VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=147046

Stránka 1 z 2

Prosím o kontrolu logu

Napsal: 01 pro 2015 17:22
od Deaper21
Dobrý den, poslední dobou mi všechny programy hrozně pomalu najíždějía celkově je pc pomalý (hw to není :D) , prosím o kontrolu logu......btw teď se dívám že v logu je unknown windows...přitom mám win 8.1 nevíte čím by to mohlo být?
Zde log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2015-12-01 17:18:30
Microsoft Windows 8.1 Pro
System drive C: has 441 GB (46%) free of 954 GB
Total RAM: 8068 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:34, on 1. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\muachost.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files\trend micro\Adam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 9846 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {d3fcd813-e011-4b8c-a49810c8d329ef8a}
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000678
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bc89c92b-e464-4df4-9ad6-bd46b5a4c0a8 -SystemEventPortName:HostProcess-9bdf69e8-aa15-4f33-a481-7cdf041bd79d -IoCancelEventPortName:HostProcess-e3c4d136-43ae-4fa9-b0c4-c5d21f655540 -NonStateChangingEventPortName:HostProcess-7639e1b4-9662-4a76-8562-315ac68828a4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:307f4dca-47d0-4b5d-9dcf-7217704ede54 -DeviceGroupId:WpdFsGroup
taskhostex.exe
C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
ClassicStartMenu.exe -startup
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --profile-directory=Default
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="3840.0.953441337\1282246484" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.1.556070291\2072450388" --font-cache-shared-handle=1944 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.2.195457098\793655647" --font-cache-shared-handle=2204 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.3.1964288082\628795631" --font-cache-shared-handle=2408 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.4.1343546526\866242587" --font-cache-shared-handle=2520 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.5.193817733\2110383948" --font-cache-shared-handle=2640 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.6.283302668\116273497" --font-cache-shared-handle=2752 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.7.1459876941\2109151319" --font-cache-shared-handle=2776 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.8.1576352021\1628151683" --font-cache-shared-handle=2664 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.9.976383435\1177807289" --font-cache-shared-handle=3640 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=ppapi --channel="3840.10.736843402\1773351927" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.12.177937029\1936296735" --font-cache-shared-handle=6780 /prefetch:673131151
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.15.113545226\527239878" --font-cache-shared-handle=8416 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.16.1235086960\76839060" --font-cache-shared-handle=6460 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3840.17.727648978\925788673" --font-cache-shared-handle=8172 /prefetch:673131151
"C:\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-04-09 163520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258"=C:\Program Files (x86)\Comodo\Dragon\dragon.exe [2015-11-20 704184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-12-01 803200]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-10-07 11324368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe

C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-26 22:09:48 ----D---- C:\Program Files (x86)\Comodo
2015-11-14 19:29:14 ----SHD---- C:\ProgramData\DSS
2015-11-14 19:17:10 ----D---- C:\Program Files (x86)\Codemasters
2015-11-14 17:57:20 ----HD---- C:\$SysReset
2015-11-14 17:39:56 ----D---- C:\rsit
2015-11-12 19:38:02 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winload.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-11-12 19:37:55 ----A---- C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2015-11-12 19:37:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-12 19:37:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37:47 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37:21 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2015-11-10 15:15:33 ----D---- C:\ProgramData\SecTaskMan
2015-11-10 15:15:31 ----D---- C:\Program Files (x86)\Security Task Manager
2015-11-02 22:31:02 ----A---- C:\WINDOWS\SYSWOW64\muachost.exe
2015-11-02 21:55:18 ----D---- C:\WINDOWS\SYSWOW64\LiveUpdate

======List of files/folders modified in the last 1 month======

2015-12-01 17:18:32 ----D---- C:\Program Files\trend micro
2015-12-01 17:17:17 ----D---- C:\WINDOWS\Temp
2015-12-01 17:17:13 ----D---- C:\Downloads
2015-12-01 17:02:02 ----D---- C:\WINDOWS\system32\sru
2015-12-01 17:01:40 ----RD---- C:\WINDOWS\System32
2015-12-01 17:01:40 ----D---- C:\WINDOWS\Inf
2015-12-01 17:01:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-01 16:51:13 ----D---- C:\WINDOWS
2015-12-01 16:49:38 ----D---- C:\WINDOWS\system32\drivers
2015-11-30 18:16:56 ----D---- C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40:00 ----D---- C:\WINDOWS\Minidump
2015-11-29 18:45:21 ----SHD---- C:\System Volume Information
2015-11-28 14:00:48 ----D---- C:\Users\Adam\AppData\Roaming\vlc
2015-11-27 19:41:40 ----D---- C:\WINDOWS\system32\NDF
2015-11-26 22:31:11 ----D---- C:\WINDOWS\AppReadiness
2015-11-26 22:30:57 ----HD---- C:\Program Files\WindowsApps
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\AIMP3
2015-11-26 22:26:49 ----D---- C:\Program Files (x86)\Steam
2015-11-26 22:25:24 ----D---- C:\WINDOWS\Logs
2015-11-26 22:25:09 ----D---- C:\WINDOWS\system32\Tasks
2015-11-26 22:09:48 ----RD---- C:\Program Files (x86)
2015-11-22 11:15:55 ----SHD---- C:\WINDOWS\Installer
2015-11-22 11:15:12 ----RSD---- C:\WINDOWS\assembly
2015-11-22 10:35:29 ----D---- C:\Hry
2015-11-20 16:55:41 ----D---- C:\Program Files (x86)\Common Files
2015-11-20 16:55:36 ----D---- C:\ProgramData\Skype
2015-11-20 16:54:08 ----D---- C:\Users\Adam\AppData\Roaming\Skype
2015-11-20 16:00:20 ----D---- C:\WINDOWS\system32\config
2015-11-19 18:40:00 ----D---- C:\Soubory
2015-11-15 14:27:39 ----D---- C:\WINDOWS\SysWOW64
2015-11-15 14:08:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-11-15 10:40:26 ----D---- C:\WINDOWS\Tasks
2015-11-14 19:29:14 ----HD---- C:\ProgramData
2015-11-14 19:29:13 ----D---- C:\ProgramData\Codemasters
2015-11-14 17:52:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48:52 ----D---- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06:33 ----D---- C:\Program Files (x86)\Popcorn Time
2015-11-13 19:51:42 ----D---- C:\WINDOWS\debug
2015-11-13 17:02:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-11-13 16:14:57 ----D---- C:\WINDOWS\WinSxS
2015-11-13 16:14:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-11-12 22:42:44 ----RD---- C:\WINDOWS\ToastData
2015-11-12 22:42:43 ----D---- C:\WINDOWS\apppatch
2015-11-12 22:42:37 ----D---- C:\WINDOWS\CbsTemp
2015-11-12 22:36:45 ----D---- C:\WINDOWS\system32\MRT
2015-11-12 22:36:44 ----A---- C:\WINDOWS\system32\MRT.exe
2015-11-12 19:36:58 ----D---- C:\WINDOWS\system32\catroot2
2015-11-08 16:56:19 ----D---- C:\Users\Adam\AppData\Roaming\Install.GS
2015-11-04 17:52:18 ----D---- C:\WINDOWS\system32\FxsTmp
2015-11-03 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-11-02 23:39:15 ----D---- C:\MSI
2015-11-02 22:31:00 ----D---- C:\Program Files (x86)\MSI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-12-01 146696]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-12-01 35488]
R1 JSWPSLWF;@oem2.inf,%AthSec_Desc%;JumpStart Wireless Filter Driver; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [2013-06-28 26624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-12-01 135880]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2015-12-01 73032]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-17 28912]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-16 21622272]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-16 665088]
R3 athur;@oem1.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem39.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 dtlitescsibus;@oem7.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-06-13 30264]
R3 ICCWDT;@oem17.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem11.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 GPU-Z;GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys []
S3 HTCAND64;@oem37.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 HtcVCom32;@oem39.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 pneteth;@oem35.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-05-27 13536]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2015-02-26 350160]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-16 246784]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-12-01 948392]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-12-01 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-12-01 466408]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-12-01 1418560]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2015-11-20 2056376]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2015-10-16 34984]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-09 355232]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-10-07 1779664]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-06-26 28328]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-10-19 339968]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [2013-06-28 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 02 pro 2015 11:16
od Márty84
Zdravim :)
Deaper21 píše:teď se dívám že v logu je unknown windows...přitom mám win 8.1 nevíte čím by to mohlo být?
Je to jen v casti HJT. HJT je starsiho data, nezna 8.1. V hlavicce RSIT je Microsoft Windows 8.1 Pro. Takze nic neobvykleho :-)


:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Re: Prosím o kontrolu logu

Napsal: 02 pro 2015 20:24
od Deaper21
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 Professional [6.2 Build 9200] (x64)
Date : 2015/12/02 20:21:58

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- ST1000DM003-1ER162
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1ER162 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1ER162
----------------------------------------------------------------------------
Model : ST1000DM003-1ER162
Firmware : CC43
Serial Number : S4Y09S4V
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ---- [001Fh]
Transfer Mode : SATA/600
Power On Hours : 3519 hod.
Power On Count : 887 krát
Host Reads : 276695 GB
Host Writes : 10842 GB
Temparature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 120 _99 __6 00000001A110 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000397 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _80 _60 _30 000006EFD06B Počet chybných hledání
09 _96 _96 __0 000000000DBF Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000377 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _76 _64 _45 0000190D0018 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000009 Počet vypnutí disku
C1 _97 _97 __0 00000000182F Počet cyklů načítání/vymazání
C2 _24 _40 __0 000B00000018 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 BFAB00000DB6 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00054B5480A1 Total LBAs Written
F2 100 253 __0 00871AFE375E Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5334 5334 5930 3953 3456
020: 0000 0000 0004 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4001 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 5110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0080
070: 0000 0000 0000 0000 0000 850E 850E 0006 00CC 0040
080: 03F0 001F 346B 7D69 4163 BC49 BC49 4163 207F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 C500
110: 750F 2428 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 05FF 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 1085 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BDA5

Re: Prosím o kontrolu logu

Napsal: 02 pro 2015 20:49
od Deaper21
Zde je log adwcleaneru. Chtěl jsem se ještě zeptat, asi před rokem(a půl- nevím) když jsem instaloval win8, a pak byl ten přechod na win8.1, tak ve windowsďáckém appstoru mi nešla nainstalovat zmíněná aktualizace na 8.1, vždy se aktualizace rozjela a pak to vyhodilo chybu....už si přesně nepamatuju jak sem to aktualizoval,myslím že přes windows update...No a prostě na stránkách microsoftu(ve spod stránky taková otravná lišta) mě to furt nutilo nainstalovat si 8.1, přitom myslím že ji mám! :?: a v system info viz obr (http://s2.postimg.org/xu4bxoscp/win8.jpg ) mi to pise ze mam 8.1 Pro..sem z toho jelen... tak jen kdyby jste o tom něco věděli.. byl bych rád :D

# AdwCleaner v5.023 - Logfile created 02/12/2015 at 20:27:50
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Adam - ADAMPC
# Running from : C:\Users\Adam\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\SecTaskMan

***** [ Files ] *****

[-] File Deleted : C:\Users\Adam\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_oadboiipflhobonjjffjbfekfjcgkhco_0.localstorage

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

***** [ Web browsers ] *****

[-] [C:\Users\Adam\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : trovi.search

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1389 bytes] ##########

Re: Prosím o kontrolu logu

Napsal: 02 pro 2015 21:04
od Márty84
Podle logu mate 8.1
Pokud vam tam neco vyskakovalo, je to otazka na technickou podporu microsoftu. Je to jejich produkt, otravovalo to na jejich strankach... Meli by nejlepe vedet co a proc to bylo. PC procistime a pak se uvidi :-)



:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o kontrolu logu

Napsal: 07 pro 2015 17:09
od Deaper21
Omlouvám se, teď jsem neměl nějakou dobu čas, tak jsem neodpovídal...už předtím po vaší poslední odpovědi jsem udělal scan podle návodu v popisku, bohužel jsem ho ale neuložil...ty další scany už byly bez hrozeb..tak jsem šel do historie a našel 2 scany ve kterých nějaká ta havět byla.....tady je: (jo a to datum taky nechápu :)
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15. 4. 2015
Čas skenování: 23:21
Protokol: log1.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.15.08
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 377472
Uplynulý čas: 11 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HD01-V2.1V23.09, Do karantény, [b82ce389078363d31b097d6013f03bc5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3780011587-910230506-1870383065-1001\SOFTWARE\APPDATALOW\SOFTWARE\HD01-V2.1V23.09, Do karantény, [4c98db91187291a556d0964704ffc838],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 4
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy\84953B30998E4F679F80F8B4DFCF3C5A, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],

Soubory: 13
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe, Do karantény, [3ba97def06842610fa13052513f3d62a],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD01-V2.1V23.09\utils.exe, Do karantény, [cd171755cac0191d9a90a9a57c8406fa],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Do karantény, [697ba7c50684e65003f85f8d0ff4d729],
PUP.Optional.OpenCandy, C:\Users\Adam\AppData\Roaming\OpenCandy\84953B30998E4F679F80F8B4DFCF3C5A\pcmechanicpmROW_p1v1.exe, Do karantény, [1acacba1c4c69e98f90e3b517e859a66],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\1293297481.mxaddon, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\70188f13-0368-49cd-863c-7df07c101395.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\70188f13-0368-49cd-863c-7df07c101395.xpi, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\7902f5f4-3f5e-46a4-a58b-dfcaad26c2cb.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\f55ebdf7-e478-47dd-829c-fd3a8c602e39.crx, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\Interop.IWshRuntimeLibrary.dll, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\HD01-V2.1V23.09\Newtonsoft.Json.dll, Do karantény, [3ea61f4d8bff1d1968584e5b14ef817f],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)



Druhý scan :
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 9. 2015
Čas skenování: 22:39
Protokol: zaznam1.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.24.04
Databáze rootkitů: v2015.09.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adam

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 406685
Uplynulý čas: 13 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Do karantény, [8133240f88031e18d882a211a460728e],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 11
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\actions, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],

Soubory: 84
PUP.Optional.AdOffer, C:\Users\Adam\AppData\Local\Temp\bitool.dll, Do karantény, [7341db585932f73fb91be6b4df23fc04],
PUP.Optional.Somoto, C:\Users\Adam\AppData\Local\Temp\nsl552F.tmp, Do karantény, [6a4a73c08a0172c4996d9d1128dd857b],
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001\status.cfg, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.Amonetize, C:\Users\Adam\AppData\Local\15001\Updater.xml, Do karantény, [e2d2e94a48433ff77c8a0f25c83bc53b],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\21c3af86c7ee2db43641d71218caf983.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\f3d0436e19a99d5d98878cb512099ef3.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\main.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\7da141b25ed6493359d21acb08d12e2f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\7e6234bc2ed9ab52295effed369f634d.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\a7048849cda92e007e5e83ede09e0516.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\ca65e3b063503d58235eed6f5aefbeae.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\e3a929adc18c7f5bb1c31026765e2a66.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\api\pageAction.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\04a3792eb8a0825738e7051f6a95d540.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\1b726b8b61d4c7f5711a4c83a1a072ea.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\2e980a1057c8170dc746ad1b08a64297.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\4804bfd8c20b075acd880748c8fc929f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\4d924503818c3833dbce7149864f9e02.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\62391615977e4b9885b663eb121f87fd.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\6b7ba8285dca69f84b68e979671b669f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\70ea95ef59f4084ece730c66fb08ed4c.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\8f9bb969ca303199adb115a3a065d4be.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\aa71afe8fc4ca7e6d2a0bafd4a35d388.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\afe1386a7db56d31850cbe4754fed437.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\app_api.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\d23a73f908fac05450dd14aa05fc9163.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\e5e1f93aeaf781e96cac36c141ea629f.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\e8318c1409e62b7e7ec05f2be76f982a.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\installer.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource\newPopup.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\js\lib\popupResource\popup.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\background.html, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\chromeCoreFilesIndex.txt, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\manifest.json, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\popup.html, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\Settings.json, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\manifest.xml, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\102.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\104.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\119.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\123.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\13.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\14.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\17.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\178.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\179.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\180.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\184.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\19.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\195.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\220.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\221.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\223.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\231.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\232.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\242.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\246.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\262.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\263.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\267.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\273.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\275.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\281.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\286.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\288.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\289.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\291.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\300.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\4.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\47.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\64.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\7.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\78.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\80.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\9.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\91.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\93.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\plugins\97.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode\background.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\extensionData\userCode\extension.js, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon128.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon16.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\icon48.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],
PUP.Optional.CrossRider, C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.46_0\icons\actions\1.png, Do karantény, [684cf73c9dee9b9b3eea3c76d33204fc],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o kontrolu logu

Napsal: 07 pro 2015 19:48
od Márty84
To jsou stare vysledky a navic jen ze Skenu hrozeb. Ten neprohlizi cely pocitac. Ted jste delal ten Vlastni sken, jak se pise v navodu? A ten je ted cisty?

Re: Prosím o kontrolu logu

Napsal: 08 pro 2015 22:46
od Deaper21
ano

Re: Prosím o kontrolu logu

Napsal: 09 pro 2015 10:49
od Márty84
:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: Prosím o kontrolu logu

Napsal: 09 pro 2015 18:18
od Deaper21
Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2015-12-09 18:16:57
Microsoft Windows 8.1 Pro
System drive C: has 441 GB (46%) free of 954 GB
Total RAM: 8068 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:17:06, on 9. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\muachost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\PROGRA~2\AIMP3\AIMP3.exe
C:\Program Files\trend micro\Adam.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4272G19D05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --no-startup-window (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?')
O4 - HKUS\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [f.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User '?')
O4 - S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ? (User '?')
O4 - S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ? (User '?')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 11875 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
dashost.exe {9c67ee97-8fdf-48d1-9785e508bf5f794a}
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000648
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
taskhostex.exe
C:\WINDOWS\SysWOW64\muachost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
C:\Windows\System32\skydrive.exe -Embedding
igfxEM.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --profile-directory=Default
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="2024.0.1674039533\444458342" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.1.159493809\31757547" --font-cache-shared-handle=1988 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.2.696782034\17599426" --font-cache-shared-handle=2208 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.3.2026863890\388613922" --font-cache-shared-handle=2220 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.4.1638132584\1306245530" --font-cache-shared-handle=2416 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.5.1628361613\1963882165" --font-cache-shared-handle=2428 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.6.926791738\695515642" --font-cache-shared-handle=2528 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.7.1186678175\1329627170" --font-cache-shared-handle=2620 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.9.1565164670\538298982" --font-cache-shared-handle=3484 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.10.2115097889\92857297" --font-cache-shared-handle=4308 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.11.925633608\948204590" --font-cache-shared-handle=4580 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.13.956657203\1174329163" --font-cache-shared-handle=3244 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.14.750889361\498356035" --font-cache-shared-handle=8648 /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=ppapi --channel="2024.18.444539470\2097338134" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.24.82283652\776364154" --font-cache-shared-handle=4052 /prefetch:673131151
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11355b2d-8d93-44a6-8c97-14d9d4c7cf0e -SystemEventPortName:HostProcess-ec6f3cd6-14f3-4047-8692-b3bafe6fc969 -IoCancelEventPortName:HostProcess-5c8052c0-45a4-4f23-ace8-219e28dd23f0 -NonStateChangingEventPortName:HostProcess-6af8f980-2fc8-4217-baa0-5b398a69cf1c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cf6385cb-86c0-471b-9d64-fddc5775668e -DeviceGroupId:WpdFsGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe60_ Global\UsGthrCtrlFltPipeMssGthrPipe60 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 652 660 65536 656
"C:\Users\Adam\Desktop\RSITx64.exe"
C:\PROGRA~2\AIMP3\AIMP3.exe -Embedding
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2024.32.1294770448\1698257577" --font-cache-shared-handle=6868 /prefetch:673131151

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09 810176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09 688320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-04-09 163520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258"=C:\Program Files (x86)\Comodo\Dragon\dragon.exe [2015-11-20 704184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 4471536]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-12-01 803200]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-10-07 11324368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe

C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-02 22:27:24 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-12-02 22:27:15 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-12-02 22:27:15 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-12-02 20:26:00 ----D---- C:\AdwCleaner
2015-11-26 22:09:48 ----D---- C:\Program Files (x86)\Comodo
2015-11-14 19:29:14 ----SHD---- C:\ProgramData\DSS
2015-11-14 19:17:10 ----D---- C:\Program Files (x86)\Codemasters
2015-11-14 17:57:20 ----HD---- C:\$SysReset
2015-11-14 17:39:56 ----D---- C:\rsit
2015-11-12 19:38:02 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-11-12 19:38:02 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38:01 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\winload.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38:00 ----A---- C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37:56 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-11-12 19:37:55 ----A---- C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37:54 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2015-11-12 19:37:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-11-12 19:37:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-11-12 19:37:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37:47 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-11-12 19:37:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37:21 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2015-11-10 15:15:31 ----D---- C:\Program Files (x86)\Security Task Manager

======List of files/folders modified in the last 1 month======

2015-12-09 18:17:01 ----D---- C:\Program Files\trend micro
2015-12-09 18:16:42 ----D---- C:\WINDOWS\Temp
2015-12-09 18:16:42 ----D---- C:\Downloads
2015-12-09 18:00:00 ----D---- C:\WINDOWS\system32\sru
2015-12-09 17:21:47 ----D---- C:\WINDOWS\system32\config
2015-12-09 16:51:03 ----D---- C:\WINDOWS\Inf
2015-12-08 20:37:14 ----D---- C:\Users\Adam\AppData\Roaming\AIMP3
2015-12-08 19:12:26 ----D---- C:\WINDOWS\WinSxS
2015-12-08 19:12:24 ----D---- C:\WINDOWS\CbsTemp
2015-12-08 19:11:51 ----D---- C:\WINDOWS\system32\catroot2
2015-12-07 19:28:44 ----RD---- C:\WINDOWS\System32
2015-12-07 19:28:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-06 21:27:49 ----D---- C:\Users\Adam\AppData\Roaming\vlc
2015-12-06 20:00:26 ----D---- C:\WINDOWS
2015-12-06 20:00:23 ----D---- C:\WINDOWS\system32\drivers
2015-12-06 18:43:18 ----SHD---- C:\System Volume Information
2015-12-06 13:54:50 ----D---- C:\Program Files (x86)\Steam
2015-12-06 11:12:50 ----D---- C:\WINDOWS\system32\NDF
2015-12-03 21:33:34 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-03 01:14:39 ----AD---- C:\WINDOWS\VDLL.DLL
2015-12-02 22:27:15 ----RD---- C:\Program Files (x86)
2015-12-02 22:26:55 ----D---- C:\WINDOWS\debug
2015-12-02 20:27:51 ----HD---- C:\ProgramData
2015-11-30 18:16:56 ----D---- C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40:00 ----D---- C:\WINDOWS\Minidump
2015-11-26 22:31:11 ----D---- C:\WINDOWS\AppReadiness
2015-11-26 22:30:57 ----HD---- C:\Program Files\WindowsApps
2015-11-26 22:26:49 ----D---- C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:25:24 ----D---- C:\WINDOWS\Logs
2015-11-26 22:25:09 ----D---- C:\WINDOWS\system32\Tasks
2015-11-22 11:15:55 ----SHD---- C:\WINDOWS\Installer
2015-11-22 11:15:12 ----RSD---- C:\WINDOWS\assembly
2015-11-22 10:35:29 ----D---- C:\Hry
2015-11-20 16:55:42 ----D---- C:\ProgramData\Skype
2015-11-20 16:55:41 ----D---- C:\Program Files (x86)\Common Files
2015-11-20 16:54:08 ----D---- C:\Users\Adam\AppData\Roaming\Skype
2015-11-19 18:40:00 ----D---- C:\Soubory
2015-11-15 14:27:39 ----D---- C:\WINDOWS\SysWOW64
2015-11-15 10:40:26 ----D---- C:\WINDOWS\Tasks
2015-11-14 19:29:13 ----D---- C:\ProgramData\Codemasters
2015-11-14 17:52:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48:52 ----D---- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06:33 ----D---- C:\Program Files (x86)\Popcorn Time
2015-11-13 17:02:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-11-13 16:14:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-11-12 22:42:44 ----RD---- C:\WINDOWS\ToastData
2015-11-12 22:42:43 ----D---- C:\WINDOWS\apppatch
2015-11-12 22:36:45 ----D---- C:\WINDOWS\system32\MRT
2015-11-12 22:36:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-12-01 146696]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-12-01 35488]
R1 JSWPSLWF;@oem2.inf,%AthSec_Desc%;JumpStart Wireless Filter Driver; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [2013-06-28 26624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-12-01 135880]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2015-12-01 73032]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-17 28912]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-16 21622272]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-16 665088]
R3 athur;@oem1.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem39.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 dtlitescsibus;@oem7.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-06-13 30264]
R3 ICCWDT;@oem17.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-12-08 192216]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem11.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 GPU-Z;GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys []
S3 HTCAND64;@oem37.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 HtcVCom32;@oem39.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 pneteth;@oem35.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-05-27 13536]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2015-02-26 350160]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-16 246784]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-12-01 948392]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-12-01 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-12-01 466408]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-12-01 1418560]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2015-11-20 2056376]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2015-10-16 34984]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-09 355232]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-10-07 1779664]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-06-26 28328]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-10-19 339968]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1272560]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [2013-06-28 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 09 pro 2015 19:02
od Deaper21
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Adam (administrator) on ADAMPC (09-12-2015 18:59:57)
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & (Available Profiles: Adam)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(MSI) C:\WINDOWS\SysWOW64\muachost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
(forum.viry.cz) C:\Users\Adam\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11324368 2015-10-07] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [f.lux] => C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_C52DB14F9A918A0C5FF89C4BF31B3258] => C:\Program Files (x86)\Comodo\Dragon\dragon.exe [704184 2015-11-20] (Comodo)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk [2015-06-30]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2014-09-30]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{536A47DD-6297-4676-A033-8066A3DA050D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 4
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: FireGestures - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\extensions\firegestures@xuldev.org.xpi [2015-03-28] [not signed]
FF Extension: Avira Browser Safety - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\Extensions\abs@avira.com [2015-04-13] [not signed]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\3kG7Zupt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-13] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (HD01-V2.1V23.09) - C:\Users\Adam\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2015-09-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2056376 2015-11-20] (Comodo)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-10-16] (Micro-Star Int'l Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WPS\jswpsapi.exe [954368 2013-06-28] (Wireless) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1779664 2015-10-07] (Micro-Star INT'L CO., LTD.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [28328 2014-06-26] (Micro-Star International)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-13] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-08] (Malwarebytes)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Adam\AppData\Local\Temp\GPU-Z.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 18:59 - 2015-12-09 19:00 - 00020030 _____ C:\Users\Adam\Desktop\FRST.txt
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 ____D C:\FRST
2015-12-09 18:38 - 2015-12-09 18:57 - 00112640 _____ (forum.viry.cz) C:\Users\Adam\Desktop\FRSTLauncher.exe
2015-12-09 18:27 - 2015-12-09 18:27 - 02369024 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2015-12-08 22:48 - 2015-12-08 22:48 - 00003725 _____ C:\Users\Adam\Desktop\kucfk.txt
2015-12-07 16:49 - 2015-12-07 16:49 - 00021420 _____ C:\Users\Adam\Desktop\zaznam1.txt
2015-12-02 22:27 - 2015-12-08 22:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 22:27 - 2015-12-02 22:27 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 22:27 - 2015-12-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 22:27 - 2015-12-02 22:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 22:27 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-02 22:27 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-02 22:27 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-02 20:26 - 2015-12-02 20:50 - 00000000 ____D C:\AdwCleaner
2015-12-02 20:25 - 2015-12-02 20:25 - 01736704 _____ C:\Users\Adam\Desktop\adwcleaner_5.023.exe
2015-11-30 21:58 - 2015-12-07 21:25 - 02691370 _____ C:\Users\Adam\Desktop\types.of.pavements.pptx
2015-11-26 22:27 - 2015-11-26 22:27 - 00481766 _____ C:\Users\Adam\Desktop\cc_20151126_222736.reg
2015-11-26 22:25 - 2015-11-26 22:25 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-26 22:09 - 2015-11-26 22:09 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-11-25 22:40 - 2015-12-07 20:17 - 22154448 _____ C:\Users\Adam\Desktop\kavarna.pln
2015-11-22 11:14 - 2015-11-22 11:14 - 00000813 _____ C:\Users\Public\Desktop\Assassins Creed - Unity.lnk
2015-11-17 14:05 - 2015-12-03 02:15 - 00000000 ____D C:\Users\Adam\Desktop\knihy
2015-11-14 19:53 - 2015-11-14 19:53 - 00000000 ____D C:\Users\Adam\AppData\Local\Introversion
2015-11-14 19:40 - 2015-11-14 19:40 - 00001587 _____ C:\Users\Adam\Desktop\dirt3 – zástupce.lnk
2015-11-14 19:29 - 2015-11-14 19:29 - 00000000 __SHD C:\ProgramData\DSS
2015-11-14 19:17 - 2015-11-14 19:17 - 00000000 ____D C:\Program Files (x86)\Codemasters
2015-11-14 17:57 - 2015-11-14 18:36 - 00000000 ___HD C:\$SysReset
2015-11-14 17:39 - 2015-11-14 17:40 - 00000000 ____D C:\rsit
2015-11-14 17:39 - 2015-11-14 17:39 - 01222144 _____ C:\Users\Adam\Desktop\RSITx64.exe
2015-11-14 17:02 - 2015-11-14 17:02 - 00003128 _____ C:\WINDOWS\System32\Tasks\{B73ABE4A-87EB-41DA-990A-79366BA034B1}
2015-11-12 19:38 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-12 19:38 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-12 19:38 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-12 19:38 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-12 19:38 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-12 19:38 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-12 19:38 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-12 19:38 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-12 19:38 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-12 19:38 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-12 19:38 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-12 19:38 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-12 19:38 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-12 19:38 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-12 19:38 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-12 19:38 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-12 19:38 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-12 19:38 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-12 19:38 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-12 19:38 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-12 19:38 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-12 19:38 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-12 19:37 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-12 19:37 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-12 19:37 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-12 19:37 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-12 19:37 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-12 19:37 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-12 19:37 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-12 19:37 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-12 19:37 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-12 19:37 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-12 19:37 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-12 19:37 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-12 19:37 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-12 19:37 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-12 19:37 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-12 19:37 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-12 19:37 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-12 19:37 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-12 19:37 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-12 19:37 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-12 19:37 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-12 19:37 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-12 19:37 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-12 19:37 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-12 19:37 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-12 19:37 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-12 19:37 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-12 19:37 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-12 19:37 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-12 19:37 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-12 19:37 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-12 19:37 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-12 19:37 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-12 19:37 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-12 19:37 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-12 19:37 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-11-12 19:37 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2015-11-12 19:37 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-12 19:37 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-12 19:37 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-12 19:37 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-12 19:37 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-10 15:15 - 2015-11-10 15:15 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00001147 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2015-11-10 15:15 - 2015-11-10 15:15 - 00000000 ____D C:\Program Files (x86)\Security Task Manager

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 18:59 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS
2015-12-09 18:54 - 2015-06-28 15:56 - 00000000 ____D C:\Users\Adam\AppData\Local\ClassicShell
2015-12-09 18:54 - 2014-08-31 12:35 - 00000000 ____D C:\Users\Adam\AppData\Local\CrashDumps
2015-12-09 18:40 - 2015-07-03 12:30 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 18:40 - 2015-07-03 12:30 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 18:19 - 2014-08-31 07:15 - 00000000 ____D C:\Users\Adam\AppData\Roaming\AIMP3
2015-12-09 18:17 - 2014-09-29 21:31 - 00000000 ____D C:\Program Files\trend micro
2015-12-09 16:51 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-08 19:12 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-07 20:17 - 2014-09-08 21:52 - 00000341 _____ C:\Users\Adam\Documents\BIMx_Export_Log.txt
2015-12-07 20:17 - 2014-09-08 21:52 - 00000000 ____D C:\Users\Adam\Graphisoft
2015-12-07 19:34 - 2015-09-08 17:45 - 00000000 ____D C:\Users\Adam\Desktop\Výkresy čtvrťák
2015-12-07 19:28 - 2014-03-18 16:33 - 01610258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-07 19:28 - 2014-03-18 15:54 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-07 19:28 - 2014-03-18 15:54 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-07 19:26 - 2014-09-08 21:52 - 00000000 ____D C:\Users\Adam\Documents\BIMx
2015-12-06 21:27 - 2014-09-27 11:14 - 00000000 ____D C:\Users\Adam\AppData\Roaming\vlc
2015-12-06 20:54 - 2014-08-31 09:06 - 00000000 ___DO C:\Users\Adam\OneDrive
2015-12-06 20:53 - 2014-08-31 06:00 - 00000000 __SHD C:\Users\Adam\IntelGraphicsProfiles
2015-12-06 20:01 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-06 20:00 - 2015-02-26 00:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2015-12-06 13:54 - 2014-09-23 15:54 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-06 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-06 09:55 - 2015-07-20 22:56 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-05 22:07 - 2015-03-29 17:15 - 00000000 ____D C:\Users\Adam\Documents\Euro Truck Simulator 2
2015-12-05 13:42 - 2014-08-31 04:34 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3780011587-910230506-1870383065-1001
2015-12-02 20:50 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 16:49 - 2014-09-30 17:54 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-01 16:49 - 2014-09-30 17:54 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 16:49 - 2014-09-30 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-30 18:16 - 2014-08-31 11:38 - 00000000 ____D C:\Users\Adam\AppData\Roaming\uTorrent
2015-11-30 16:40 - 2014-09-02 13:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-29 23:17 - 2014-08-31 08:53 - 00000000 ____D C:\Users\Adam
2015-11-26 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-26 22:30 - 2014-08-31 04:28 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
2015-11-26 22:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-26 22:26 - 2014-08-31 15:51 - 00000000 ____D C:\Users\Adam\AppData\Roaming\MPC-HC
2015-11-26 22:25 - 2014-09-26 20:04 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 22:25 - 2014-09-26 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-22 22:54 - 2014-10-08 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2015-11-22 10:35 - 2014-08-31 07:21 - 00000000 ____D C:\Hry
2015-11-20 16:55 - 2014-08-31 09:53 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 16:54 - 2014-08-31 09:53 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Skype
2015-11-19 21:59 - 2015-10-25 13:37 - 00000000 ____D C:\Users\Adam\Downloads\PopcornTime
2015-11-19 18:40 - 2014-10-13 14:57 - 00000000 ____D C:\Soubory
2015-11-15 14:27 - 2015-11-02 22:31 - 00001093 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2015-11-15 14:27 - 2014-08-31 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-11-15 10:40 - 2015-07-20 22:56 - 00003780 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-14 19:29 - 2014-08-31 11:04 - 00000000 ____D C:\Users\Adam\Documents\My Games
2015-11-14 19:29 - 2014-08-31 11:04 - 00000000 ____D C:\ProgramData\Codemasters
2015-11-14 17:52 - 2014-08-31 04:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 17:48 - 2014-08-31 07:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
2015-11-14 17:06 - 2015-10-25 13:36 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-11-13 16:13 - 2013-08-22 15:44 - 00514280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-12 22:42 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-12 22:36 - 2014-08-31 05:34 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 22:36 - 2014-08-31 05:34 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2013-02-26 07:28 - 2013-02-26 07:28 - 0027762 _____ () C:\Program Files\changes.txt
2013-02-26 07:56 - 2013-02-26 07:56 - 2391736 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-02-26 07:56 - 2013-02-26 07:56 - 0068792 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 0186552 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2013-02-26 07:54 - 2013-02-26 07:54 - 0139776 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2014-08-31 12:52 - 2014-09-13 12:04 - 0000190 _____ () C:\Program Files\FRAPSLOG.TXT
2013-02-26 07:27 - 2013-02-26 07:27 - 0001894 _____ () C:\Program Files\README.HTM
2015-05-23 17:04 - 2015-05-23 17:04 - 0036079 _____ (Beepa Pty Ltd) C:\Program Files\uninstall.exe
2014-08-31 07:44 - 2015-10-20 20:16 - 0007604 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg
2014-09-13 21:24 - 2014-09-13 21:24 - 0881524 _____ () C:\ProgramData\1410638772.bdinstall.bin
2014-09-30 17:37 - 2014-09-30 17:37 - 0258214 _____ () C:\ProgramData\1412094973.bdinstall.bin
2014-09-11 20:06 - 2014-09-11 20:06 - 0000057 _____ () C:\ProgramData\Ament.ini

Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Adam\Desktop" je 1669 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu

Napsal: 09 pro 2015 21:20
od Deaper21
zde ještě addition.txt

Re: Prosím o kontrolu logu

Napsal: 10 pro 2015 17:43
od Márty84
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Adam\Desktop" je 1669 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)




:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Re: Prosím o kontrolu logu

Napsal: 10 pro 2015 20:20
od Deaper21
jej, tak te plochy sem si nevsim :D bylo to jedno zapomenute video, jinak samozrejme odkazy delam vzdy, nejsem debil :D

Re: Prosím o kontrolu logu

Napsal: 10 pro 2015 20:35
od Deaper21
Fix result of Farbar Recovery Scan Tool (x64) Version:09-12-2015
Ran by Adam (2015-12-10 20:24:17) Run:1
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & (Available Profiles: Adam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-02-26] (BitDefender S.R.L.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3780011587-910230506-1870383065-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
AdobeARMservice => service removed successfully
trufos => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40525C58-79C2-47A1-9AA2-F1D7FC4F0691}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40525C58-79C2-47A1-9AA2-F1D7FC4F0691}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 771.9 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:24:36 ====
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz