2017-04-12 18:04 - 2017-03-28 09:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 18:04 - 2017-03-28 09:10 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 18:04 - 2017-03-28 09:01 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:04 - 2017-03-28 08:56 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2017-04-12 18:04 - 2017-03-28 08:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 18:04 - 2017-03-28 08:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 18:04 - 2017-03-28 08:53 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 18:04 - 2017-03-28 08:51 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 18:04 - 2017-03-28 08:48 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 18:04 - 2017-03-28 08:46 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 18:04 - 2017-03-28 08:44 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2017-04-12 18:04 - 2017-03-28 08:26 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 18:04 - 2017-03-28 08:20 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-12 18:04 - 2017-03-28 08:12 - 01729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 18:04 - 2017-03-28 08:06 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 18:04 - 2017-03-28 08:05 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 18:04 - 2017-03-28 08:01 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 18:04 - 2017-03-28 07:56 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 18:04 - 2017-03-28 07:53 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 18:04 - 2017-03-28 07:44 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-04-12 18:04 - 2017-03-28 07:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 18:04 - 2017-03-28 07:41 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 18:04 - 2017-03-28 07:40 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 18:04 - 2017-03-28 07:39 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-04-12 18:04 - 2017-03-28 07:36 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 18:04 - 2017-03-28 07:36 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 18:04 - 2017-03-28 07:29 - 22375424 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 18:04 - 2017-03-28 07:22 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 18:04 - 2017-03-28 07:20 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 18:04 - 2017-03-28 07:06 - 07856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 18:04 - 2017-03-28 06:48 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 18:04 - 2017-03-28 06:46 - 19344896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 18:04 - 2017-03-28 06:45 - 18671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 18:04 - 2017-03-28 06:45 - 12134912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 18:04 - 2017-03-28 06:31 - 05670912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 18:04 - 2017-03-21 03:36 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 18:04 - 2017-03-18 22:39 - 22560744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 18:03 - 2017-03-28 12:19 - 00202480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 18:03 - 2017-03-28 12:14 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 18:03 - 2017-03-28 12:12 - 00061792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-04-12 18:03 - 2017-03-28 11:08 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-12 18:03 - 2017-03-28 11:05 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 18:03 - 2017-03-28 11:05 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-04-12 18:03 - 2017-03-28 11:03 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-04-12 18:03 - 2017-03-28 11:03 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-12 18:03 - 2017-03-28 10:30 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 18:03 - 2017-03-28 10:29 - 01986912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 18:03 - 2017-03-28 10:29 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 18:03 - 2017-03-28 10:29 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 18:03 - 2017-03-28 10:28 - 01594928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 18:03 - 2017-03-28 09:52 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-04-12 18:03 - 2017-03-28 09:51 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 18:03 - 2017-03-28 09:50 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 18:03 - 2017-03-28 09:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 18:03 - 2017-03-28 09:40 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 18:03 - 2017-03-28 09:38 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-04-12 18:03 - 2017-03-28 09:37 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 18:03 - 2017-03-28 09:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2017-04-12 18:03 - 2017-03-28 09:20 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-04-12 18:03 - 2017-03-28 09:20 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-04-12 18:03 - 2017-03-28 09:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 18:03 - 2017-03-28 09:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 18:03 - 2017-03-28 09:13 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 18:03 - 2017-03-28 09:09 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 18:03 - 2017-03-28 08:55 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-04-12 18:03 - 2017-03-28 08:53 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-12 18:03 - 2017-03-28 08:41 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 18:03 - 2017-03-28 08:40 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2017-04-12 18:03 - 2017-03-28 08:21 - 03586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 18:03 - 2017-03-28 08:19 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 18:03 - 2017-03-28 08:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 18:03 - 2017-03-28 07:55 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-04-12 18:03 - 2017-03-28 07:42 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-04-12 18:03 - 2017-03-28 07:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-04-12 18:03 - 2017-03-28 07:20 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 18:03 - 2017-03-28 07:01 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-04-09 20:49 - 2017-04-09 22:09 - 00000000 ____D C:\Users\kohut\AppData\Roaming\discord
2017-04-09 20:49 - 2017-04-09 20:49 - 00002237 _____ C:\Users\kohut\Desktop\Discord.lnk
2017-04-09 20:49 - 2017-04-09 20:49 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-09 20:48 - 2017-04-09 20:49 - 00000000 ____D C:\Users\kohut\AppData\Local\Discord
2017-04-07 16:18 - 2017-04-07 16:18 - 00092427 _____ C:\Users\kohut\Desktop\Kopie dokumentu Numbers of HoTS 2.0.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 13:27 - 2016-01-25 11:08 - 00000000 ____D C:\Users\kohut
2017-05-06 13:22 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-06 13:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-06 13:17 - 2016-02-08 22:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-06 13:16 - 2016-04-10 14:06 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-06 13:14 - 2015-10-12 20:00 - 00000000 ____D C:\Users\kohut\AppData\Local\Battle.net
2017-05-06 13:13 - 2015-10-12 19:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-06 13:11 - 2015-10-12 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-06 13:09 - 2016-01-29 10:37 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{04D3CD90-AF21-4ED4-8909-5F46114E4095}
2017-05-06 13:07 - 2015-10-16 15:22 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2017-05-06 13:04 - 2017-03-28 18:29 - 00000000 ____D C:\Users\kohut\AppData\LocalLow\Mozilla
2017-05-06 13:04 - 2015-10-12 19:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-06 13:01 - 2015-10-12 19:36 - 00000000 __SHD C:\Users\kohut\IntelGraphicsProfiles
2017-05-04 16:54 - 2015-11-15 16:29 - 00000000 ____D C:\Users\kohut\AppData\Local\Adobe
2017-05-04 16:48 - 2016-01-25 11:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 16:47 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-05-03 20:06 - 2015-10-13 15:32 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-03 20:05 - 2017-01-20 19:21 - 00000000 ____D C:\Users\kohut\AppData\Local\Innkeeper
2017-05-03 20:00 - 2015-10-12 19:36 - 00000000 ____D C:\Users\kohut\AppData\Local\Packages
2017-05-03 19:58 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-05-03 19:53 - 2016-07-31 14:27 - 00000000 ____D C:\Users\kohut\Desktop\Polsko
2017-05-01 16:06 - 2016-11-21 18:28 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-04-29 23:58 - 2017-03-28 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-29 12:12 - 2015-12-07 20:30 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Heroes of the Storm
2017-04-24 19:26 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-24 19:26 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-24 19:26 - 2015-10-12 19:15 - 01771532 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-23 14:43 - 2015-10-31 19:22 - 00000000 ____D C:\Users\kohut\AppData\Local\ElevatedDiagnostics
2017-04-23 12:07 - 2015-10-16 18:40 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Azureus
2017-04-23 11:49 - 2015-10-16 18:40 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Vuze Downloads
2017-04-22 21:20 - 2016-10-29 20:09 - 01673728 _____ () C:\Users\kohut\Desktop\HOTS Logs Uploader.exe
2017-04-22 21:16 - 2016-02-07 14:53 - 00000000 ____D C:\Users\kohut\AppData\Local\CrashDumps
2017-04-22 20:17 - 2016-01-27 11:57 - 00000000 ____D C:\Users\kohut\Desktop\Hudba
2017-04-17 19:32 - 2015-10-16 19:58 - 00000000 ____D C:\Users\kohut\AppData\Roaming\vlc
2017-04-17 19:32 - 2015-10-12 20:00 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Battle.net
2017-04-17 19:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2017-04-17 07:15 - 2015-11-02 16:17 - 00000000 ____D C:\Users\kohut\AppData\Roaming\DAEMON Tools Lite
2017-04-15 22:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-15 22:32 - 2016-06-13 19:30 - 00000000 ____D C:\Users\kohut\AppData\Roaming\TS3Client
2017-04-15 22:30 - 2016-01-25 10:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-15 22:29 - 2016-10-16 15:58 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-15 19:35 - 2015-10-12 16:53 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-04-15 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2017-04-15 09:55 - 2016-01-25 11:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-15 09:54 - 2017-03-26 10:41 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2016-01-25 11:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-15 09:54 - 2016-01-25 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-14 11:22 - 2015-10-12 19:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 11:17 - 2016-01-25 10:58 - 00360960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 22:01 - 2015-10-13 15:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 21:58 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-13 21:58 - 2015-10-13 15:25 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 21:26 - 2015-11-15 16:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 21:25 - 2015-11-15 16:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-09 20:49 - 2016-12-26 00:17 - 00000000 ____D C:\Users\kohut\AppData\Local\SquirrelTemp
==================== Files in the root of some directories =======
2016-01-25 11:04 - 2016-01-25 11:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\kohut\FRST64.exe
C:\Users\kohut\FRSTLauncher.exe
C:\Users\kohut\RSITx64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\kohut\Desktop" je 21813 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by kohut (administrator) on DESKTOP-OG0MI7G (06-05-2017 13:28:20)
Running from C:\Users\kohut\Desktop
Loaded Profiles: kohut (Available Profiles: kohut)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\PreSonus\AudioBox\AudioBox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> avscan.exe
Failed to access process -> avscan.exe
(forum.viry.cz) C:\Users\kohut\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-05-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-03-24] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [Discord] => C:\Users\kohut\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {6303d942-3a3a-11e6-8ec1-b888e3d0659d} - "E:\autorun.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d1872-8013-11e5-8e9e-b888e3d0659d} - "E:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d18b7-8013-11e5-8e9e-b888e3d0659d} - "F:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d23ee-8013-11e5-8e9e-b888e3d0659d} - "G:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
Startup: C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-09-16] ()
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f4bcb75-975e-4015-b783-0edcd44c8e32}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7f4bcb75-975e-4015-b783-0edcd44c8e32}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default [2017-05-06]
FF Extension: (Avira Browser Safety) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Avira SafeSearch Plus) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\Extensions\safesearchplus@avira.com [2015-10-12] [not signed]
FF Extension: (Shield Recipe Client) - C:\Users\kohut\AppData\Roaming\Mozilla\Firefox\Profiles\StdMEY5r.default\features\{64b3d945-3626-406f-a4ab-ab3c16221b34}\shield-recipe-client@mozilla.org.xpi [2017-05-02]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-02] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-03-25] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-02-20] (BitRaider, LLC)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-12] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-03-24] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-03-24] (Check Point Software Technologies Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-03-04] (BitRaider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-02] (Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2013-07-13] (Disc Soft Ltd)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-03-17] (NVIDIA Corporation)
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [260096 2014-04-16] ()
R3 paeusbaudiodsp; C:\WINDOWS\System32\drivers\paeusbaudiodsp_x64.sys [62464 2014-07-16] ()
R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [46080 2014-04-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-21] (Dritek System Inc.)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2017-03-24] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 iswSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 13:28 - 2017-05-06 13:30 - 00018180 _____ C:\Users\kohut\Desktop\FRST.txt
2017-05-06 13:27 - 2017-05-06 13:28 - 00000000 ____D C:\FRST
2017-05-06 13:27 - 2017-05-06 13:16 - 02429440 _____ (Farbar) C:\Users\kohut\FRST64.exe
2017-05-06 13:27 - 2017-05-03 19:35 - 01222144 _____ C:\Users\kohut\RSITx64.exe
2017-05-06 13:26 - 2017-05-06 13:26 - 00112640 _____ (forum.viry.cz) C:\Users\kohut\FRSTLauncher.exe
2017-05-06 13:16 - 2017-05-06 13:16 - 02429440 _____ (Farbar) C:\Users\kohut\Desktop\FRST64.exe
2017-05-06 13:11 - 2017-05-06 13:11 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-04 16:43 - 2017-05-04 16:45 - 00000000 ____D C:\AdwCleaner
2017-05-04 16:41 - 2017-05-04 16:42 - 04102600 _____ C:\Users\kohut\Desktop\adwcleaner_6.046.exe
2017-05-03 19:55 - 2017-05-03 19:55 - 00176430 _____ C:\Users\kohut\Desktop\správce úloh.rar
2017-05-03 19:35 - 2017-05-03 19:46 - 00000000 ____D C:\Program Files\trend micro
2017-05-03 19:35 - 2017-05-03 19:36 - 00000000 ____D C:\rsit
2017-05-03 19:35 - 2017-05-03 19:35 - 01222144 _____ C:\Users\kohut\Desktop\RSITx64.exe
2017-04-18 20:04 - 2017-04-18 20:14 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\VPC Editor
2017-04-18 20:00 - 2017-04-18 20:00 - 10165745 _____ C:\Users\kohut\Desktop\VpcEditor_EN.zip
2017-04-18 20:00 - 2017-04-18 20:00 - 02357430 _____ C:\Users\kohut\Desktop\MIDIMonitor.zip
2017-04-18 20:00 - 2017-04-18 20:00 - 00000000 ____D C:\Users\kohut\Desktop\VpcEditor_EN
2017-04-18 20:00 - 2017-04-18 20:00 - 00000000 ____D C:\Users\kohut\Desktop\MIDIMonitor
2017-04-18 19:54 - 2017-04-18 19:54 - 00000000 ____D C:\Users\kohut\Desktop\um_x64_22
2017-04-18 19:54 - 2017-04-18 19:54 - 00000000 ____D C:\Program Files\DIFX
2017-04-18 19:53 - 2017-04-18 19:53 - 00436958 _____ C:\Users\kohut\Desktop\um_x64_22.zip
2017-04-18 19:18 - 2014-04-16 11:22 - 00046080 _____ () C:\WINDOWS\system32\Drivers\paeusbaudioks_x64.sys
2017-04-18 19:16 - 2017-04-18 19:16 - 00000000 ____D C:\Program Files\PreSonus
2017-04-18 19:09 - 2017-04-18 19:09 - 00000000 ____D C:\Users\kohut\AppData\Roaming\PreSonus
2017-04-18 19:07 - 2014-07-16 16:54 - 00062464 _____ () C:\WINDOWS\system32\Drivers\paeusbaudiodsp_x64.sys
2017-04-18 19:07 - 2014-04-16 11:22 - 00260096 _____ () C:\WINDOWS\system32\Drivers\paeusbaudio_x64.sys
2017-04-18 19:05 - 2017-04-18 19:16 - 00000693 _____ C:\Users\Public\Desktop\AudioBox.lnk
2017-04-18 19:05 - 2017-04-18 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus
2017-04-18 19:03 - 2017-04-18 19:05 - 08431584 _____ (PreSonus ) C:\Users\kohut\Desktop\PreSonus_AudioBox_Installer_v1_3_5653.exe
2017-04-17 19:02 - 2017-04-17 19:02 - 00000000 ____D C:\WINDOWS\pss
2017-04-17 07:21 - 2017-04-17 07:21 - 00015136 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170417_072144.reg
2017-04-16 19:28 - 2017-04-16 19:28 - 00012338 _____ C:\Users\kohut\Desktop\[CzT]X_Men_Apokalypsa_X_Men_Apocalypse_2016_CZ_.torrent
2017-04-16 19:17 - 2017-04-17 19:32 - 00000000 __HDC C:\ProgramData\{F59F27AC-CAA9-4410-BC3E-337735C03532}
2017-04-16 19:01 - 2017-04-17 19:32 - 00000000 __HDC C:\ProgramData\{A28F8603-B8F6-463F-ACBB-7A9A874FF255}
2017-04-16 18:57 - 2017-04-16 18:57 - 00000000 __HDC C:\ProgramData\{27AE6DBC-0CA4-4761-8752-2B1ADDB90175}
2017-04-16 17:58 - 2017-04-16 17:58 - 00000000 ____D C:\Program Files\Common Files\Avid
2017-04-16 14:57 - 2017-04-16 14:57 - 00000000 ____D C:\ProgramData\Apple
2017-04-16 11:46 - 2017-04-16 11:47 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Maize Sampler Player
2017-04-16 11:40 - 2017-04-16 11:40 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-04-16 09:24 - 2017-04-16 19:17 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Native Instruments
2017-04-16 09:24 - 2017-04-16 19:17 - 00000000 ____D C:\Users\kohut\AppData\Local\Native Instruments
2017-04-16 09:23 - 2017-05-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-04-16 09:23 - 2017-05-03 20:11 - 00000000 ____D C:\Program Files\Native Instruments
2017-04-16 09:23 - 2017-04-17 19:32 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2017-04-16 09:23 - 2017-04-16 18:56 - 00000000 __HDC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2017-04-16 09:23 - 2017-04-16 09:23 - 00000000 ____D C:\ProgramData\Native Instruments
2017-04-16 09:20 - 2017-04-16 17:53 - 00000000 ____D C:\Users\kohut\Desktop\MUZIKA
2017-04-16 09:06 - 2017-04-16 09:06 - 00001662 _____ C:\Users\kohut\Desktop\Ableton Live 9 Suite – zástupce (2).lnk
2017-04-15 23:10 - 2017-04-15 23:10 - 00441296 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2017-04-15 23:09 - 2017-04-15 23:09 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2017-04-15 23:09 - 2017-04-15 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2017-04-15 23:07 - 2017-04-15 23:09 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2017-04-15 23:05 - 2017-04-15 23:05 - 00000000 ____D C:\ProgramData\CheckPoint
2017-04-15 23:02 - 2017-04-15 23:02 - 00005340 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_230207.reg
2017-04-15 22:40 - 2017-04-15 22:40 - 00000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2017-04-15 22:36 - 2017-04-15 22:36 - 00018530 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_223608.reg
2017-04-15 22:33 - 2017-04-15 22:33 - 00234644 _____ C:\Users\kohut\OneDrive\Dokumenty\cc_20170415_223301.reg
2017-04-15 22:23 - 2017-04-15 22:23 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-15 22:23 - 2017-04-15 22:23 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-15 22:23 - 2017-04-15 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-15 22:23 - 2017-04-15 22:23 - 00000000 ____D C:\Program Files\CCleaner
2017-04-15 21:53 - 2017-04-15 21:53 - 00000861 _____ C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2017-04-15 21:32 - 2017-04-15 21:32 - 00000000 ____D C:\Program Files (x86)\Ableton
2017-04-15 19:57 - 2017-04-15 19:57 - 00000477 ____T C:\Users\kohut\OneDrive\Dokumenty\Authorizing Ableton Live Offline.txt
2017-04-15 19:35 - 2017-04-15 19:35 - 00000270 __RSH C:\ProgramData\ntuser.pol
2017-04-15 19:28 - 2017-04-15 23:13 - 00000000 ____D C:\ProgramData\Ableton
2017-04-15 19:09 - 2017-04-16 09:32 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Ableton
2017-04-15 19:09 - 2017-04-15 19:09 - 00001690 _____ C:\Users\kohut\Desktop\Ableton Live 9 Suite – zástupce.lnk
2017-04-15 19:06 - 2017-04-15 21:29 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Ableton
2017-04-15 19:06 - 2017-04-15 19:06 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2017-04-15 19:01 - 2017-04-15 19:48 - 00000000 ____D C:\Users\kohut\Desktop\ableton
2017-04-15 09:54 - 2017-04-15 09:54 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-15 09:53 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-15 09:53 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-12 18:05 - 2017-03-28 11:11 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-04-12 18:05 - 2017-03-28 11:05 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-04-12 18:05 - 2017-03-28 10:59 - 00262400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 18:05 - 2017-03-28 10:52 - 00168360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 18:05 - 2017-03-28 10:51 - 00602256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 18:05 - 2017-03-28 10:50 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 18:05 - 2017-03-28 09:53 - 06958304 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:05 - 2017-03-28 09:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 18:05 - 2017-03-28 09:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 18:05 - 2017-03-28 09:45 - 00958120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 18:05 - 2017-03-28 09:44 - 02944592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 18:05 - 2017-03-28 09:44 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-04-12 18:05 - 2017-03-28 09:41 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-12 18:05 - 2017-03-28 09:40 - 05240440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 18:05 - 2017-03-28 09:08 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 18:05 - 2017-03-28 09:08 - 00316248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 18:05 - 2017-03-28 09:06 - 01522664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 18:05 - 2017-03-28 09:06 - 01370736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 18:05 - 2017-03-28 08:41 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 08:37 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 18:05 - 2017-03-28 08:26 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 18:05 - 2017-03-28 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 18:05 - 2017-03-28 08:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 18:05 - 2017-03-28 08:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 18:05 - 2017-03-28 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 18:05 - 2017-03-28 08:10 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 18:05 - 2017-03-28 08:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 18:05 - 2017-03-28 08:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2017-04-12 18:05 - 2017-03-28 08:01 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2017-04-12 18:05 - 2017-03-28 07:57 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 18:05 - 2017-03-28 07:56 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 18:05 - 2017-03-28 07:53 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-04-12 18:05 - 2017-03-28 07:47 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:05 - 2017-03-28 07:43 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2017-04-12 18:05 - 2017-03-28 07:42 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 18:05 - 2017-03-28 07:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 07:35 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2017-04-12 18:05 - 2017-03-28 07:33 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 18:05 - 2017-03-28 07:33 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 18:05 - 2017-03-28 07:32 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2017-04-12 18:05 - 2017-03-28 07:19 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 18:05 - 2017-03-28 07:18 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-12 18:05 - 2017-03-28 07:18 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 18:05 - 2017-03-28 07:11 - 01501696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 18:05 - 2017-03-28 07:08 - 02878976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 18:05 - 2017-03-28 07:04 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 18:05 - 2017-03-28 06:47 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-04-12 18:05 - 2017-03-28 06:45 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-04-12 18:05 - 2017-03-28 06:41 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 18:05 - 2017-03-28 06:13 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 18:05 - 2017-03-18 18:41 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-04-12 18:04 - 2017-03-28 12:20 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-04-12 18:04 - 2017-03-28 12:18 - 01997840 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 18:04 - 2017-03-28 12:17 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 18:04 - 2017-03-28 12:17 - 00800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 18:04 - 2017-03-28 11:51 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2017-04-12 18:04 - 2017-03-28 11:18 - 08710320 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:04 - 2017-03-28 11:12 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 18:04 - 2017-03-28 11:11 - 03698216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 18:04 - 2017-03-28 11:06 - 06604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 18:04 - 2017-03-28 10:51 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 18:04 - 2017-03-28 10:28 - 01777792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 18:04 - 2017-03-28 10:12 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 18:04 - 2017-03-28 10:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 18:04 - 2017-03-28 09:52 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 18:04 - 2017-03-28 09:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 18:04 - 2017-03-28 09:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 18:04 - 2017-03-28 09:31 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-12 18:04 - 2017-03-28 09:29 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 18:04 - 2017-03-28 09:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 18:04 - 2017-03-28 09:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 18:04 - 2017-03-28 09:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 18:04 - 2017-03-28 09:16 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2017-04-12 18:04 - 2017-03-28 09:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 18:04 - 2017-03-28 09:10 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 18:04 - 2017-03-28 09:01 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:04 - 2017-03-28 08:56 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2017-04-12 18:04 - 2017-03-28 08:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 18:04 - 2017-03-28 08:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 18:04 - 2017-03-28 08:53 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 18:04 - 2017-03-28 08:51 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 18:04 - 2017-03-28 08:48 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 18:04 - 2017-03-28 08:46 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 18:04 - 2017-03-28 08:44 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2017-04-12 18:04 - 2017-03-28 08:26 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 18:04 - 2017-03-28 08:20 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-12 18:04 - 2017-03-28 08:12 - 01729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 18:04 - 2017-03-28 08:06 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 18:04 - 2017-03-28 08:05 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 18:04 - 2017-03-28 08:01 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 18:04 - 2017-03-28 07:56 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 18:04 - 2017-03-28 07:53 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 18:04 - 2017-03-28 07:44 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-04-12 18:04 - 2017-03-28 07:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 18:04 - 2017-03-28 07:41 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 18:04 - 2017-03-28 07:40 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 18:04 - 2017-03-28 07:39 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-04-12 18:04 - 2017-03-28 07:36 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 18:04 - 2017-03-28 07:36 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 18:04 - 2017-03-28 07:29 - 22375424 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 18:04 - 2017-03-28 07:22 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 18:04 - 2017-03-28 07:20 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 18:04 - 2017-03-28 07:06 - 07856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 18:04 - 2017-03-28 06:48 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 18:04 - 2017-03-28 06:46 - 19344896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 18:04 - 2017-03-28 06:45 - 18671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 18:04 - 2017-03-28 06:45 - 12134912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 18:04 - 2017-03-28 06:31 - 05670912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 18:04 - 2017-03-21 03:36 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 18:04 - 2017-03-18 22:39 - 22560744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 18:03 - 2017-03-28 12:19 - 00202480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 18:03 - 2017-03-28 12:14 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 18:03 - 2017-03-28 12:12 - 00061792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-04-12 18:03 - 2017-03-28 11:08 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-12 18:03 - 2017-03-28 11:05 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 18:03 - 2017-03-28 11:05 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-04-12 18:03 - 2017-03-28 11:03 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-04-12 18:03 - 2017-03-28 11:03 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-12 18:03 - 2017-03-28 10:30 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 18:03 - 2017-03-28 10:29 - 01986912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 18:03 - 2017-03-28 10:29 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 18:03 - 2017-03-28 10:29 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 18:03 - 2017-03-28 10:28 - 01594928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 18:03 - 2017-03-28 09:52 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-04-12 18:03 - 2017-03-28 09:51 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 18:03 - 2017-03-28 09:50 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 18:03 - 2017-03-28 09:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 18:03 - 2017-03-28 09:40 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 18:03 - 2017-03-28 09:38 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-04-12 18:03 - 2017-03-28 09:37 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 18:03 - 2017-03-28 09:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2017-04-12 18:03 - 2017-03-28 09:20 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-04-12 18:03 - 2017-03-28 09:20 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-04-12 18:03 - 2017-03-28 09:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 18:03 - 2017-03-28 09:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 18:03 - 2017-03-28 09:13 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 18:03 - 2017-03-28 09:09 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 18:03 - 2017-03-28 08:55 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-04-12 18:03 - 2017-03-28 08:53 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-12 18:03 - 2017-03-28 08:41 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 18:03 - 2017-03-28 08:40 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2017-04-12 18:03 - 2017-03-28 08:21 - 03586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 18:03 - 2017-03-28 08:19 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 18:03 - 2017-03-28 08:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 18:03 - 2017-03-28 07:55 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-04-12 18:03 - 2017-03-28 07:42 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-04-12 18:03 - 2017-03-28 07:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-04-12 18:03 - 2017-03-28 07:20 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 18:03 - 2017-03-28 07:01 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-04-09 20:49 - 2017-04-09 22:09 - 00000000 ____D C:\Users\kohut\AppData\Roaming\discord
2017-04-09 20:49 - 2017-04-09 20:49 - 00002237 _____ C:\Users\kohut\Desktop\Discord.lnk
2017-04-09 20:49 - 2017-04-09 20:49 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-09 20:48 - 2017-04-09 20:49 - 00000000 ____D C:\Users\kohut\AppData\Local\Discord
2017-04-07 16:18 - 2017-04-07 16:18 - 00092427 _____ C:\Users\kohut\Desktop\Kopie dokumentu Numbers of HoTS 2.0.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-06 13:27 - 2016-01-25 11:08 - 00000000 ____D C:\Users\kohut
2017-05-06 13:22 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-06 13:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-06 13:17 - 2016-02-08 22:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-06 13:16 - 2016-04-10 14:06 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-06 13:14 - 2015-10-12 20:00 - 00000000 ____D C:\Users\kohut\AppData\Local\Battle.net
2017-05-06 13:13 - 2015-10-12 19:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-06 13:11 - 2015-10-12 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-06 13:09 - 2016-01-29 10:37 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{04D3CD90-AF21-4ED4-8909-5F46114E4095}
2017-05-06 13:07 - 2015-10-16 15:22 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2017-05-06 13:04 - 2017-03-28 18:29 - 00000000 ____D C:\Users\kohut\AppData\LocalLow\Mozilla
2017-05-06 13:04 - 2015-10-12 19:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-06 13:01 - 2015-10-12 19:36 - 00000000 __SHD C:\Users\kohut\IntelGraphicsProfiles
2017-05-04 16:54 - 2015-11-15 16:29 - 00000000 ____D C:\Users\kohut\AppData\Local\Adobe
2017-05-04 16:48 - 2016-01-25 11:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 16:47 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-05-03 20:06 - 2015-10-13 15:32 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-03 20:05 - 2017-01-20 19:21 - 00000000 ____D C:\Users\kohut\AppData\Local\Innkeeper
2017-05-03 20:00 - 2015-10-12 19:36 - 00000000 ____D C:\Users\kohut\AppData\Local\Packages
2017-05-03 19:58 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-05-03 19:53 - 2016-07-31 14:27 - 00000000 ____D C:\Users\kohut\Desktop\Polsko
2017-05-01 16:06 - 2016-11-21 18:28 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-04-29 23:58 - 2017-03-28 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-29 12:12 - 2015-12-07 20:30 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Heroes of the Storm
2017-04-24 19:26 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-24 19:26 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-24 19:26 - 2015-10-12 19:15 - 01771532 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-23 14:43 - 2015-10-31 19:22 - 00000000 ____D C:\Users\kohut\AppData\Local\ElevatedDiagnostics
2017-04-23 12:07 - 2015-10-16 18:40 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Azureus
2017-04-23 11:49 - 2015-10-16 18:40 - 00000000 ____D C:\Users\kohut\OneDrive\Dokumenty\Vuze Downloads
2017-04-22 21:20 - 2016-10-29 20:09 - 01673728 _____ () C:\Users\kohut\Desktop\HOTS Logs Uploader.exe
2017-04-22 21:16 - 2016-02-07 14:53 - 00000000 ____D C:\Users\kohut\AppData\Local\CrashDumps
2017-04-22 20:17 - 2016-01-27 11:57 - 00000000 ____D C:\Users\kohut\Desktop\Hudba
2017-04-17 19:32 - 2015-10-16 19:58 - 00000000 ____D C:\Users\kohut\AppData\Roaming\vlc
2017-04-17 19:32 - 2015-10-12 20:00 - 00000000 ____D C:\Users\kohut\AppData\Roaming\Battle.net
2017-04-17 19:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2017-04-17 07:15 - 2015-11-02 16:17 - 00000000 ____D C:\Users\kohut\AppData\Roaming\DAEMON Tools Lite
2017-04-15 22:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-15 22:32 - 2016-06-13 19:30 - 00000000 ____D C:\Users\kohut\AppData\Roaming\TS3Client
2017-04-15 22:30 - 2016-01-25 10:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-15 22:29 - 2016-10-16 15:58 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-15 19:35 - 2015-10-12 16:53 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-04-15 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2017-04-15 09:55 - 2016-01-25 11:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-15 09:54 - 2017-03-26 10:41 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2017-03-26 10:40 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-15 09:54 - 2016-01-25 11:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-15 09:54 - 2016-01-25 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-14 11:22 - 2015-10-12 19:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 11:17 - 2016-01-25 10:58 - 00360960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 23:36 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 22:01 - 2015-10-13 15:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 21:58 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-13 21:58 - 2015-10-13 15:25 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 21:26 - 2015-11-15 16:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 21:25 - 2015-11-15 16:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-09 20:49 - 2016-12-26 00:17 - 00000000 ____D C:\Users\kohut\AppData\Local\SquirrelTemp
==================== Files in the root of some directories =======
2016-01-25 11:04 - 2016-01-25 11:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\kohut\FRST64.exe
C:\Users\kohut\FRSTLauncher.exe
C:\Users\kohut\RSITx64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\kohut\Desktop" je 21813 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (4.96 KiB) Staženo 67 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {6303d942-3a3a-11e6-8ec1-b888e3d0659d} - "E:\autorun.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d1872-8013-11e5-8e9e-b888e3d0659d} - "E:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d18b7-8013-11e5-8e9e-b888e3d0659d} - "F:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d23ee-8013-11e5-8e9e-b888e3d0659d} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
U3 iswSvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\kohut novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\kohut\Desktop" je 21813 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Dobrý den,
děkujji za pomoc. Soubory z plochy jsem přesunul, zde vkládám log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-05-2017
Ran by kohut (06-05-2017 19:09:47) Run:1
Running from C:\Users\kohut\Desktop
Loaded Profiles: kohut (Available Profiles: kohut)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {6303d942-3a3a-11e6-8ec1-b888e3d0659d} - "E:\autorun.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d1872-8013-11e5-8e9e-b888e3d0659d} - "E:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d18b7-8013-11e5-8e9e-b888e3d0659d} - "F:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d23ee-8013-11e5-8e9e-b888e3d0659d} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
U3 iswSvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6303d942-3a3a-11e6-8ec1-b888e3d0659d} => key removed successfully
HKCR\CLSID\{6303d942-3a3a-11e6-8ec1-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d1872-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d1872-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d18b7-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d18b7-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d23ee-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d23ee-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\System\CurrentControlSet\Services\iswSvc => key removed successfully
iswSvc => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21359004 B
Java, Flash, Steam htmlcache => 599455405 B
Windows/system/drivers => 1642030 B
Edge => 1143 B
Chrome => 116736 B
Firefox => 92164585 B
Opera => 122880 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
kohut => 1183883141 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:17:41 ====
děkujji za pomoc. Soubory z plochy jsem přesunul, zde vkládám log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-05-2017
Ran by kohut (06-05-2017 19:09:47) Run:1
Running from C:\Users\kohut\Desktop
Loaded Profiles: kohut (Available Profiles: kohut)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {6303d942-3a3a-11e6-8ec1-b888e3d0659d} - "E:\autorun.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d1872-8013-11e5-8e9e-b888e3d0659d} - "E:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d18b7-8013-11e5-8e9e-b888e3d0659d} - "F:\setup.exe"
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\...\MountPoints2: {c54d23ee-8013-11e5-8e9e-b888e3d0659d} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
U3 iswSvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6303d942-3a3a-11e6-8ec1-b888e3d0659d} => key removed successfully
HKCR\CLSID\{6303d942-3a3a-11e6-8ec1-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d1872-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d1872-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d18b7-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d18b7-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKU\S-1-5-21-4142583254-1206428148-741917741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c54d23ee-8013-11e5-8e9e-b888e3d0659d} => key removed successfully
HKCR\CLSID\{c54d23ee-8013-11e5-8e9e-b888e3d0659d} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\System\CurrentControlSet\Services\iswSvc => key removed successfully
iswSvc => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21359004 B
Java, Flash, Steam htmlcache => 599455405 B
Windows/system/drivers => 1642030 B
Edge => 1143 B
Chrome => 116736 B
Firefox => 92164585 B
Opera => 122880 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
kohut => 1183883141 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:17:41 ====
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Bohužel ne vytížení disku je stále vysoké.
- Přílohy
-
- 15878886_10208020930741418_171660769_n.rar
- (147.93 KiB) Staženo 74 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Po spuštění Malwarebytes detekoval hrozbu a uložil ji do karantény (viz. přiložený screen).
Zde je log:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.05.17
Čas skenování: 22:40
Logovací soubor: mbamlog.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1883
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-OG0MI7G\kohut
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 413980
Uplynulý čas: 6 min, 30 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Zde je log:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.05.17
Čas skenování: 22:40
Logovací soubor: mbamlog.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1883
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-OG0MI7G\kohut
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 413980
Uplynulý čas: 6 min, 30 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
- Přílohy
-
- karanténa.rar
- (78.63 KiB) Staženo 59 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Už to vypadá v pořádku, nevadilo by vám toto téma ještě nezamykat třeba 3 dny? Kdyby se ten problém náhodou vrátil...
Mám něco vymazat?
Díky
Mám něco vymazat?
Díky
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vytížení Disku na 99%
V podstatě vše, co je v karanténě. Jsou to šmejdy. Jinak, pokud jsou v karanténě jsou neškodní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vytížení Disku na 99%
Bohužel disk je stále vytížen, momentálně vytížení kolísá 88%-99%.
Disk jsem defragmentoval po hlavním odstranění havětí, vše vypadalo ok. Od té doby jsem nic neinstaloval, ani nestahoval.
Obávám se, že mi nezbyde nic jiného, než přeinstalovat Windows :/.
Disk jsem defragmentoval po hlavním odstranění havětí, vše vypadalo ok. Od té doby jsem nic neinstaloval, ani nestahoval.
Obávám se, že mi nezbyde nic jiného, než přeinstalovat Windows :/.
- Přílohy
-
- TASK.rar
- (131.87 KiB) Staženo 70 x
Přispějete na provoz fóra?