VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Noťas zahrada

https://forum.viry.cz:443/viewtopic.php?t=146507

Stránka 1 z 1

Noťas zahrada

Napsal: 17 říj 2015 18:32
od tuvok07
Zase se sem natáh nějakej spyware. Dělám kontrolu MBAM, pak pošlu log a dávám RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Antonín at 2015-10-17 19:30:09
Microsoft Windows 10 Home
System drive C: has 594 GB (85%) free of 696 GB
Total RAM: 8081 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:16, on 17.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\plugin.exe
C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\plugin.exe
C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\plugin.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Antonín.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-3844823837-2812015920-1861037639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-3844823837-2812015920-1861037639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User '?')
O4 - HKUS\S-1-5-21-3844823837-2812015920-1861037639-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDrive] "C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O4 - HKUS\S-1-5-21-3844823837-2812015920-1861037639-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [Uninstall C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64" (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service Mgr MonarchFind - Unknown owner - C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr MonarchFind - Unknown owner - C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13163 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
dashost.exe {3b626e31-bd81-44cd-bb62fabcb19f4af7}
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe" -r
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe" -hidden
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE

"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
C:\WINDOWS\System32\alg.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
igfxEM.exe
igfxTray.exe
igfxHK.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\WINDOWS\system32\igfxext.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe"
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe"
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\10\plugin.exe"
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\8\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\5\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\2\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\plugin.exe" u
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\plugin.exe"
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\plugin.exe"
"C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\plugin.exe"
"C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe" -ServerName:App.AppXx8xn0rs58sab7mvbtxgdhw97cpm1dzhb.mca

"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
mbamresearch.exe
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=6872
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="6872.0.596506945\833107577" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4276 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.3.538829653\1293113912" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.4.162520257\919987959" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.5.55277048\1823581480" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.7.2033553342\1306839030" /prefetch:673131151
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.9.420176840\1963816818" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.10.947718132\628441142" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=ppapi --channel="6872.11.538239409\1401532272" --ppapi-flash-args --lang=cs --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=9192 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6872.12.1818853832\1337302948" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
"C:\Users\Antonín\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08 789760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08 574208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08 789760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08 574208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-04 3944136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-16 405584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28 57981568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Antonín\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2015-09-04 433160]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-27 1861640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-17 19:30:09 ----D---- C:\rsit
2015-10-17 19:30:09 ----D---- C:\Program Files\trend micro
2015-10-17 19:22:32 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-10-17 19:22:15 ----D---- C:\ProgramData\Malwarebytes
2015-10-17 19:22:15 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-17 19:22:15 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-10-17 19:22:15 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-10-17 19:22:15 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-10-17 17:28:16 ----D---- C:\WINDOWS\LastGood.Tmp
2015-10-17 17:27:22 ----A---- C:\WINDOWS\SYSWOW64\IntelOpenCL32.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\SYSWOW64\IntelCpHeciSvc.exe
2015-10-17 17:27:22 ----A---- C:\WINDOWS\SYSWOW64\Intel_OpenCL_ICD32.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\iglhsip32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\iglhcp32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\igfxexps32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\igfxcmrt32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\igfxcmjit32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\SYSWOW64\igfx11cmrt32.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\iglhsip64.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\iglhcp64.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxOSP.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxEMLib.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDTCM.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDILib.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDHLib.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\SYSWOW64\igdrcl32.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\SYSWOW64\igdmd32.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\system32\igdumdim64.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\system32\igdrcl64.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\system32\igdmd64.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\igdfcl32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\igdde32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\igdbcl32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\igdail32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\igdfcl64.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\igdde64.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\igdbcl64.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\igdail64.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\ig7icd64.dll
2015-10-17 17:27:18 ----A---- C:\WINDOWS\SYSWOW64\ig7icd32.dll
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\GfxUIEx.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\difx64.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-17 17:27:18 ----A---- C:\WINDOWS\system32\CustomModeApp.exe
2015-10-17 12:58:51 ----HD---- C:\OneDriveTemp
2015-10-15 03:36:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-14 16:29:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-14 16:29:23 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 16:29:21 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-14 16:29:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-14 16:29:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-14 16:29:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-14 16:29:12 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-14 16:29:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-14 16:29:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-14 16:29:08 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-14 16:29:07 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-14 16:29:07 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-14 16:29:05 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-14 16:29:04 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 16:29:03 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-14 16:29:02 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-14 16:29:02 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-14 16:29:00 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-14 16:28:58 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-14 16:28:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-14 16:28:56 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-14 16:28:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-14 16:28:53 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-14 16:28:52 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-10-14 16:28:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-14 16:28:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-14 16:28:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-14 16:28:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-14 16:28:50 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 16:28:48 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-14 16:28:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-14 16:28:46 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-14 16:28:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-14 16:28:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-14 16:28:42 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-14 16:28:41 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-14 16:28:41 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-14 16:28:40 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-10-14 16:28:40 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-14 16:28:40 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-14 16:28:39 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-14 16:28:39 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-14 16:28:39 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-14 16:28:38 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-14 16:28:38 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-14 16:28:38 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-14 16:28:38 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-14 16:28:37 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-14 16:28:37 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-14 16:28:37 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-14 16:28:36 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-14 16:28:36 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 16:28:36 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-14 16:28:36 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-14 16:28:36 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-14 16:28:35 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-14 16:28:35 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-14 16:28:35 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-10-14 16:28:35 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-14 16:28:34 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 16:28:33 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-14 16:28:33 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-14 16:28:33 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-14 16:28:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 16:28:31 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-14 16:28:31 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-14 16:28:31 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-14 16:28:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-14 16:28:30 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-14 16:28:30 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-10-14 16:28:30 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-14 16:28:30 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-14 16:28:29 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-14 16:28:29 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-14 16:28:29 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-14 16:28:29 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-14 16:28:28 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-14 16:28:28 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-14 16:28:28 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-14 16:28:27 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-14 16:28:27 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-14 16:28:27 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-14 16:28:27 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-14 16:28:26 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-14 16:28:26 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-14 16:28:25 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-14 16:28:24 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-14 16:28:24 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-14 16:28:23 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-14 16:28:23 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-14 16:28:23 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-14 16:28:22 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-14 16:28:22 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-14 16:28:22 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-14 16:28:22 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-14 16:28:22 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-14 16:28:21 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-14 16:28:21 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-14 16:28:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-14 16:28:21 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-14 16:28:21 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-14 16:28:20 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-14 16:28:20 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-14 16:28:20 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-14 16:28:20 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-14 16:28:20 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-14 16:28:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:28:19 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-10-14 16:28:19 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-10-14 16:28:18 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-14 16:28:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-14 16:28:18 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-14 16:28:17 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-14 16:28:17 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-14 16:28:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-14 16:28:16 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-14 16:28:16 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-14 16:28:16 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:28:15 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-14 16:28:15 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-14 16:28:15 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-14 16:28:15 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-14 16:28:15 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-14 16:28:15 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-14 16:28:14 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 16:28:14 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-14 16:28:14 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-14 16:28:14 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-10-14 16:28:13 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-14 16:28:13 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-14 16:28:13 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-14 16:28:12 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-14 16:28:12 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-14 16:28:11 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-14 16:28:11 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-14 16:28:11 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-14 16:28:10 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-14 16:28:09 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-14 16:28:09 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-14 16:28:09 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-14 16:28:09 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-14 16:28:08 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-14 16:28:08 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-14 16:28:08 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-14 16:28:08 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-14 16:28:07 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-14 16:28:06 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-14 16:28:05 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-14 16:28:05 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-14 16:28:05 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-14 16:28:05 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-14 16:28:05 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-14 16:28:04 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-14 16:28:04 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-14 16:28:03 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-14 16:28:03 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-14 16:28:03 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-14 16:28:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-14 16:28:02 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-14 16:28:02 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-14 16:28:02 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-14 16:28:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-14 16:28:01 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-14 16:28:01 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-14 16:28:00 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-14 16:27:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-14 16:27:59 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 16:27:58 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-14 16:27:57 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-14 16:27:57 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-14 16:27:57 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-14 16:27:56 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-14 16:27:56 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-14 16:27:56 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-14 16:27:56 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-14 16:27:55 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-14 16:27:51 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-14 16:27:51 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-14 16:27:51 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-14 16:27:51 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-14 16:27:51 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-14 16:27:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-14 16:27:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-14 16:27:50 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-14 16:27:49 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-14 16:27:49 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-14 16:27:49 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-10-14 16:03:44 ----D---- C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-14 16:03:44 ----D---- C:\Program Files (x86)\Monarch Find

======List of files/folders modified in the last 1 month======

2015-10-17 19:30:09 ----RD---- C:\Program Files
2015-10-17 19:26:29 ----D---- C:\Users\Antonín\AppData\Roaming\Skype
2015-10-17 19:24:40 ----D---- C:\ProgramData\Kaspersky Lab
2015-10-17 19:23:09 ----D---- C:\WINDOWS\Prefetch
2015-10-17 19:22:33 ----D---- C:\WINDOWS\Temp
2015-10-17 19:22:32 ----D---- C:\WINDOWS\system32\drivers
2015-10-17 19:22:15 ----RD---- C:\Program Files (x86)
2015-10-17 19:22:15 ----HD---- C:\ProgramData
2015-10-17 19:14:56 ----D---- C:\WINDOWS\System32
2015-10-17 18:34:01 ----D---- C:\WINDOWS\system32\sru
2015-10-17 18:23:53 ----D---- C:\WINDOWS\system32\config
2015-10-17 17:39:54 ----D---- C:\WINDOWS\INF
2015-10-17 17:39:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-17 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-10-17 17:33:57 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-17 17:33:03 ----SHD---- C:\System Volume Information
2015-10-17 17:32:49 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-10-17 17:32:49 ----D---- C:\WINDOWS\system32\NV
2015-10-17 17:32:23 ----D---- C:\WINDOWS\SysWOW64
2015-10-17 17:32:09 ----D---- C:\Windows
2015-10-17 17:29:07 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-17 17:29:07 ----D---- C:\WINDOWS\system32\CatRoot
2015-10-17 17:27:22 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2015-10-17 17:27:22 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxTray.exe
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxLHM.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxHK.exe
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxext.exe
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxexps.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxEM.exe
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDI.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxDH.dll
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igfxCUIService.exe
2015-10-17 17:27:21 ----A---- C:\WINDOWS\system32\igdusc64.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\SYSWOW64\igdusc32.dll
2015-10-17 17:27:20 ----A---- C:\WINDOWS\SYSWOW64\igdumdim32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\igd10iumd32.dll
2015-10-17 17:27:19 ----A---- C:\WINDOWS\system32\igd10iumd64.dll
2015-10-17 13:28:51 ----D---- C:\WINDOWS\WinSxS
2015-10-17 13:25:19 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-17 13:07:53 ----D---- C:\WINDOWS\AppReadiness
2015-10-17 13:02:14 ----HD---- C:\Program Files\WindowsApps
2015-10-15 15:41:17 ----D---- C:\WINDOWS\CbsTemp
2015-10-15 15:41:10 ----D---- C:\WINDOWS\system32\MRT
2015-10-15 15:37:38 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-15 10:07:39 ----D---- C:\WINDOWS\rescache
2015-10-15 03:31:22 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-15 03:31:22 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-15 03:31:17 ----SD---- C:\WINDOWS\system32\F12
2015-10-15 03:31:17 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-15 03:31:17 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-15 03:31:17 ----D---- C:\WINDOWS\system32\migration
2015-10-15 03:31:17 ----D---- C:\WINDOWS\system32\Boot
2015-10-15 03:31:17 ----D---- C:\WINDOWS\system32\appraiser
2015-10-15 03:31:15 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-15 03:31:15 ----D---- C:\WINDOWS\Provisioning
2015-10-15 03:31:14 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-15 03:31:14 ----D---- C:\WINDOWS\L2Schemas
2015-10-15 03:31:14 ----D---- C:\WINDOWS\AppPatch
2015-10-14 18:43:00 ----SHD---- C:\WINDOWS\Installer
2015-10-14 18:43:00 ----D---- C:\ProgramData\Microsoft Help
2015-10-14 16:19:11 ----D---- C:\WINDOWS\system32\catroot2
2015-10-14 16:05:52 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-10-14 16:03:45 ----D---- C:\Program Files (x86)\Common Files
2015-10-14 16:03:23 ----D---- C:\Users\Antonín\AppData\Roaming\RHEng
2015-10-14 16:03:23 ----D---- C:\ProgramData\DivX
2015-10-14 16:03:23 ----D---- C:\Program Files (x86)\DivX
2015-10-12 13:59:57 ----D---- C:\ProgramData\Skype
2015-10-03 15:57:41 ----D---- C:\Program Files (x86)\Opera
2015-10-03 15:57:39 ----D---- C:\WINDOWS\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-07-13 31560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2015-06-27 70512]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\system32\DRIVERS\klhk.sys [2015-07-04 227000]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2015-06-30 937656]
R1 KLIM6;@oem20.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2015-06-11 39608]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2015-10-03 41352]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2015-06-26 78008]
R1 Klwtp;Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2015-06-16 102584]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R2 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2015-06-06 68280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@oem0.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2013-05-17 3847168]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2015-10-03 99560]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-10-17 3797424]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 IntcDAud;@oem47.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 k57nd60a;@oem45.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-10-07 469192]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2015-06-30 171192]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2015-06-06 41656]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 LMDriver;@oem16.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-01-10 21360]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-10-17 192216]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-13 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 RadioShim;@oem16.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-01-10 15704]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-04 42696]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-06-04 613576]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2012-05-26 168608]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-30 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-07-30 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S4 klkbdflt2;Kaspersky Lab KlKbdFlt2; C:\WINDOWS\system32\DRIVERS\klkbdflt2.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [2015-07-30 194000]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-27 2615368]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-10-17 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-14 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-14 279000]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-06-18 431656]
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Service Mgr MonarchFind;Service Mgr MonarchFind; C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe [2015-10-17 1048808]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-04 249032]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-10-17 291744]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-16 662088]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-05-01 470056]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-04-24 625640]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-01-28 4230016]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-30 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

Re: Noťas zahrada

Napsal: 18 říj 2015 11:16
od altrok
Ahoj,

primarne se jedna o C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
ale je zapsanej i jinde a spusteni si zajistuje pomoci sluzby. Koukneme mu na zoubek. Zacneme AdwCleanerem. Mas ho tam mimochodem od 14. rijna.

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Noťas zahrada

Napsal: 18 říj 2015 13:52
od tuvok07
On ho vykopal MBAM
šikula ADWCleaner ale našel ještě něco.
# AdwCleaner v5.013 - Logfile created 18/10/2015 at 10:03:18
# Updated 09/10/2015 by Xplode
# Database : 2015-10-18.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Antonín - DEDEK
# Running from : C:\Users\Antonín\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Antonín\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Antonín\AppData\Roaming\RHEng

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[!] Key Not Deleted : [x64] HKCU\Software\Pokki
[!] Key Not Deleted : [x64] HKCU\Software\systweak

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1409 bytes] ##########



Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17.10.2015
Čas skenování: 19:22
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.17.04
Databáze rootkitů: v2015.10.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Antonín

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 391965
Uplynulý čas: 25 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 12
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe, 1944, Smazat při restartu, [2bdd10486f1c52e49cfbb7caf30e22de]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe, 2916, Smazat při restartu, [fd0b7eda523973c3791e483912ef50b0]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\10\Plugin.exe, 6552, Smazat při restartu, [0efa2e2a0685bb7b385f0a777a87b848]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\8\Plugin.exe, 2044, Smazat při restartu, [42c63a1ef2992d09237428597c852cd4]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\5\Plugin.exe, 8200, Smazat při restartu, [62a64a0e15765fd776217d0431d05ba5]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\Plugin.exe, 4820, Smazat při restartu, [d92f8fc90586f73f6b2ce79ab54c34cc]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\Plugin.exe, 3352, Smazat při restartu, [d92f8fc90586f73f6b2ce79ab54c34cc]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\Plugin.exe, 1176, Smazat při restartu, [d533b2a6dfac72c45e397110d72a669a]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\Plugin.exe, 3952, Smazat při restartu, [d533b2a6dfac72c45e397110d72a669a]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\2\Plugin.exe, 7376, Smazat při restartu, [8583aaae5734bc7aa0f7e899d22fad53]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\Plugin.exe, 8668, Smazat při restartu, [16f24b0dbad1e3536a2d10717d84eb15]
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\Plugin.exe, 4000, Smazat při restartu, [16f24b0dbad1e3536a2d10717d84eb15]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 8
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr MonarchFind, Do karantény, [2bdd10486f1c52e49cfbb7caf30e22de],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr MonarchFind, Do karantény, [fd0b7eda523973c3791e483912ef50b0],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Do karantény, [d3354f09d7b44beb9f9fa3605ba7629e],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Do karantény, [d3354f09d7b44beb9f9fa3605ba7629e],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Do karantény, [67a15206d3b82d09fe44f0137f83eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Do karantény, [67a15206d3b82d09fe44f0137f83eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Monarch Find, Do karantény, [64a4d187c7c43ff7a8ef126f808101ff],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MonarchFind, Do karantény, [d92f1d3bd6b5a4922ee3f08ac33f7f81],

Hodnoty registru: 2
PUP.Optional.PluginContainer, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr MonarchFind|ImagePath, "C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe", Do karantény, [8088114713785fd7eea4701a956ef010]
PUP.Optional.Updater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr MonarchFind|ImagePath, "C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe", Do karantény, [38d08ace96f537ff8e9dccd12dd6d828]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 20
PUP.Optional.BrowseFox, C:\Program Files (x86)\Monarch Find, Do karantény, [23e5ff592b60a98ddd15433405fddb25],
PUP.Optional.BrowseFox, C:\Program Files (x86)\Monarch Find\Extensions, Do karantény, [23e5ff592b60a98ddd15433405fddb25],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer, Do karantény, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\10, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\resources, Do karantény, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\2, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\5, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\resources, Do karantény, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\8, Smazat při restartu, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b, Smazat při restartu, [fa0e5008a1eadf57967a7206847ee41c],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater, Do karantény, [fa0e5008a1eadf57967a7206847ee41c],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\databases\http_charmsavings.com_0, Do karantény, [e325de7a4f3c162094df56227e848b75],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo\1.0.5764.33918_0, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],

Soubory: 45
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe, Smazat při restartu, [2bdd10486f1c52e49cfbb7caf30e22de],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe, Smazat při restartu, [fd0b7eda523973c3791e483912ef50b0],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\10\Plugin.exe, Smazat při restartu, [0efa2e2a0685bb7b385f0a777a87b848],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\8\Plugin.exe, Smazat při restartu, [42c63a1ef2992d09237428597c852cd4],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\5\Plugin.exe, Smazat při restartu, [62a64a0e15765fd776217d0431d05ba5],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\Plugin.exe, Smazat při restartu, [d92f8fc90586f73f6b2ce79ab54c34cc],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\Plugin.exe, Smazat při restartu, [d533b2a6dfac72c45e397110d72a669a],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\2\Plugin.exe, Smazat při restartu, [8583aaae5734bc7aa0f7e899d22fad53],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\Plugin.exe, Smazat při restartu, [16f24b0dbad1e3536a2d10717d84eb15],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{F31D9411-FC61-4B5E-8CB8-6744F90311E9}.dll, Smazat při restartu, [a1678bcdd4b7c3737f186d1451b04eb2],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\resources\plugin.dll, Do karantény, [b058eb6ddbb0bc7a0196ccb5ff0222de],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\resources\38.0.5.dll, Do karantény, [8583db7d6f1c3bfb197e344dbd4451af],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\resources\39.0.0.dll, Do karantény, [a5638acefc8fdf57aaedfc852ed3639d],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\resources\40.0.0.dll, Do karantény, [9771c692fa9148ee00971b661ae73ec2],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\RHEng\37304C5EB3404454A62396D4D0F94692\setup.exe, Do karantény, [aa5e82d6f299f93d4552afd28f728c74],
PUP.Optional.Yontoo, C:\Program Files (x86)\Monarch Find\Uninstaller.exe, Do karantény, [64a4d187c7c43ff7a8ef126f808101ff],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{03E80480-D8DD-4D0F-BDE0-A16D325D4169}.dll, Do karantény, [3acefd5b6d1e50e68b0c1b66847d37c9],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{3187C78F-A101-4060-87CE-2350917ECC9B}.dll, Do karantény, [4eba6fe9d3b81b1b3f584b364fb2956b],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{560530E2-C90B-4DEA-BA14-E4E8A013A3CB}.dll, Do karantény, [c741de7a5239a690dbbc7a078879a759],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{6B0B2102-0763-455A-92FF-26A4CAE55166}.dll, Do karantény, [94749dbb038847ef7720790853ae9b65],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{824BF037-C336-4CAF-BAF1-A3253990ACD5}.dll, Do karantény, [5dab5efa107bd0662d6af48d8e7302fe],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{9B77A3FB-AD49-4AD6-A552-F129C43E45C5}.dll, Do karantény, [996fe6720586c47285127110e51c7b85],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{AFB139B8-B4E5-4411-A3C8-3198F33D2BEE}.dll, Do karantény, [d434ff5985062b0bf3a4f190000102fe],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{BBD7E5A7-1582-40C8-B3A0-45C943C125BF}.dll, Do karantény, [0afeb99f2368979f2b6c4041ae53f40c],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{D16CE4E9-FCB2-4BAA-9409-85D9750FE2C7}.dll, Do karantény, [96723721ee9dd4626235acd556abd12f],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{DFE0848F-48BA-40FA-935D-4BB67FC9667F}.dll, Do karantény, [33d54e0a4c3f67cf8b0cb0d145bcfc04],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Local\Temp\{F3094D05-A2E7-40F2-9536-E966C4674D83}.dll, Do karantény, [53b552065635d85eedaab3ce877a25db],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_charmsavings.com_0.localstorage, Do karantény, [1aee342498f344f2e6a89f10a45f24dc],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_charmsavings.com_0.localstorage-journal, Do karantény, [50b881d7e6a5bd797f0f179805fe23dd],
PUP.Optional.KingTopDeals, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, Do karantény, [bb4dc7914f3ce452e8b0cde25da6a15f],
PUP.Optional.KingTopDeals, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, Do karantény, [9a6eb1a71d6ef046d8c0139ca65d966a],
PUP.Optional.BrowseFox, C:\Program Files (x86)\Monarch Find\7za.exe, Do karantény, [23e5ff592b60a98ddd15433405fddb25],
PUP.Optional.BrowseFox, C:\Program Files (x86)\Monarch Find\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo.crx, Do karantény, [23e5ff592b60a98ddd15433405fddb25],
PUP.Optional.Yontoo, C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\temp, Do karantény, [1fe93b1dbbd0f541967996e2778b718f],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\databases\http_charmsavings.com_0\68, Do karantény, [e325de7a4f3c162094df56227e848b75],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.CharmSavings, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, Do karantény, [e7213d1b92f92214205494e4877b966a],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo\1.0.5764.33918_0\manifest.json, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo\1.0.5764.33918_0\background.js, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo\1.0.5764.33918_0\content.js, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],
PUP.Optional.Yontoo, C:\Users\Antonín\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgleijdgmcafmjljnggmkkiddmgkibpo\1.0.5764.33918_0\icon.png, Do karantény, [e1279cbcf49737ff3bb28fe0cc380af6],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Zeptám se táty co tu vyváděl 14.

Re: Noťas zahrada

Napsal: 18 říj 2015 19:17
od altrok
Bezne clovek nevi, co na PC delal predevcirem, ale zkus se ho zeptat :D


Dej logy z FRST - FRST.txt i Addition.txt

Re: Noťas zahrada

Napsal: 19 říj 2015 11:24
od tuvok07
Já už u toho PC bohužel nejsem, nejsem už na chatě - můžu to zkusit hodit příští víkend až.

Re: Noťas zahrada

Napsal: 19 říj 2015 11:24
od tuvok07
Já už u toho PC bohužel nejsem, nejsem už na chatě - můžu to zkusit hodit příští víkend až.

Re: Noťas zahrada

Napsal: 19 říj 2015 11:28
od altrok
Nic se nedeje, vypada to, ze MBAM vetsinu (ne-li vsechno) smazal, ale chci se jeste ujistit. Jak budes pri PC, ozvi se :)

Re: Noťas zahrada

Napsal: 19 říj 2015 13:37
od tuvok07
Já dělal i testík Kašperským :) Uvidíme. Hned jak na tom PC budu vlítnu na to :) Pro jistotu teď udělám prověrku i doma. Táta tvrdí, že jediný co se dělalo byla aktualizace DivX.

Re: Noťas zahrada

Napsal: 24 říj 2015 13:02
od tuvok07
Trošku jsem neodhad dobu a vlít do toho Kašperák
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-10-2015
Ran by Antonín (administrator) on DEDEK (24-10-2015 13:58:58)
Running from C:\Users\Antonín\Desktop
Loaded Profiles: Antonín (Available Profiles: UpdatusUser & Antonín)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe
(forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [433160 2015-09-04] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3844823837-2812015920-1861037639-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-28] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{979868f7-af49-4b99-b9ee-9ef0166fcc8f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a58ef09f-3e5c-4b7f-bf0a-1fa6b73f4ed4}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3844823837-2812015920-1861037639-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-3844823837-2812015920-1861037639-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-19] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-24]
CHR Extension: (Disk Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-24]
CHR Extension: (YouTube) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-24]
CHR Extension: (avast! Online Security) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-24]
CHR Extension: (Peněženka Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-24]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-07-30] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-04] (Synaptics Incorporated)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-19] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-19] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [925064 2015-10-19] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-03] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-19] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-04] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-24 13:58 - 2015-10-24 13:59 - 00016384 _____ C:\Users\Antonín\Desktop\FRST.txt
2015-10-24 13:58 - 2015-10-24 13:59 - 00000000 ____D C:\FRST
2015-10-24 13:57 - 2015-10-24 13:58 - 00112640 _____ (forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe
2015-10-24 13:56 - 2015-10-24 13:56 - 02196480 _____ (Farbar) C:\Users\Antonín\Desktop\FRST64.exe
2015-10-24 13:53 - 2015-10-24 13:53 - 00000000 ___HD C:\OneDriveTemp
2015-10-24 13:52 - 2015-10-24 13:52 - 00016148 _____ C:\WINDOWS\system32\DEDEK_Antonín_HistoryPrediction.bin
2015-10-23 09:00 - 2015-10-23 09:00 - 01556480 _____ C:\WINDOWS\isRS-000.tmp
2015-10-18 18:52 - 2015-10-18 18:52 - 00823296 _____ C:\Users\Antonín\Downloads\sranda_2.pps
2015-10-18 14:51 - 2015-10-18 14:51 - 00015067 _____ C:\Users\Antonín\Documents\mbam.txt
2015-10-18 10:02 - 2015-10-18 10:11 - 00000000 ____D C:\AdwCleaner
2015-10-17 19:30 - 2015-10-17 19:30 - 00000000 ____D C:\rsit
2015-10-17 19:30 - 2015-10-17 19:30 - 00000000 ____D C:\Program Files\trend micro
2015-10-17 19:22 - 2015-10-18 14:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-17 19:22 - 2015-10-17 19:22 - 00001179 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-17 19:22 - 2015-10-17 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-17 19:22 - 2015-10-17 19:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-17 19:22 - 2015-10-17 19:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-17 19:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-17 19:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-17 19:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-17 17:27 - 2015-10-17 17:27 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-17 17:27 - 2015-10-17 17:27 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-17 17:27 - 2015-10-17 17:27 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-17 17:27 - 2015-10-17 17:27 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-17 17:27 - 2015-10-17 17:27 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-17 17:27 - 2015-10-17 17:27 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-15 03:36 - 2015-10-16 05:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 03:36 - 2015-10-16 05:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 03:36 - 2015-10-15 03:36 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-14 16:29 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-14 16:29 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-14 16:29 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 16:29 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 16:29 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 16:29 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 16:29 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 16:29 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 16:29 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 16:29 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 16:29 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 16:29 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 16:29 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 16:29 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-14 16:29 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-14 16:29 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-14 16:29 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-14 16:29 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-14 16:28 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 16:28 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 16:28 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 16:28 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 16:28 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 16:28 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 16:28 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 16:28 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 16:28 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 16:28 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 16:28 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 16:28 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 16:28 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 16:28 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 16:28 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 16:28 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 16:28 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:28 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-14 16:28 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 16:28 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 16:28 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 16:28 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 16:28 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 16:28 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 16:28 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 16:28 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 16:28 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 16:28 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 16:28 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 16:28 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 16:28 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 16:28 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 16:28 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:28 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 16:28 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 16:28 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 16:28 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 16:28 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 16:28 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 16:28 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 16:28 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 16:28 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-14 16:28 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-14 16:28 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-14 16:28 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-14 16:28 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-14 16:28 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-14 16:28 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-14 16:28 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-14 16:28 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-14 16:28 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-14 16:28 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-14 16:28 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-14 16:28 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-14 16:28 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-14 16:28 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-14 16:28 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-14 16:28 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-14 16:28 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-14 16:28 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-14 16:28 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-14 16:28 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-14 16:28 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-14 16:28 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-14 16:28 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-14 16:28 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-14 16:28 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-14 16:28 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-14 16:28 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-14 16:28 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-14 16:28 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-14 16:28 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-14 16:28 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-14 16:28 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-14 16:28 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-14 16:28 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-14 16:28 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-14 16:28 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-14 16:28 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-14 16:28 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-14 16:28 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-14 16:28 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-14 16:28 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-14 16:28 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-14 16:28 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-14 16:28 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-14 16:28 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-14 16:28 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-14 16:28 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-14 16:28 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-14 16:28 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-14 16:28 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-14 16:28 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-14 16:28 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-14 16:28 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-14 16:28 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-14 16:28 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-14 16:28 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-14 16:28 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-14 16:28 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-14 16:28 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-14 16:28 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-14 16:28 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-14 16:28 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-14 16:28 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-14 16:28 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-14 16:28 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-14 16:28 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-14 16:28 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-14 16:28 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-14 16:28 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-14 16:28 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-14 16:28 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-14 16:28 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-14 16:28 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-14 16:28 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-14 16:28 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-14 16:28 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-14 16:28 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-14 16:28 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-14 16:28 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-14 16:28 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-14 16:28 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-14 16:28 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-14 16:28 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-14 16:28 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-14 16:28 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-14 16:28 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-14 16:28 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-14 16:28 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-14 16:28 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-14 16:28 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-14 16:28 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-14 16:28 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-14 16:28 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-14 16:28 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-14 16:28 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-14 16:28 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-14 16:28 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-14 16:28 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-14 16:28 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-14 16:28 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-14 16:28 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-14 16:28 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-14 16:28 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-14 16:28 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-14 16:28 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-14 16:28 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-14 16:28 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-14 16:28 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-14 16:28 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-14 16:27 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 16:27 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 16:27 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 16:27 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 16:27 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 16:27 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 16:27 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-14 16:27 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-14 16:27 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-14 16:27 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-14 16:27 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-14 16:27 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-14 16:27 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-14 16:27 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-14 16:27 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-14 16:27 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-14 16:27 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-14 16:27 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-14 16:27 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-14 16:27 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-14 16:27 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-14 16:27 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-14 16:27 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-14 16:27 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-14 16:27 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-14 16:27 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-14 16:27 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-14 16:27 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-14 16:27 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-14 16:27 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-14 16:27 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-14 16:27 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-14 16:27 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-14 16:27 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-24 13:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-24 13:56 - 2014-09-27 15:31 - 00004050 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87323433-42E2-4069-B8DE-C3EB7D72E8BD}
2015-10-24 13:55 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-24 13:54 - 2015-07-15 18:34 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-24 13:54 - 2015-04-08 14:25 - 00000000 ____D C:\Users\Antonín\AppData\Roaming\Skype
2015-10-24 13:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-24 13:53 - 2014-09-25 14:15 - 00000000 ___DO C:\Users\Antonín\OneDrive
2015-10-24 13:52 - 2015-07-30 16:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-24 13:52 - 2014-09-25 09:18 - 00000434 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-10-23 16:50 - 2015-07-15 18:34 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-23 16:06 - 2014-09-24 16:42 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-23 09:00 - 2015-08-20 10:44 - 00001230 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-10-23 09:00 - 2015-08-20 10:44 - 00001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-10-23 09:00 - 2015-08-20 10:44 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2015-10-23 04:20 - 2015-07-30 10:41 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-23 04:20 - 2015-07-10 18:02 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-23 04:20 - 2015-07-10 18:02 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-23 04:16 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-23 04:15 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-22 15:55 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-19 11:37 - 2015-07-30 16:52 - 00925064 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2015-10-19 11:37 - 2015-07-30 16:52 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2015-10-19 11:37 - 2015-07-30 16:52 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2015-10-19 11:37 - 2015-06-26 23:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2015-10-18 18:45 - 2015-07-31 11:09 - 00000000 ____D C:\Users\Antonín\AppData\Local\Deployment
2015-10-18 10:04 - 2015-07-30 10:10 - 00035778 _____ C:\WINDOWS\PFRO.log
2015-10-17 19:49 - 2015-08-13 16:04 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-17 19:49 - 2015-07-30 10:20 - 00000000 ____D C:\Users\Antonín
2015-10-17 17:33 - 2014-09-25 14:12 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-17 17:32 - 2015-07-30 10:16 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-10-17 17:32 - 2015-07-30 10:16 - 00000000 ____D C:\WINDOWS\system32\NV
2015-10-17 17:29 - 2015-07-10 14:20 - 00020849 _____ C:\WINDOWS\setupact.log
2015-10-17 17:27 - 2015-07-30 10:15 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-17 17:27 - 2015-07-30 10:15 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-17 17:27 - 2015-07-11 00:51 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-17 17:27 - 2015-07-11 00:51 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-17 17:27 - 2015-07-11 00:51 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-17 17:27 - 2015-07-11 00:51 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-17 17:27 - 2015-07-11 00:51 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-17 17:27 - 2015-07-11 00:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-17 17:27 - 2015-07-11 00:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-17 17:27 - 2015-07-11 00:49 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-17 17:27 - 2015-07-11 00:49 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-17 17:27 - 2015-07-11 00:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-17 17:27 - 2015-07-11 00:49 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-17 17:27 - 2015-07-11 00:49 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-17 17:27 - 2015-07-11 00:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-17 17:27 - 2015-07-11 00:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-17 17:27 - 2015-07-11 00:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-15 15:41 - 2014-09-24 15:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 15:37 - 2014-09-24 15:43 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-15 15:15 - 2014-09-28 17:53 - 00090808 _____ C:\Users\Antonín\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-15 10:07 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-15 03:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-14 18:43 - 2014-09-24 18:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 16:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-10-14 16:03 - 2014-09-29 14:31 - 00001518 _____ C:\Users\Antonín\Desktop\DivX Movies.lnk
2015-10-14 16:03 - 2014-09-29 14:30 - 00000000 ____D C:\Program Files (x86)\DivX
2015-10-14 16:03 - 2014-09-29 14:29 - 00000000 ____D C:\ProgramData\DivX
2015-10-14 16:02 - 2014-09-29 14:31 - 00001168 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2015-10-14 16:02 - 2014-09-29 14:31 - 00001143 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-10-14 16:02 - 2014-09-29 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-10-12 13:59 - 2015-04-08 14:24 - 00000000 ____D C:\ProgramData\Skype
2015-10-07 17:20 - 2013-04-20 00:23 - 00469192 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\k57nd60a.sys
2015-10-03 17:01 - 2013-06-12 00:31 - 00099560 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bScsiSDa.sys
2015-10-03 16:11 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-03 16:10 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2015-10-03 15:57 - 2015-08-20 10:50 - 00003934 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1411569524
2015-10-03 15:57 - 2014-09-24 16:38 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-03 15:57 - 2014-09-24 16:38 - 00000000 ____D C:\Program Files (x86)\Opera

==================== Files in the root of some directories =======

2014-09-29 14:53 - 2015-01-07 16:42 - 0003584 _____ () C:\Users\Antonín\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-30 10:17 - 2015-07-30 10:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Antonín\AppData\Local\Temp\DivXSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Anton�n\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Noťas zahrada

Napsal: 24 říj 2015 13:03
od tuvok07
snad to stih dodělat, myslím, že jo
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-10-2015
Ran by Antonín (2015-10-24 14:00:29)
Running from C:\Users\Antonín\Desktop
Windows 10 Home (X64) (2015-07-30 08:52:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3844823837-2812015920-1861037639-500 - Administrator - Disabled)
Antonín (S-1-5-21-3844823837-2812015920-1861037639-1002 - Administrator - Enabled) => C:\Users\Antonín
DefaultAccount (S-1-5-21-3844823837-2812015920-1861037639-503 - Limited - Disabled)
Guest (S-1-5-21-3844823837-2812015920-1861037639-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3844823837-2812015920-1861037639-1006 - Limited - Enabled)
UpdatusUser (S-1-5-21-3844823837-2812015920-1861037639-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.6 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.4 - Broadcom Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.75.0.2014 - Georgy Berdyshev)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
FREE EML File Viewer version v2.0 (HKLM-x32\...\{6B16A616-C931-4D4B-B1C5-E04F2D4DDD63}_is1) (Version: v2.0 - www.freeviewer.org)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
NVIDIA Ovladače grafiky 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Ovládací panel NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.57 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
Zoner Photo Studio 10 (HKLM-x32\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3844823837-2812015920-1861037639-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

03-10-2015 17:02:46 Windows Update
07-10-2015 17:19:51 Windows Update
14-10-2015 18:39:02 Windows Update
22-10-2015 15:54:03 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11262133-5F2A-45E5-98AE-ECC41C1B5AD3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {16D801D4-BA5C-4C09-8DAA-C16D4A2B9DED} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1F1554FD-D2BA-41F8-B342-DF0B7E45C75F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {20B9342D-6972-4A40-AB43-C0781E7A4B21} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-16] (Acer Incorporated)
Task: {3E366F95-635A-4226-ABD1-0217BA5D34E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {55F63E26-216D-4C67-A31F-78AEA81C29AB} - System32\Tasks\Opera scheduled Autoupdate 1411569524 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {560CBBD2-C765-4837-9659-3870F4FEFC17} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5A14BDB2-1AC7-4A18-859C-705D24778E72} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {61874A8E-0F13-4804-B8BC-6D06F0A3F3D5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7102717A-B900-4271-8C2C-AF3A11DA13B1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74963D3E-9EE8-491E-954F-50706D977CDF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9E98D75E-1A21-4642-A193-D46350692283} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {A3967B3E-0E7A-4A9A-9AF9-6258EF725815} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BD7990ED-ADF1-4005-9830-796072642F05} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CDD5A003-B6BB-4C6C-A091-36C52347AB4F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D044777D-DA63-4E71-B71B-94280AFBBFFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3E26802-CE08-42E3-A91A-013E419331E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E97044E3-E315-498C-93AE-6B612C569164} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {EEFB2B76-5C7C-44C7-BE25-5E49FE0C9A0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {F1678285-32F2-4528-9762-B192FE84BDD0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F1A11905-6598-43BD-A89C-E8CF4CF5F986} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {F99FD6E1-0D2B-4E73-9AFE-C0BADFB29EB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {FBE81817-10C7-408B-AA83-0BAC5F9529A9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-18] (Acer Incorporate)
Task: {FCBA067F-F590-4AA9-8CCA-7F4A9AC7D065} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-04] (Synaptics Incorporated)
Task: {FFAE4A41-E3D3-475B-8618-F15B9CC50B5C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-30 11:04 - 2015-07-30 11:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 17:05 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-30 10:16 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 16:28 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-14 16:28 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-14 16:29 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-14 16:27 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-14 16:28 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-14 16:28 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-10-26 23:57 - 2013-01-14 20:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-10-03 15:57 - 2015-10-03 15:57 - 59639416 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\opera.dll
2013-10-27 00:31 - 2013-02-21 07:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-10-03 15:57 - 2015-10-03 15:55 - 01881208 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libglesv2.dll
2015-10-03 15:57 - 2015-10-03 15:55 - 00081528 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libegl.dll
2015-10-24 13:57 - 2015-10-24 13:58 - 00112640 _____ () C:\Users\Antonín\Desktop\FRSTLauncher.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

Re: Noťas zahrada

Napsal: 24 říj 2015 16:29
od altrok
Na malware cisto. V tomto pripade stacil AdwCleaner a MBAM.

Pouzite nastroje muzes smazat napr. pomoci DelFixu.

Re: Noťas zahrada

Napsal: 24 říj 2015 16:33
od tuvok07
Hurá :) Dík a můžeš zamknout. Kdyby něco, zase se ozvu.

Re: Noťas zahrada

Napsal: 25 říj 2015 04:09
od altrok
Jasne, kdyztak se ozvi (maily ctu vetsinou do par minut).

Nemas zac.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz