VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

podezřelý proces při vypínání PC

https://forum.viry.cz:443/viewtopic.php?t=147241

Stránka 1 z 2

podezřelý proces při vypínání PC

Napsal: 17 pro 2015 19:46
od meloun173
Zdravím,

často, když vypínám PC, objeví se mi při vypínání tabulka s čekajícími procesy, blikne to tam vždy jen tak
na půl vteřiny, že to ani nestihnu přečíst. Ten proces má strašně dlouhý název a je psaný čínskými znaky (rozsypaný čaj)
Podle mě to tam nemá, co dělat a v procesech programem Autoruns jsem nenalezl nic podezřelého. Prosím o radu. děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by mistr (administrator) on FRACTAL (17-12-2015 19:32:21)
Running from C:\Users\mistr\Downloads
Loaded Profiles: mistr (Available Profiles: mistr)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8530176 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKU\S-1-5-21-940313019-3960568547-267131554-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fc50b8dd-4f9e-49cc-97de-6e3685bb034d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-940313019-3960568547-267131554-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb201?a=6R8SAy9kMZ&i=26
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-940313019-3960568547-267131554-1001 -> is enabled.

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-07]
CHR Extension: (Dokumenty Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-07]
CHR Extension: (Disk Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Rapport) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-11-04]
CHR Extension: (YouTube) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Vyhledávání Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Usability Boost for Google Plus™) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkcppcocablbakkaboahjmljpodddkcp [2015-10-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-10-07]
CHR Extension: (Tabulky Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-07]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-10-07]
CHR Extension: (Gmail) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR HKU\S-1-5-21-940313019-3960568547-267131554-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2259224 2015-11-24] (IBM Corp.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 a016bus; C:\Windows\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\Windows\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\Windows\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-03] (Disc Soft Ltd)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-08-31] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87448 2015-07-16] ()
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R4 RapportCerberus_1507072; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys [959416 2015-11-04] (IBM Corp.)
R1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2015-12-03] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [502904 2015-11-24] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [141304 2015-11-24] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [396152 2015-11-24] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [496408 2015-11-24] (IBM Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek )
S3 s0016bus; C:\Windows\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\Windows\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\Windows\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\Windows\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\Windows\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\Windows\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\Windows\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\Windows\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-17] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-17 19:32 - 2015-12-17 19:32 - 00018242 _____ C:\Users\mistr\Downloads\FRST.txt
2015-12-17 19:30 - 2015-12-17 19:32 - 00000000 ____D C:\FRST
2015-12-17 19:29 - 2015-12-17 19:29 - 02370048 _____ (Farbar) C:\Users\mistr\Downloads\FRST64.exe
2015-12-17 19:08 - 2015-12-17 19:29 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-17 19:08 - 2015-12-17 19:08 - 20834376 _____ C:\Users\mistr\Downloads\RogueKiller.exe
2015-12-17 19:08 - 2015-12-17 19:08 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-17 18:52 - 2015-12-17 18:52 - 00606643 _____ C:\Users\mistr\Downloads\Autoruns.zip
2015-12-17 18:52 - 2015-12-17 18:52 - 00000000 ____D C:\Users\mistr\Downloads\Autoruns
2015-12-17 18:49 - 2015-12-17 18:49 - 00000000 ___HD C:\OneDriveTemp
2015-12-17 18:48 - 2015-12-17 18:48 - 00016148 _____ C:\WINDOWS\system32\FRACTAL_mistr_HistoryPrediction.bin
2015-12-14 21:22 - 2015-12-14 21:22 - 00080252 _____ C:\Users\mistr\Desktop\Absolutely-Anything(0000263319).srt
2015-12-13 20:12 - 2015-12-13 20:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-13 20:12 - 2015-12-13 20:12 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-13 20:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-13 20:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-13 20:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-13 20:11 - 2015-12-13 20:11 - 22908888 _____ (Malwarebytes ) C:\Users\mistr\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-12 20:49 - 2015-12-12 20:49 - 00106649 _____ C:\Users\mistr\Downloads\Absolutely Anything 2015 1080p BluRay DTS x264 - HDMaNiAcS.torrent
2015-12-12 16:14 - 2015-12-12 16:14 - 00085975 _____ C:\Users\mistr\Downloads\Bone-Tomahawk(0000261643).srt
2015-12-12 13:35 - 2015-12-12 13:35 - 00028900 _____ C:\Users\mistr\Downloads\The-Simpsons-S27E08(0000263516).srt
2015-12-12 13:29 - 2015-12-12 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-12 13:29 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-12 13:28 - 2015-12-12 13:28 - 00049214 _____ C:\Users\mistr\Downloads\The Simpsons S27E08 720p HDTV x264-KILLERS (1).torrent
2015-12-12 13:27 - 2015-12-12 13:27 - 00049214 _____ C:\Users\mistr\Downloads\The Simpsons S27E08 720p HDTV x264-KILLERS.torrent
2015-12-11 21:46 - 2015-12-11 21:46 - 00030587 _____ C:\Users\mistr\Downloads\The Big Bang Theory - 09x10 - The Earworm Reverberation.DIMENSION.Czech.srt
2015-12-11 21:20 - 2015-12-11 21:20 - 00049349 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E10 1080p HDTV X264-DIMENSION.torrent
2015-12-11 21:20 - 2015-12-11 21:20 - 00037861 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E10 REPACK 720p HDTV X264-DIMENSION.torrent
2015-12-11 21:19 - 2015-12-11 21:19 - 00140815 _____ C:\Users\mistr\Downloads\Bone Tomahawk 2015 1080p BluRay DTS x264 - HDMaNiAcS.torrent
2015-12-09 19:53 - 2015-12-09 19:53 - 00032235 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E10 - Maveth (AFG+OSEC+HEVC).srt
2015-12-09 18:49 - 2015-12-09 18:49 - 00042773 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E10 720p HDTV x264-0SEC.torrent
2015-12-07 18:11 - 2015-12-07 21:57 - 00011211 _____ C:\Users\mistr\Desktop\Gerla-PC.xlsx
2015-12-06 19:01 - 2015-12-06 19:01 - 00052328 _____ C:\Users\mistr\Desktop\Onegin(0000097775).srt
2015-12-04 20:55 - 2015-12-04 20:55 - 00104800 _____ C:\Users\mistr\Downloads\Ant-Man(0000262594).srt
2015-12-04 20:29 - 2015-12-04 20:29 - 00032206 _____ C:\Users\mistr\Downloads\Ant-Man 2015 720p BluRay DTS x264-HiDt.torrent
2015-12-02 21:27 - 2015-12-02 21:27 - 00039091 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E09 - Closure (OSEC).srt
2015-12-02 21:27 - 2015-12-02 21:27 - 00039091 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E09 - Closure (KILLERS).srt
2015-12-02 20:44 - 2015-12-02 20:44 - 00024557 _____ C:\Users\mistr\Downloads\The.Walking.Dead.S06E08.HDTV.x264-KILLERS.srt
2015-12-02 20:24 - 2015-12-02 20:24 - 00038212 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E09 720p HDTV x264-0SEC.torrent
2015-12-02 20:24 - 2015-12-02 20:24 - 00035988 _____ C:\Users\mistr\Downloads\The Walking Dead S06E08 720p HDTV x264-KILLERS.torrent
2015-11-28 21:14 - 2015-11-28 21:14 - 00071054 _____ C:\Users\mistr\Downloads\Self-less(0000261442).srt
2015-11-28 21:13 - 2015-11-28 21:13 - 00071054 _____ C:\Users\mistr\Downloads\Self-less(0000261813).srt
2015-11-28 20:40 - 2015-11-28 20:40 - 00047467 _____ C:\Users\mistr\Downloads\Jurassic World 2015 720p BluRay DTS x264-HiDt (1).torrent
2015-11-28 20:37 - 2015-11-28 20:37 - 00031949 _____ C:\Users\mistr\Downloads\Self-less 2015 720p BluRay DTS x264-DON.torrent
2015-11-28 14:43 - 2015-11-28 14:43 - 00041278 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e09.hdtv.x264-killers.srt
2015-11-28 14:36 - 2015-11-28 14:36 - 00055029 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E09 720p WEB-DL DD5 1 H 264-VietHD.torrent
2015-11-28 13:50 - 2015-11-28 13:50 - 00045612 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e08.hdtv.x264-killers.srt
2015-11-28 13:45 - 2015-11-28 13:45 - 00043507 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E08 720p HDTV x264-KILLERS.torrent
2015-11-28 12:24 - 2015-11-28 12:24 - 00040140 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e07.hdtv.x264-fleet.srt
2015-11-28 12:20 - 2015-11-28 12:20 - 00048559 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E07 720p HDTV x264-FLEET.torrent
2015-11-28 11:26 - 2015-11-28 11:26 - 00038933 _____ C:\Users\mistr\Downloads\s05e06.the.bear.and.the.bow.720p.web-dl.dd5.1.h.264-kings.srt
2015-11-28 10:40 - 2015-11-28 10:40 - 00054928 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E06 720p WEB-DL DD5 1 H 264-KiNGS.torrent
2015-11-28 10:40 - 2015-11-28 10:40 - 00041157 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e05.hdtv.x264-killers.srt
2015-11-28 10:37 - 2015-11-28 10:37 - 00040302 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e04.720p.hdtv.x264-fleet (1).srt
2015-11-28 10:24 - 2015-11-28 10:24 - 00048439 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E04 720p HDTV x264-FLEET.torrent
2015-11-28 10:24 - 2015-11-28 10:24 - 00044767 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E05 720p HDTV x264-KILLERS.torrent
2015-11-27 22:33 - 2015-11-27 22:33 - 00025499 _____ C:\Users\mistr\Downloads\The-Simpsons-S27E07(0000262799).srt
2015-11-27 22:30 - 2015-11-27 22:30 - 00033675 _____ C:\Users\mistr\Downloads\The Simpsons S27E07 PROPER 720p HDTV x264-KILLERS.torrent
2015-11-26 19:05 - 2015-11-26 19:05 - 01365154 _____ (Igor Pavlov) C:\Users\mistr\Downloads\7z1512-x64.exe
2015-11-26 19:05 - 2015-11-26 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-26 19:05 - 2015-11-26 19:05 - 00000000 ____D C:\Program Files\7-Zip
2015-11-23 22:01 - 2015-11-23 22:01 - 00033136 _____ C:\Users\mistr\Downloads\The Walking Dead - 06x07 - Heads Up.FLEET.English.HI.C.orig.Addic7ed.com.srt
2015-11-23 21:07 - 2015-11-23 21:07 - 00039060 _____ C:\Users\mistr\Downloads\The Walking Dead S06E07 720p HDTV x264-FLEET.torrent
2015-11-22 21:51 - 2015-11-22 21:51 - 00040302 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e04.720p.hdtv.x264-fleet.srt
2015-11-22 21:05 - 2015-11-22 21:05 - 00040065 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e03.hdtv.x264-killers.srt
2015-11-22 19:29 - 2015-11-22 19:29 - 00039572 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e02.the.price.1080p.web-dl.dd5.1.h.264-ctrlhd.srt
2015-11-22 18:51 - 2015-11-22 18:51 - 00055219 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E02 The Price 720p WEB-DL DD5 1 H 264-CtrlHD.torrent
2015-11-22 18:50 - 2015-11-22 18:50 - 00039576 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e02.proper.hdtv.x264-killers.srt
2015-11-22 18:42 - 2015-11-22 18:42 - 00046387 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E03 720p HDTV x264-KILLERS.torrent
2015-11-22 12:33 - 2015-11-22 12:33 - 00041724 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e01.hdtv.x264-killers.srt
2015-11-22 12:26 - 2015-11-22 12:26 - 00054703 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E01 The Dark Swan 720p WEB-DL DD5 1 H 264-CtrlHD.torrent
2015-11-21 21:07 - 2015-11-21 21:07 - 00087549 _____ C:\Users\mistr\Downloads\Maze.Runner.The.Scorch.Trials.2015.720p.BluRay.H264.AAC-RARBG.srt
2015-11-21 20:19 - 2015-11-21 20:19 - 00027781 _____ C:\Users\mistr\Downloads\Maze Runner- The Scorch Trials 2015 720p BluRay DTS-ES x264-HiDt.torrent
2015-11-21 13:16 - 2015-11-21 13:16 - 00029587 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E09.HDTV.x264-LOL.srt
2015-11-21 13:14 - 2015-11-21 13:14 - 00039406 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E09 720p HDTV X264-DIMENSION.torrent
2015-11-21 12:55 - 2015-11-21 12:55 - 00028454 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E08.HDTV.x264-LOL (1).srt
2015-11-21 12:35 - 2015-11-21 12:35 - 00028454 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E08.HDTV.x264-LOL.srt
2015-11-21 12:35 - 2015-11-21 12:35 - 00028250 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E07.HDTV.x264-LOL.srt
2015-11-21 12:24 - 2015-11-21 12:24 - 00034106 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E07 720p HDTV X264-DIMENSION.torrent
2015-11-21 12:24 - 2015-11-21 12:24 - 00032246 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E08 720p HDTV X264-DIMENSION.torrent
2015-11-18 20:29 - 2015-11-18 20:29 - 00043474 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E08 - Many Heads One Tale (FLEET).srt
2015-11-18 20:24 - 2015-11-18 20:24 - 00038632 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E08 720p HDTV x264-3SEC.torrent
2015-11-17 21:52 - 2015-11-17 21:52 - 00019327 _____ C:\Users\mistr\Downloads\file.pdf
2015-11-17 21:49 - 2015-11-17 21:49 - 00022756 _____ C:\Users\mistr\Downloads\The.Walking.Dead.S06E06.1080p.WEB-DL.DD5.1.H.264-Cyphanix.srt
2015-11-17 21:48 - 2015-11-17 21:48 - 00107322 _____ C:\Users\mistr\Downloads\The Walking Dead S06E06 720p WEB-DL DD5 1 H 264-Cyphanix.torrent
2015-11-17 19:09 - 2015-11-17 19:09 - 00051798 _____ C:\Users\mistr\Downloads\Hitman.Agent.47.2015.720p.BluRay.x264-DRONES.srt
2015-11-17 18:39 - 2015-11-17 18:39 - 00040401 _____ C:\Users\mistr\Downloads\Hitman- Agent 47 2015 1080p BluRay DTS x264-DRONES.torrent
2015-11-17 18:32 - 2015-11-17 18:32 - 00023290 _____ C:\Users\mistr\Downloads\Hitman Agent 47 2015 BluRay 720p DTS x264-EPiC .torrent
2015-11-17 12:53 - 2015-11-18 19:51 - 00002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-11-17 12:53 - 2015-11-17 17:17 - 00002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2015-11-17 12:51 - 2015-11-17 12:51 - 03059880 _____ (Microsoft Corporation) C:\Users\mistr\Downloads\Setup.X86.cs-CZ_O365HomePremRetail_7826a10b-1ad0-40c5-80b6-6253f60cdaeb_TX_DB_.exe
2015-11-17 12:51 - 2015-11-17 12:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-17 10:18 - 2015-11-17 10:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-17 19:31 - 2015-10-07 20:31 - 00000000 ____D C:\Windows
2015-12-17 19:25 - 2015-10-22 18:19 - 00000000 ____D C:\Users\mistr\AppData\Roaming\Skype
2015-12-17 19:07 - 2015-10-07 19:57 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 19:07 - 2015-10-07 19:57 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-17 18:52 - 2015-10-22 18:31 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA3D0DB0-E455-4975-BBD9-F43B361FFA8F}
2015-12-17 18:52 - 2015-10-07 20:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-17 18:52 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-17 18:49 - 2015-10-07 19:51 - 00000000 ___RD C:\Users\mistr\OneDrive
2015-12-17 18:48 - 2015-10-07 19:57 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-16 20:56 - 2015-10-12 17:55 - 00002254 ____H C:\Users\mistr\Documents\Default.rdp
2015-12-16 20:54 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-16 17:39 - 2015-10-07 20:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-16 17:38 - 2015-10-22 17:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-13 23:23 - 2015-10-07 19:49 - 00000000 ____D C:\Users\mistr\AppData\Local\Packages
2015-12-12 22:54 - 2015-10-07 20:57 - 00000000 ____D C:\Users\mistr\AppData\Roaming\uTorrent
2015-12-12 13:30 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\INF
2015-12-12 13:29 - 2015-10-12 20:35 - 00000000 ____D C:\Users\mistr\AppData\Local\NVIDIA Corporation
2015-12-10 22:37 - 2015-10-07 19:51 - 00002387 _____ C:\Users\mistr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-08 22:40 - 2015-10-07 20:33 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-08 22:27 - 2015-10-07 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-08 22:25 - 2015-10-07 20:11 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-06 19:03 - 2015-10-07 20:39 - 00745406 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-06 19:03 - 2015-10-07 20:39 - 00149344 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-06 19:03 - 2015-10-07 19:49 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-05 11:02 - 2015-10-07 19:57 - 00004034 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 11:02 - 2015-10-07 19:57 - 00003802 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 21:15 - 2015-11-04 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2015-12-03 21:15 - 2015-10-08 04:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-03 21:15 - 2015-10-08 04:43 - 00381224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-03 21:15 - 2015-10-08 04:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-03 21:14 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-03 21:14 - 2015-10-07 20:31 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 01:32 - 2015-10-07 20:37 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-07 20:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-24 16:27 - 2015-11-04 20:49 - 00396152 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2015-11-24 16:27 - 2015-11-04 20:49 - 00141304 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2015-11-21 12:12 - 2015-10-22 18:19 - 00000000 ____D C:\ProgramData\Skype
2015-11-17 13:39 - 2015-10-22 17:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 13:38 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-17 13:36 - 2015-10-07 20:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

Some files in TEMP:
====================
C:\Users\mistr\AppData\Local\Temp\dllnt_dump.dll
C:\Users\mistr\AppData\Local\Temp\LMkRstPt.exe
C:\Users\mistr\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\mistr\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\mistr\AppData\Local\Temp\nvStInst.exe
C:\Users\mistr\AppData\Local\Temp\{960C56A7-B813-4CF7-B529-9A2708EFA36A}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-08 22:25

==================== End of FRST.txt ============================

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 20:04
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 20:11
od meloun173
# AdwCleaner v5.025 - Logfile created 17/12/2015 at 20:07:54
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : mistr - FRACTAL
# Running from : C:\Users\mistr\Downloads\adwcleaner_5.025.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk

***** [ Files ] *****

[-] File Deleted : C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****

[-] [C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yahoo.com
[-] [C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dkpejdfnpdkhifgbancbammdijojoffk

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1394 bytes] ##########

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 20:14
od Rudy
Dejte nový log FRST.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 20:21
od meloun173
antivirus mi smazal frst, musel jsem stahnout znova,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by mistr (administrator) on FRACTAL (17-12-2015 20:20:20)
Running from C:\Users\mistr\Downloads
Loaded Profiles: mistr (Available Profiles: mistr)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(NVIDIA Corporation) C:\Users\mistr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8530176 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKU\S-1-5-21-940313019-3960568547-267131554-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fc50b8dd-4f9e-49cc-97de-6e3685bb034d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-940313019-3960568547-267131554-1001 -> is enabled.

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-07]
CHR Extension: (Dokumenty Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-07]
CHR Extension: (Disk Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Rapport) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-11-04]
CHR Extension: (YouTube) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Vyhledávání Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Usability Boost for Google Plus™) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkcppcocablbakkaboahjmljpodddkcp [2015-10-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-17]
CHR Extension: (Tabulky Google) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-07]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-10-07]
CHR Extension: (Gmail) - C:\Users\mistr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR HKU\S-1-5-21-940313019-3960568547-267131554-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2259224 2015-11-24] (IBM Corp.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 a016bus; C:\Windows\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\Windows\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\Windows\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-03] (Disc Soft Ltd)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-08-31] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87448 2015-07-16] ()
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [42624 2015-06-16] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2015-12-03] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [502904 2015-11-24] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [141304 2015-11-24] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [396152 2015-11-24] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [496408 2015-11-24] (IBM Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek )
S3 s0016bus; C:\Windows\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\Windows\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\Windows\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\Windows\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\Windows\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\Windows\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\Windows\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\Windows\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-17] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-17 20:19 - 2015-12-17 20:19 - 02370048 ____N (Farbar) C:\Users\mistr\Downloads\FRST64.exe
2015-12-17 20:19 - 2015-06-16 15:41 - 00042624 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PsBoot.sys
2015-12-17 20:17 - 2015-12-17 20:17 - 00016148 _____ C:\WINDOWS\system32\FRACTAL_mistr_HistoryPrediction.bin
2015-12-17 20:17 - 2015-12-17 20:17 - 00000000 ___HD C:\OneDriveTemp
2015-12-17 20:06 - 2015-12-17 20:07 - 00000000 ____D C:\AdwCleaner
2015-12-17 20:05 - 2015-12-17 20:05 - 01740288 _____ C:\Users\mistr\Downloads\adwcleaner_5.025.exe
2015-12-17 19:33 - 2015-12-17 19:45 - 00022117 _____ C:\Users\mistr\Downloads\Addition.txt
2015-12-17 19:32 - 2015-12-17 20:20 - 00018028 _____ C:\Users\mistr\Downloads\FRST.txt
2015-12-17 19:30 - 2015-12-17 20:20 - 00000000 ____D C:\FRST
2015-12-17 19:08 - 2015-12-17 19:29 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-17 19:08 - 2015-12-17 19:08 - 20834376 _____ C:\Users\mistr\Downloads\RogueKiller.exe
2015-12-17 19:08 - 2015-12-17 19:08 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-17 18:52 - 2015-12-17 18:52 - 00606643 _____ C:\Users\mistr\Downloads\Autoruns.zip
2015-12-17 18:52 - 2015-12-17 18:52 - 00000000 ____D C:\Users\mistr\Downloads\Autoruns
2015-12-14 21:22 - 2015-12-14 21:22 - 00080252 _____ C:\Users\mistr\Desktop\Absolutely-Anything(0000263319).srt
2015-12-13 20:12 - 2015-12-13 20:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-13 20:12 - 2015-12-13 20:12 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-13 20:12 - 2015-12-13 20:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-13 20:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-13 20:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-13 20:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-13 20:11 - 2015-12-13 20:11 - 22908888 _____ (Malwarebytes ) C:\Users\mistr\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-12 20:49 - 2015-12-12 20:49 - 00106649 _____ C:\Users\mistr\Downloads\Absolutely Anything 2015 1080p BluRay DTS x264 - HDMaNiAcS.torrent
2015-12-12 16:14 - 2015-12-12 16:14 - 00085975 _____ C:\Users\mistr\Downloads\Bone-Tomahawk(0000261643).srt
2015-12-12 13:35 - 2015-12-12 13:35 - 00028900 _____ C:\Users\mistr\Downloads\The-Simpsons-S27E08(0000263516).srt
2015-12-12 13:29 - 2015-12-12 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-12 13:29 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-12 13:28 - 2015-12-12 13:28 - 00049214 _____ C:\Users\mistr\Downloads\The Simpsons S27E08 720p HDTV x264-KILLERS (1).torrent
2015-12-12 13:27 - 2015-12-12 13:27 - 00049214 _____ C:\Users\mistr\Downloads\The Simpsons S27E08 720p HDTV x264-KILLERS.torrent
2015-12-11 21:46 - 2015-12-11 21:46 - 00030587 _____ C:\Users\mistr\Downloads\The Big Bang Theory - 09x10 - The Earworm Reverberation.DIMENSION.Czech.srt
2015-12-11 21:20 - 2015-12-11 21:20 - 00049349 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E10 1080p HDTV X264-DIMENSION.torrent
2015-12-11 21:20 - 2015-12-11 21:20 - 00037861 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E10 REPACK 720p HDTV X264-DIMENSION.torrent
2015-12-11 21:19 - 2015-12-11 21:19 - 00140815 _____ C:\Users\mistr\Downloads\Bone Tomahawk 2015 1080p BluRay DTS x264 - HDMaNiAcS.torrent
2015-12-09 19:53 - 2015-12-09 19:53 - 00032235 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E10 - Maveth (AFG+OSEC+HEVC).srt
2015-12-09 18:49 - 2015-12-09 18:49 - 00042773 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E10 720p HDTV x264-0SEC.torrent
2015-12-08 22:22 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-08 22:22 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-08 22:22 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-08 22:22 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-08 22:21 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-08 22:21 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-08 22:21 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-08 22:21 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-08 22:21 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-08 22:21 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-08 22:21 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-08 22:21 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-08 22:21 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-08 22:21 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-08 22:21 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-08 22:21 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-08 22:21 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-08 22:21 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-08 22:21 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-08 22:21 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-08 22:21 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-08 22:21 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-08 22:21 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-08 22:21 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-08 22:21 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-08 22:21 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-08 22:21 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-08 22:21 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-08 22:21 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-08 22:21 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-08 22:21 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-08 22:21 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-08 22:21 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-08 22:21 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-08 22:21 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-08 22:21 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-08 22:21 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-08 22:21 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-08 22:21 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-08 22:21 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-08 22:21 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-08 22:21 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-08 22:21 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-08 22:21 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-08 22:21 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-08 22:21 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-08 22:21 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-08 22:21 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-08 22:21 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-08 22:21 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-08 22:21 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-08 22:21 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-08 22:21 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-08 22:21 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-08 22:21 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-08 22:21 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-08 22:21 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-08 22:21 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-08 22:21 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-08 22:21 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-08 22:21 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-08 22:21 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-08 22:21 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-08 22:21 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 22:21 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-08 22:21 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-08 22:21 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-08 22:21 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-08 22:21 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-08 22:21 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-08 22:21 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-08 22:21 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-08 22:21 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-08 22:21 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-08 22:21 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-08 22:21 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-08 22:21 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-08 22:21 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-08 22:21 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-08 22:21 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-07 18:11 - 2015-12-07 21:57 - 00011211 _____ C:\Users\mistr\Desktop\Gerla-PC.xlsx
2015-12-06 19:01 - 2015-12-06 19:01 - 00052328 _____ C:\Users\mistr\Desktop\Onegin(0000097775).srt
2015-12-04 20:55 - 2015-12-04 20:55 - 00104800 _____ C:\Users\mistr\Downloads\Ant-Man(0000262594).srt
2015-12-04 20:29 - 2015-12-04 20:29 - 00032206 _____ C:\Users\mistr\Downloads\Ant-Man 2015 720p BluRay DTS x264-HiDt.torrent
2015-12-02 21:27 - 2015-12-02 21:27 - 00039091 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E09 - Closure (OSEC).srt
2015-12-02 21:27 - 2015-12-02 21:27 - 00039091 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E09 - Closure (KILLERS).srt
2015-12-02 20:44 - 2015-12-02 20:44 - 00024557 _____ C:\Users\mistr\Downloads\The.Walking.Dead.S06E08.HDTV.x264-KILLERS.srt
2015-12-02 20:24 - 2015-12-02 20:24 - 00038212 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E09 720p HDTV x264-0SEC.torrent
2015-12-02 20:24 - 2015-12-02 20:24 - 00035988 _____ C:\Users\mistr\Downloads\The Walking Dead S06E08 720p HDTV x264-KILLERS.torrent
2015-11-28 21:14 - 2015-11-28 21:14 - 00071054 _____ C:\Users\mistr\Downloads\Self-less(0000261442).srt
2015-11-28 21:13 - 2015-11-28 21:13 - 00071054 _____ C:\Users\mistr\Downloads\Self-less(0000261813).srt
2015-11-28 20:40 - 2015-11-28 20:40 - 00047467 _____ C:\Users\mistr\Downloads\Jurassic World 2015 720p BluRay DTS x264-HiDt (1).torrent
2015-11-28 20:37 - 2015-11-28 20:37 - 00031949 _____ C:\Users\mistr\Downloads\Self-less 2015 720p BluRay DTS x264-DON.torrent
2015-11-28 14:43 - 2015-11-28 14:43 - 00041278 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e09.hdtv.x264-killers.srt
2015-11-28 14:36 - 2015-11-28 14:36 - 00055029 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E09 720p WEB-DL DD5 1 H 264-VietHD.torrent
2015-11-28 13:50 - 2015-11-28 13:50 - 00045612 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e08.hdtv.x264-killers.srt
2015-11-28 13:45 - 2015-11-28 13:45 - 00043507 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E08 720p HDTV x264-KILLERS.torrent
2015-11-28 12:24 - 2015-11-28 12:24 - 00040140 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e07.hdtv.x264-fleet.srt
2015-11-28 12:20 - 2015-11-28 12:20 - 00048559 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E07 720p HDTV x264-FLEET.torrent
2015-11-28 11:26 - 2015-11-28 11:26 - 00038933 _____ C:\Users\mistr\Downloads\s05e06.the.bear.and.the.bow.720p.web-dl.dd5.1.h.264-kings.srt
2015-11-28 10:40 - 2015-11-28 10:40 - 00054928 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E06 720p WEB-DL DD5 1 H 264-KiNGS.torrent
2015-11-28 10:40 - 2015-11-28 10:40 - 00041157 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e05.hdtv.x264-killers.srt
2015-11-28 10:37 - 2015-11-28 10:37 - 00040302 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e04.720p.hdtv.x264-fleet (1).srt
2015-11-28 10:24 - 2015-11-28 10:24 - 00048439 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E04 720p HDTV x264-FLEET.torrent
2015-11-28 10:24 - 2015-11-28 10:24 - 00044767 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E05 720p HDTV x264-KILLERS.torrent
2015-11-27 22:33 - 2015-11-27 22:33 - 00025499 _____ C:\Users\mistr\Downloads\The-Simpsons-S27E07(0000262799).srt
2015-11-27 22:30 - 2015-11-27 22:30 - 00033675 _____ C:\Users\mistr\Downloads\The Simpsons S27E07 PROPER 720p HDTV x264-KILLERS.torrent
2015-11-26 19:05 - 2015-11-26 19:05 - 01365154 _____ (Igor Pavlov) C:\Users\mistr\Downloads\7z1512-x64.exe
2015-11-26 19:05 - 2015-11-26 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-26 19:05 - 2015-11-26 19:05 - 00000000 ____D C:\Program Files\7-Zip
2015-11-23 22:01 - 2015-11-23 22:01 - 00033136 _____ C:\Users\mistr\Downloads\The Walking Dead - 06x07 - Heads Up.FLEET.English.HI.C.orig.Addic7ed.com.srt
2015-11-23 21:07 - 2015-11-23 21:07 - 00039060 _____ C:\Users\mistr\Downloads\The Walking Dead S06E07 720p HDTV x264-FLEET.torrent
2015-11-22 21:51 - 2015-11-22 21:51 - 00040302 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e04.720p.hdtv.x264-fleet.srt
2015-11-22 21:05 - 2015-11-22 21:05 - 00040065 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e03.hdtv.x264-killers.srt
2015-11-22 19:29 - 2015-11-22 19:29 - 00039572 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e02.the.price.1080p.web-dl.dd5.1.h.264-ctrlhd.srt
2015-11-22 18:51 - 2015-11-22 18:51 - 00055219 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E02 The Price 720p WEB-DL DD5 1 H 264-CtrlHD.torrent
2015-11-22 18:50 - 2015-11-22 18:50 - 00039576 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e02.proper.hdtv.x264-killers.srt
2015-11-22 18:42 - 2015-11-22 18:42 - 00046387 _____ C:\Users\mistr\Downloads\Once Upon A Time S05E03 720p HDTV x264-KILLERS.torrent
2015-11-22 12:33 - 2015-11-22 12:33 - 00041724 _____ C:\Users\mistr\Downloads\once.upon.a.time.s05e01.hdtv.x264-killers.srt
2015-11-22 12:26 - 2015-11-22 12:26 - 00054703 _____ C:\Users\mistr\Downloads\Once Upon a Time S05E01 The Dark Swan 720p WEB-DL DD5 1 H 264-CtrlHD.torrent
2015-11-21 21:07 - 2015-11-21 21:07 - 00087549 _____ C:\Users\mistr\Downloads\Maze.Runner.The.Scorch.Trials.2015.720p.BluRay.H264.AAC-RARBG.srt
2015-11-21 20:19 - 2015-11-21 20:19 - 00027781 _____ C:\Users\mistr\Downloads\Maze Runner- The Scorch Trials 2015 720p BluRay DTS-ES x264-HiDt.torrent
2015-11-21 13:16 - 2015-11-21 13:16 - 00029587 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E09.HDTV.x264-LOL.srt
2015-11-21 13:14 - 2015-11-21 13:14 - 00039406 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E09 720p HDTV X264-DIMENSION.torrent
2015-11-21 12:55 - 2015-11-21 12:55 - 00028454 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E08.HDTV.x264-LOL (1).srt
2015-11-21 12:35 - 2015-11-21 12:35 - 00028454 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E08.HDTV.x264-LOL.srt
2015-11-21 12:35 - 2015-11-21 12:35 - 00028250 _____ C:\Users\mistr\Downloads\The.Big.Bang.Theory.S09E07.HDTV.x264-LOL.srt
2015-11-21 12:24 - 2015-11-21 12:24 - 00034106 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E07 720p HDTV X264-DIMENSION.torrent
2015-11-21 12:24 - 2015-11-21 12:24 - 00032246 _____ C:\Users\mistr\Downloads\The Big Bang Theory S09E08 720p HDTV X264-DIMENSION.torrent
2015-11-18 20:29 - 2015-11-18 20:29 - 00043474 _____ C:\Users\mistr\Downloads\Agents of SHIELD S03E08 - Many Heads One Tale (FLEET).srt
2015-11-18 20:24 - 2015-11-18 20:24 - 00038632 _____ C:\Users\mistr\Downloads\Marvels Agents of S H I E L D S03E08 720p HDTV x264-3SEC.torrent
2015-11-17 21:52 - 2015-11-17 21:52 - 00019327 _____ C:\Users\mistr\Downloads\file.pdf
2015-11-17 21:49 - 2015-11-17 21:49 - 00022756 _____ C:\Users\mistr\Downloads\The.Walking.Dead.S06E06.1080p.WEB-DL.DD5.1.H.264-Cyphanix.srt
2015-11-17 21:48 - 2015-11-17 21:48 - 00107322 _____ C:\Users\mistr\Downloads\The Walking Dead S06E06 720p WEB-DL DD5 1 H 264-Cyphanix.torrent
2015-11-17 19:09 - 2015-11-17 19:09 - 00051798 _____ C:\Users\mistr\Downloads\Hitman.Agent.47.2015.720p.BluRay.x264-DRONES.srt
2015-11-17 18:39 - 2015-11-17 18:39 - 00040401 _____ C:\Users\mistr\Downloads\Hitman- Agent 47 2015 1080p BluRay DTS x264-DRONES.torrent
2015-11-17 18:32 - 2015-11-17 18:32 - 00023290 _____ C:\Users\mistr\Downloads\Hitman Agent 47 2015 BluRay 720p DTS x264-EPiC .torrent
2015-11-17 12:53 - 2015-11-18 19:51 - 00002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-11-17 12:53 - 2015-11-17 17:17 - 00002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-11-17 12:53 - 2015-11-17 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2015-11-17 12:51 - 2015-11-17 12:51 - 03059880 _____ (Microsoft Corporation) C:\Users\mistr\Downloads\Setup.X86.cs-CZ_O365HomePremRetail_7826a10b-1ad0-40c5-80b6-6253f60cdaeb_TX_DB_.exe
2015-11-17 12:51 - 2015-11-17 12:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-17 10:18 - 2015-11-17 10:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-17 20:18 - 2015-10-22 18:19 - 00000000 ____D C:\Users\mistr\AppData\Roaming\Skype
2015-12-17 20:17 - 2015-10-08 04:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-17 20:17 - 2015-10-08 04:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-17 20:17 - 2015-10-07 19:57 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-17 20:17 - 2015-10-07 19:51 - 00000000 ___RD C:\Users\mistr\OneDrive
2015-12-17 20:16 - 2015-10-08 04:43 - 00381224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-17 20:16 - 2015-10-07 20:39 - 00745406 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-17 20:16 - 2015-10-07 20:39 - 00149344 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-17 20:16 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\INF
2015-12-17 20:16 - 2015-10-07 20:31 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-17 20:16 - 2015-10-07 19:49 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-17 20:08 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-17 20:08 - 2015-10-07 20:31 - 00000000 ____D C:\Windows
2015-12-17 20:07 - 2015-10-07 19:57 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-17 19:07 - 2015-10-07 19:57 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 18:52 - 2015-10-22 18:31 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA3D0DB0-E455-4975-BBD9-F43B361FFA8F}
2015-12-17 18:52 - 2015-10-07 20:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-17 18:52 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-16 20:56 - 2015-10-12 17:55 - 00002254 ____H C:\Users\mistr\Documents\Default.rdp
2015-12-16 20:54 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-16 17:39 - 2015-10-07 20:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-16 17:38 - 2015-10-22 17:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-13 23:23 - 2015-10-07 19:49 - 00000000 ____D C:\Users\mistr\AppData\Local\Packages
2015-12-12 22:54 - 2015-10-07 20:57 - 00000000 ____D C:\Users\mistr\AppData\Roaming\uTorrent
2015-12-12 13:29 - 2015-10-12 20:35 - 00000000 ____D C:\Users\mistr\AppData\Local\NVIDIA Corporation
2015-12-10 22:37 - 2015-10-07 19:51 - 00002387 _____ C:\Users\mistr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-08 22:40 - 2015-10-07 20:33 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-08 22:27 - 2015-10-07 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-08 22:25 - 2015-10-07 20:11 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-05 11:02 - 2015-10-07 19:57 - 00004034 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 11:02 - 2015-10-07 19:57 - 00003802 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 21:15 - 2015-11-04 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2015-12-03 21:14 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-01 01:32 - 2015-10-07 20:37 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-07 20:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-24 16:27 - 2015-11-04 20:49 - 00396152 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2015-11-24 16:27 - 2015-11-04 20:49 - 00141304 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2015-11-21 12:12 - 2015-10-22 18:19 - 00000000 ____D C:\ProgramData\Skype
2015-11-17 13:39 - 2015-10-22 17:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 13:38 - 2015-10-07 20:36 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-17 13:36 - 2015-10-07 20:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

Some files in TEMP:
====================
C:\Users\mistr\AppData\Local\Temp\dllnt_dump.dll
C:\Users\mistr\AppData\Local\Temp\LMkRstPt.exe
C:\Users\mistr\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\mistr\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\mistr\AppData\Local\Temp\nvStInst.exe
C:\Users\mistr\AppData\Local\Temp\sqlite3.dll
C:\Users\mistr\AppData\Local\Temp\{960C56A7-B813-4CF7-B529-9A2708EFA36A}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-08 22:25

==================== End of FRST.txt ============================

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 20:26
od meloun173
podařilo se m ited po pročištění vyfotit jak to vypadá ten proces

viz priloha

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 21:40
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\mistr\AppData\Local\Temp
End
Uložte do C:\Users\mistr\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Ten proces, bohužel, v logu není vidět. Abych ho mohl sestřelit, musím znát cestu k němu.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 21:50
od meloun173
Fix result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by mistr (2015-12-17 21:46:15) Run:1
Running from C:\Users\mistr\Downloads
Loaded Profiles: mistr (Available Profiles: mistr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\mistr\AppData\Local\Temp
End
*****************

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\mistr\AppData\Local\Temp" folder move:

Could not move "C:\Users\mistr\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-17 21:50:21)

"C:\Users\mistr\AppData\Local\Temp" => Could not move

==== End of Fixlog 21:50:23 ====

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 21:58
od Rudy
Smazáno, předpokládám ale, že problém nezmizel. Pokud ne, dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 22:08
od meloun173
ComboFix na desitce nespustim, píše mi to že tento operační systém není podporován.

Zkoušel jsem to spustit v režimu kompatibility Windows 8, ale to mi zase řeklo že taky nejde.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 22:28
od Rudy
Jj., nespustíte, já přehlédl verzi. Budete muset zjistit, kde ta aplikace je a dát cestu k ní. Nejprve koukněte, jestli není v programech a nedá se normálně odinstalovat. Pak budete muset projít adresáře. Pokud nebudu znát cestu na disku, nepůjde odstranit.

Re: podezřelý proces při vypínání PC

Napsal: 17 pro 2015 22:33
od meloun173
To jsou právě všechno věci, které jsem udělal sám, než jsem se obrátil na Vás. Ještě mě napadá, zda se ta aplikace nespustí vždy až před vypínáním PC.
Neexistuje něco, co by logovalo procesy, které se ukončovaly před vypnutím? Mám pár měsíců čistou instalaci po formátu disku, hry jsem neinstaloval a programy
mám legální, tak nevím kde jsem to nabral.

Re: podezřelý proces při vypínání PC

Napsal: 18 pro 2015 18:34
od Rudy
Na to asi žádný soft není, nebo já o něm nevím. Patrně jste na netu někam vlezl a na něco nerozvážně kliknul. Jestli chcete spusťte ještě superantispyware: http://www.stahuj.centrum.cz/utility_a_ ... tispyware/ . Pokud je to spyware, měl by ho najít.

Re: podezřelý proces při vypínání PC

Napsal: 20 pro 2015 21:50
od meloun173
Antispyware našel hromadu (cca 300) tracking cookie, ale bohužel nic jinýho.

Problém stále přetrvává.

Re: podezřelý proces při vypínání PC

Napsal: 20 pro 2015 22:28
od Rudy
Poslední možnost se jmenuje AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Po skončení skenu smažte vše, co najde. Bude to možná déle trvat, ale bude to důkladné. Lepší skener neznám.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz