VIRY.CZ

Dobry den, prosim mrknete mi nekdo na logy jak to vypada...zacala jsem mit pomale vse co se tyce prohlizece...videa, hry online...bud se to seka a nebo to trva dlouho....nic jsem nemenila a vse je porad stejne...
Projela jsem pc esetem a nasel 8 hrozeb, ktere pry vylecil...tak jsem to zkusila znovu a vse stejne...moc prosim o pomoc....dekuji



Zde RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kamilka at 2016-05-09 08:20:54
Microsoft Windows 10 Home
System drive C: has 112 GB (49%) free of 228 GB
Total RAM: 3005 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:19, on 09.05.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\taskeng.exe
C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\NetworkUXBroker.exe
C:\Program Files\Microsoft Office 15\ClientX86\AppVShNotify.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Kamilka\Downloads\RSIT.exe
C:\Program Files\trend micro\Kamilka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 88.146.243.17:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = Kamilka\AppData\Local\Temp\{2C3C9D34-F2FD-4EA1-8F25-5132A2D785FB}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7892 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job - C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job - C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-18 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 1713448]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-15 8120864]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2015-08-06 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-20 551112]

C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\Kamilka\AppData\Local\Temp\{2C3C9D34-F2FD-4EA1-8F25-5132A2D785FB}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-05-09 08:20:54 ----D---- C:\rsit
2016-05-07 13:11:44 ----D---- C:\Users\Kamilka\AppData\Roaming\Light Developer
2016-05-07 13:11:00 ----D---- C:\Program Files\Stepok RAW Importer
2016-05-01 23:53:29 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2016-05-01 23:53:29 ----A---- C:\WINDOWS\system32\deployJava1.dll
2016-05-01 23:52:08 ----D---- C:\Program Files\Common Files\Java
2016-05-01 23:51:50 ----D---- C:\Users\Kamilka\AppData\Roaming\Sun
2016-04-30 13:42:38 ----D---- C:\ProgramData\Martau
2016-04-13 14:26:46 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 14:26:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 14:26:45 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 14:26:45 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 14:26:44 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 14:26:44 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 14:26:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 14:26:39 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 14:26:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 14:26:37 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:26:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 14:26:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 14:26:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 14:26:27 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 14:26:24 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 14:26:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 14:26:02 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 14:26:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 14:26:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 14:25:56 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 14:25:54 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 14:25:52 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 14:25:52 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 14:25:51 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 14:25:48 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 14:25:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 14:25:45 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 14:25:44 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 14:25:42 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 14:25:38 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 14:25:36 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 14:25:36 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 14:25:35 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 14:25:35 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 14:25:34 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 14:25:34 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 14:25:33 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 14:25:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 14:25:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 14:25:31 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 14:25:30 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 14:25:30 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 14:25:29 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 14:25:28 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 14:25:28 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 14:25:28 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 14:25:27 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 14:25:27 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 14:25:26 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 14:25:25 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 14:25:25 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 14:25:24 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 14:25:22 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 14:25:22 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 14:25:22 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 14:25:21 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 14:25:21 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 14:25:20 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 14:25:20 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 14:25:20 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 14:25:19 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 14:25:19 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 14:25:19 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 14:25:18 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 14:25:18 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 14:25:18 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 14:25:18 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:25:18 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 14:25:17 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 14:25:17 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 14:25:17 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 14:25:16 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 14:25:16 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 14:25:15 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 14:25:15 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 14:25:14 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 14:25:10 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 14:25:10 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 14:25:09 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 14:25:09 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 14:25:08 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 14:25:08 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:25:08 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 14:25:07 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:25:07 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 14:25:07 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 14:25:07 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 14:25:06 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 14:25:06 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 14:25:06 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 14:25:05 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 14:25:05 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 14:25:05 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 14:25:05 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\msorcl32.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 14:25:04 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 14:25:03 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 14:25:02 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 14:25:00 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 14:25:00 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 14:25:00 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 14:25:00 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 14:24:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:24:59 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 14:24:59 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 14:24:58 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 14:24:58 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 14:24:58 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 14:24:57 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 14:24:57 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 14:24:56 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 14:24:55 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 14:24:55 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 14:24:55 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 14:24:55 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 14:24:54 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 14:24:54 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 14:24:54 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 14:24:53 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 14:24:53 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 14:24:52 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 14:24:52 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 14:24:52 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 14:24:52 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 14:24:51 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 14:24:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 14:24:50 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 14:24:50 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 14:24:49 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 14:24:49 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 14:24:49 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:24:49 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 14:24:48 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:24:48 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 14:24:48 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 14:24:46 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 14:24:46 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 14:24:46 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 14:24:46 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 14:24:45 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 14:24:45 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 14:24:45 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 14:24:45 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 14:24:44 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 14:24:44 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 14:24:44 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 14:24:43 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:24:41 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 14:24:41 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 14:24:40 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 14:24:39 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 14:24:39 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 14:24:38 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 14:24:37 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 14:24:37 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 14:24:36 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 14:24:35 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 14:24:35 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 14:24:35 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 14:24:33 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 14:24:32 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 14:24:29 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 14:24:29 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 14:24:28 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 14:24:24 ----A---- C:\WINDOWS\system32\MTF.dll

======List of files/folders modified in the last 1 month======

2016-05-09 08:21:00 ----D---- C:\Program Files\trend micro
2016-05-09 08:20:45 ----D---- C:\WINDOWS\Temp
2016-05-09 08:16:00 ----D---- C:\WINDOWS\system32\sru
2016-05-09 08:06:38 ----RD---- C:\Program Files
2016-05-09 08:06:34 ----D---- C:\WINDOWS\Prefetch
2016-05-09 08:05:54 ----D---- C:\WINDOWS\SoftwareDistribution
2016-05-09 08:05:54 ----D---- C:\Windows
2016-05-08 20:13:11 ----D---- C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2016-05-08 20:12:58 ----D---- C:\WINDOWS\INF
2016-05-08 20:12:52 ----D---- C:\WINDOWS\debug
2016-05-08 19:39:56 ----D---- C:\Users\Kamilka\AppData\Roaming\Skype
2016-05-08 14:02:59 ----AD---- C:\Program Files\Battle.net
2016-05-08 12:09:45 ----D---- C:\WINDOWS\Microsoft.NET
2016-05-08 09:34:19 ----D---- C:\WINDOWS\AppReadiness
2016-05-07 12:13:47 ----D---- C:\WINDOWS\system32\config
2016-05-07 08:22:32 ----HD---- C:\Program Files\WindowsApps
2016-05-06 09:01:16 ----SHD---- C:\WINDOWS\Installer
2016-05-06 09:00:39 ----RSD---- C:\WINDOWS\assembly
2016-05-06 09:00:33 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 08:58:05 ----AD---- C:\Program Files\Microsoft Office 15
2016-05-04 10:51:20 ----D---- C:\Fotky
2016-05-04 10:47:37 ----D---- C:\Hackovani & Siti
2016-05-03 11:32:04 ----SHD---- C:\System Volume Information
2016-05-01 23:53:46 ----D---- C:\WINDOWS\System32
2016-05-01 23:52:08 ----D---- C:\Program Files\Common Files
2016-05-01 23:51:19 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-01 23:51:15 ----A---- C:\WINDOWS\system32\javaws.exe
2016-05-01 23:51:03 ----D---- C:\ProgramData\Oracle
2016-05-01 23:50:58 ----D---- C:\Program Files\Java
2016-05-01 18:55:53 ----D---- C:\ProgramData\Skype
2016-05-01 18:55:49 ----RD---- C:\Program Files\Skype
2016-04-30 13:49:39 ----D---- C:\Program Files\SlySoft
2016-04-30 13:49:36 ----D---- C:\WINDOWS\system32\drivers
2016-04-30 13:47:13 ----HD---- C:\Program Files\InstallShield Installation Information
2016-04-30 13:45:19 ----D---- C:\WINDOWS\system32\Tasks
2016-04-30 13:45:08 ----D---- C:\Program Files\Sierra
2016-04-30 13:42:39 ----HD---- C:\ProgramData
2016-04-30 13:29:41 ----D---- C:\ProgramData\Sony Ericsson
2016-04-30 13:29:39 ----D---- C:\Program Files\Sony Ericsson
2016-04-30 13:26:33 ----D---- C:\Users\Kamilka\AppData\Roaming\Atari
2016-04-30 13:26:09 ----D---- C:\Users\Kamilka\AppData\Roaming\WB Games
2016-04-29 08:15:37 ----D---- C:\Users\Kamilka\AppData\Roaming\uTorrent
2016-04-25 20:24:32 ----D---- C:\Users\Kamilka\AppData\Roaming\vlc
2016-04-25 08:21:04 ----AD---- C:\Program Files\Hearthstone
2016-04-22 09:09:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 15:45:12 ----D---- C:\WINDOWS\system32\WDI
2016-04-16 12:20:46 ----D---- C:\WINDOWS\rescache
2016-04-16 11:50:04 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-16 11:49:59 ----D---- C:\WINDOWS\WinSxS
2016-04-16 03:02:13 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-16 03:02:12 ----D---- C:\WINDOWS\system32\en-US
2016-04-16 03:02:12 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-16 03:02:12 ----D---- C:\WINDOWS\system32\Boot
2016-04-16 03:02:12 ----D---- C:\WINDOWS\system32\appraiser
2016-04-16 03:02:01 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-16 03:01:59 ----D---- C:\WINDOWS\bcastdvr
2016-04-16 03:01:59 ----D---- C:\WINDOWS\apppatch
2016-04-13 23:28:10 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 23:26:09 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 23:18:47 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 14:14:12 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2016-03-17 71488]
R0 iaStor;@oem92.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2009-10-13 331288]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-03-17 206312]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-01-15 146024]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-03-17 152728]
R1 EpfwLWF;@oem117.inf,%EpfwLWF_Desc%;ESET Personal Firewall; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2016-03-17 44608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2010-03-31 10752]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2016-01-31 271360]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2016-01-15 111040]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2016-01-31 18048]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 athr;@oem50.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athr.sys [2015-05-12 3346968]
R3 dtlitescsibus;@oem16.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-11-18 25016]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2012-03-23 9036288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2009-12-15 2977248]
R3 IntcHdmiAddService;@oem14.inf,%IntelHDMIDriverForHDAudio.SvcDesc%;Intel(R) High Definition Audio HDMI; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-20 130560]
R3 SynTP;@oem93.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R4 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2015-09-23 14464]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-20 96768]
S3 dg_ssudbus;@oem45.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 101040]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2009-08-06 54632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 rtport;rtport; \??\C:\windows\system32\drivers\rtport.sys [2010-08-17 15656]
S3 ssudmdm;@oem42.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 192944]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 203104]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2016-03-08 1917680]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-03-17 1983264]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-20 25088]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_a617d5;Sync Host_a617d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-07-07 247152]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 PimIndexMaintenanceSvc_a617d5;Contact Data_a617d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 UnistoreSvc_a617d5;User Data Storage_a617d5; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_327117;Sync Host_327117; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_b78d1;Sync Host_b78d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_327117;MessagingService_327117; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_a617d5;MessagingService_a617d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_b78d1;MessagingService_b78d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-05-08 1931632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-10-03 4846168]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_327117;Contact Data_327117; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_b78d1;Contact Data_b78d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_327117;User Data Storage_327117; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_b78d1;User Data Storage_b78d1; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-10-30 45752]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]

-----------------EOF-----------------


Tady je FRST:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-05-2016
Ran by Kamilka (2016-05-09 08:35:04)
Running from C:\Users\Kamilka\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2015-12-20 07:43:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3219418776-4157282183-555089908-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3219418776-4157282183-555089908-503 - Limited - Disabled)
Guest (S-1-5-21-3219418776-4157282183-555089908-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3219418776-4157282183-555089908-1002 - Limited - Enabled)
Kamilka (S-1-5-21-3219418776-4157282183-555089908-1000 - Administrator - Enabled) => C:\Users\Kamilka
Mcx1-KAMILKA-PC (S-1-5-21-3219418776-4157282183-555089908-1003 - Limited - Enabled) => C:\Users\Mcx1-KAMILKA-PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.318.22 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.374.1 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
BatteryLifeExtender (HKLM\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
ESET Smart Security (HKLM\...\{8F5A2A0B-1F5D-4114-8C24-790DBB0528C4}) (Version: 9.0.318.22 - ESET, spol. s r.o.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry (HKLM\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Název společnosti:)
Far Cry (Version: 1.00.0000 - Název společnosti:) Hidden
Full Tilt Poker (HKLM\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.32.1.WIN.FullTilt.COM - )
Full Tilt UK (HKLM\...\{31967082-7E6A-42A3-9740-6F9065509BD6}) (Version: 5.22.51.WIN.FullTilt.UK - )
Google Chrome (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Korean Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5670-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
LEGO® Batman™ (Version: 1.00.0000 - Warner Bros. Interactive Entertainment) Hidden
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SamsungMovie (HKLM\...\{EFA6EF6A-9E0D-4CF0-91DD-B55D8632F65A}) (Version: 1.0.0 - Samsung)
Search App by Ask (HKLM\...\{4254522D-5350-006A-76A7-A75C790C1B00}) (Version: 12.27.0.1059 - APN, LLC) <==== ATTENTION
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.3 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.3 - SoftPerfect Research)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Stepok RAW Importer v2.8 (HKLM\...\Stepok RAW Importer_is1) (Version: - Stepok Image Lab.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Generations (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Pets (HKLM\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.1.5 (HKLM\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zeus & Poseidon (HKLM\...\{8043219B-D2C0-4561-90AB-3F1113ED5A87}) (Version: - )
Zoo Tycoon 2 - African Adventure (HKLM\...\InstallShield_{CE7062BD-BE6F-4153-9654-3D72D0C1CC17}) (Version: 1.00.0000 - Název spolecnosti:)
Zoo Tycoon 2 - African Adventure (Version: 1.00.0000 - Název společnosti:) Hidden
Zoo Tycoon 2 Endangered Species (HKLM\...\Zoo Tycoon 2) (Version: - )
ZTE_1.2059.0.8 (HKLM\...\ZTE_1.2059.0.8) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F40D33-69A1-419B-95A6-2B0D059EB914} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {018A75BE-050D-4401-8913-E3172651C927} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {0725DE1C-946B-4995-96AA-08DC622A177F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B47D4E5-825F-47B1-9C94-E6D582FD77DB} - System32\Tasks\{4EC4783C-B875-4D40-A677-E047FEA0FD88} => pcalua.exe -a "C:\Program Files\Photodex\ProShow Gold\remove.exe"
Task: {134673E0-3AE7-4085-889F-4D62A0DB5EFA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {155E7C4E-388B-487D-ABEA-854ACC31FD0B} - System32\Tasks\{D5F44F69-3986-45D0-B447-77E22B338DD2} => pcalua.exe -a F:\LEGO2.part01.exe -d F:\
Task: {162A6817-B3DB-4886-803D-0E9E543B7DBD} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {2215FE9F-B453-4376-A31F-3E5F7C6D8BC9} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {232BEC77-B722-44F9-99E2-5439BB1B59FF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {26BA0CF6-5E1D-4D63-A078-7D289ED2D96A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {27466477-23A7-4F6B-BB85-AB89B67CCCDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {2C154169-7335-45BC-A0B4-A6019D9C9989} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CC58E73-6E0C-4BE2-8BAE-F5FC180D6750} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CE418B7-1996-4546-9D0C-957272A43B51} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {32EC5F8D-F387-43E3-913E-18BED4DF6E77} - System32\Tasks\{2A586BBF-9A38-4928-9E5E-3DF8D7C3E8A8} => D:\Stahnute\Zoo Tycoon 2\Čeština zootycoon2.exe
Task: {3463AB54-5314-4148-B89E-9FF1FE55F110} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-KAMILKA-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {3727246A-3948-4304-BCF9-330D904F47B6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D9CBA2B-B000-4791-899C-A9F9BB2D64AE} - System32\Tasks\{5920A724-781E-4975-9033-5F83B4385B9D} => C:\Program Files\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {4184A7AD-A7DE-4EA7-890A-7E59F0186F88} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {476B317E-C411-4FEB-B5DF-301599A580BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4929741B-D7DF-4DA6-AB97-23502BAFCF9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B1A2398-509B-49A8-AD92-6012EF4527F6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4EEEC0C8-B345-47B3-B614-B40A3460CFE1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {524EF5DF-A30A-4319-BB88-EB94C64FE349} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {537FDBD7-C27A-414B-BDFF-E0D7B23CC793} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53E4D469-ECAC-4638-A6B4-52D3E4519A71} - System32\Tasks\{6E1A49B2-4ED2-40D3-86FF-07CB5C98ACDF} => pcalua.exe -a E:\RM_Setup_DX8.exe -d E:\
Task: {544F91D9-F912-49A4-BCEA-EB7A252FBC1E} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {612ED69C-95E1-44B2-B7A6-25CADB324DE5} - System32\Tasks\{2F59EA89-41AA-4DFB-A4CB-9AEEE771F9FB} => pcalua.exe -a C:\Windows\UbiSoft\SetupUbi.exe -d C:\windows\UbiSoft -c -http hxxp://www.raymanm.com
Task: {62DC15A4-ACD2-4D09-B5D0-9C77C5CA8934} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {670DA724-BA9D-4207-B660-39EF2A81916F} - System32\Tasks\{1F88FA98-3882-43CE-A708-E4946CD0B592} => pcalua.exe -a G:\Support\DrvSetup.exe -d G:\Support
Task: {69C8115E-C254-48E0-929E-E0B8E95E375D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-18] (Microsoft Corporation)
Task: {6E0E3C6D-8783-46B5-9C53-9B18B5C70239} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6F994398-5976-467F-8774-926967D9DDBA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7771CAAA-7388-4FF3-8193-21BBD3A33940} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7774D1B7-CC79-4013-A954-0018BC34BCE3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {7D1E7520-EECF-42A0-9549-AF82921A5C01} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7E096918-C3B0-4ADB-AB24-A9D0C7235E4C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85F109FC-8478-496C-97AC-A7B87735EC9F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {88BFAAFA-16B1-4E5B-919A-44FD06D95017} - System32\Tasks\{588EFBBC-73C5-4990-82C1-9FDBF5412A4C} => pcalua.exe -a "C:\Program Files\Electronic Arts\The Godfather The Game\eauninstall.exe" -d "C:\Program Files\Electronic Arts\The Godfather The Game"
Task: {8F266852-3B76-4177-92F5-8C3583C63CF6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9093FE45-F527-451B-B25C-44F469A2AA18} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {90C134C6-0A60-4C83-83D5-3C428B714D7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {954F1EFE-6D14-43CD-88C6-E62648E6084F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9B853534-91CB-4A4E-A789-24674E67C4BA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D1B39B5-AE0E-4145-9FA0-1637F6732348} - System32\Tasks\{C6EE5EB4-9AAC-4A1C-815E-B0B45CF91250} => C:\Windows\UbiSoft\SetupUbi.exe
Task: {A3429140-62A0-40ED-B916-4BB816ED3773} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {A46ADC45-9CB9-4C70-B754-1F640184A981} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4DBC9DD-4097-4D11-AB77-F439AD64B783} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AE31BEAB-2053-4F7B-9D12-5CFFFA853D86} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {B01854B7-E936-4810-98AF-D48AB1585A9F} - System32\Tasks\{9739F5E6-17A8-48B9-82EE-58B13E994148} => pcalua.exe -a "C:\Program Files\Ubi Soft\RaymanM\RM_Setup_DX8.exe" -d "C:\Program Files\Ubi Soft\RaymanM"
Task: {B5F7DC56-B69D-468F-8339-1C7E393457D8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B9540BDF-9C40-4E23-A0A2-566EE6E83F7B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {BE4B7488-9B29-423C-82BE-49601CDFED9B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {BEBA0598-2736-407A-851F-68F4478CD647} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {C449A13A-922A-483B-AADF-EC80E45BB290} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C74A93D7-E0AA-4AF5-88C4-2EF94D022AFF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE7BE772-9952-4331-89DE-4093A8931424} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {CF425726-4D94-46C5-832F-DEFBF8906E71} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {D00F6D12-B958-429F-BAF1-D366AB6A233A} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D7ED93E5-3A3F-48E4-9D82-636AE0BD087C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D99A8ABD-4271-48E1-AE68-CDF8EC090A00} - System32\Tasks\{32259922-2AF5-463E-ADEC-25AA01F38E9E} => C:\Program Files\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {DC0A3DE5-1167-40A0-AB94-27AC4C42DDFE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E362E182-0FBB-40B3-8A07-860101D0D58A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E490CBF3-E309-4CF7-980A-BED1B6359A37} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E5066F7D-09F9-4F0F-BFCD-D49AC4FB5E4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E57C2ADC-1413-4E60-91C5-E9A2BFC1E097} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F07F3B06-00D7-46F6-8807-F28F3B6692F5} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {FD08A5CB-7B64-43D5-A1D9-88BCF4C5E90F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-03-23 08:30 - 2015-10-13 03:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2010-06-14 00:49 - 2009-07-07 20:23 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2010-06-14 00:49 - 2009-07-07 20:23 - 00034088 ____N () C:\Program Files\Cyberlink\Shared files\RichVideops.dll
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-13 14:26 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-06-14 00:53 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2016-04-19 08:30 - 2016-04-19 08:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-19 08:30 - 2016-04-19 08:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 08:30 - 2016-04-19 08:31 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-13 14:26 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-11-21 12:09 - 2010-03-15 13:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2015-12-20 14:00 - 2015-12-20 14:00 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 14:24 - 2016-04-02 05:26 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 14:24 - 2016-04-02 05:26 - 00428032 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-04-30 08:45 - 2016-04-30 08:45 - 06383616 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x86__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-03-30 06:46 - 2016-03-30 06:47 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-30 06:46 - 2016-03-30 06:47 - 14568448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 08:49 - 2016-03-04 08:49 - 00180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-18 17:42 - 2015-12-18 17:42 - 50708664 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2016-04-13 14:24 - 2016-04-02 05:09 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 14:24 - 2016-04-02 05:03 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 14:25 - 2016-04-02 05:03 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 14:25 - 2016-04-02 05:07 - 02657280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-16 18:55 - 2015-11-16 18:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-04-29 08:14 - 2016-04-28 01:25 - 01738904 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-04-29 08:14 - 2016-04-28 01:25 - 00086168 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\50.0.2661.94\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123simsen.com -> www.123simsen.com

There are 7729 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-03 15:36 - 2015-05-09 20:49 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Control Panel\Desktop\\Wallpaper -> C:\Fotky\20151004_151834.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: OneDrive => "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "CLMLServer"
HKLM\...\StartupApproved\Run: => "QuickTime Task"
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{56994D27-3539-4DC3-A207-A5022EE274D3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F412CAE7-C0C5-4945-92F4-50C39C3E607A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1A8D25BA-A8A2-42E1-AF0A-4B3EC2A2A3B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{3D2F8511-53FD-4026-915D-C701CD8ED2F4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C9CEFD72-2F45-476F-A366-5B82D307437B}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C908CCA4-D05F-4FF5-9825-F6B0AD143D48}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{B36137A6-AD71-4628-B58B-36E382489824}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{EFF9CA49-4765-4B0E-ACA7-C579D5B2544B}] => (Allow) svchost.exe
FirewallRules: [{BE081235-9574-46D8-8B1F-CBAD7EE5CEDB}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{7F3DC2F2-F83A-49A9-8D84-DE829D2D380A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E712C80A-58CB-42E4-8B4D-429A3765370B}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{BE65866B-CF32-4607-A08F-C41202D68CB2}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{8926BBB0-F3FE-4BFA-9806-7C9E37B37012}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{D97F2A30-0683-4A9F-879E-A12431DC9697}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B28A2A21-969D-4D3F-AB25-946079FF2885}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{56254BBC-D643-40CC-9FD6-2CE44B3C8C8A}] => (Allow) C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{701FF157-70CB-4CFF-9F05-3F5B62007E93}] => (Allow) C:\Users\Kamilka\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5B6CAA4-94DA-452F-A17B-8226023A0F0F}] => (Allow) C:\Users\Kamilka\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{990F0646-BD51-4C97-9553-7DBC11E197A2}] => (Allow) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-04-2016 11:37:27 Scheduled Checkpoint
30-04-2016 13:17:08 Odstraněno LEGO® Batman™
30-04-2016 13:44:06 Odinstalovat s Total Uninstall "Caesar IV"
30-04-2016 13:46:31 Odinstalovat s Total Uninstall "LEGO® Batman™"
30-04-2016 13:46:58 Odstraněno LEGO® Batman™
30-04-2016 13:49:12 Odinstalovat s Total Uninstall "CloneCD"
01-05-2016 14:46:25 Instalováno The Sims 3

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2016 08:57:28 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (05/08/2016 12:11:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/08/2016 12:10:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/07/2016 09:21:33 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (05/07/2016 01:13:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StepokRAWImporter.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1424

Čas spuštění: 01d1a8513d6555ee

Čas ukončení: 50

Cesta k aplikaci: C:\Program Files\Stepok RAW Importer\StepokRAWImporter.exe

ID hlášení: a7538662-1444-11e6-a07b-002454bbb9e9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (05/07/2016 12:10:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/07/2016 12:09:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/07/2016 11:22:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/06/2016 08:57:28 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (05/06/2016 10:02:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (05/09/2016 12:09:19 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/07/2016 11:51:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/07/2016 03:31:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/06/2016 10:58:56 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/06/2016 09:09:16 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/06/2016 06:19:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/06/2016 08:47:02 AM) (Source: DCOM) (EventID: 10016) (User: Kamilka-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Kamilka-PCKamilkaS-1-5-21-3219418776-4157282183-555089908-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (05/06/2016 08:47:02 AM) (Source: DCOM) (EventID: 10016) (User: Kamilka-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Kamilka-PCKamilkaS-1-5-21-3219418776-4157282183-555089908-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (05/05/2016 11:28:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/05/2016 04:55:17 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


CodeIntegrity:
===================================
Date: 2016-04-23 13:33:38.957
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-23 13:33:38.843
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-23 13:33:38.553
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-23 13:33:38.427
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-23 13:33:38.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-23 13:33:38.172
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-16 23:27:58.691
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-16 03:06:08.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-16 03:05:41.479
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-16 03:05:41.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 3004.61 MB
Available physical RAM: 1349.76 MB
Total Virtual: 6076.61 MB
Available Virtual: 3889.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.83 GB) (Free:109.33 GB) NTFS
Drive d: () (Fixed) (Total:222.83 GB) (Free:110.84 GB) NTFS
Drive f: (Sims3EP08) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6261FA1C)
Partition 1: (Not Active) - (Size=20 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

druhy:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2016
Ran by Kamilka (administrator) on KAMILKA-PC (09-05-2016 08:33:32)
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Facebook Inc.) C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\AppVShNotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [2016-01-31]
ShortcutTarget: RollerCoaster Tycoon 3 Registration.lnk -> C:\Users\Kamilka\AppData\Local\Temp\{2C3C9D34-F2FD-4EA1-8F25-5132A2D785FB}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-06-23] (Apple Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Native Client) - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\50.0.2661.94\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\50.0.2661.94\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\50.0.2661.94\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\windows\system32\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Kamilka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1917680 2016-03-08] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1983264 2016-03-17] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athr.sys [3346968 2015-05-12] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2016-01-31] () [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-11-18] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206312 2016-03-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14464 2015-09-23] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [146024 2016-01-15] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [111040 2016-01-15] (ESET)
R4 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [152728 2016-03-17] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44608 2016-03-17] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [71488 2016-03-17] (ESET)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2016-01-31] () [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2015-10-30] (Marvell)
U3 idsvc; no ImagePath
U5 pccsmcfd; C:\Windows\System32\Drivers\pccsmcfd.sys [19072 2012-10-17] (Nokia)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-09 08:33 - 2016-05-09 08:34 - 00019719 _____ C:\Users\Kamilka\Desktop\FRST.txt
2016-05-09 08:32 - 2016-05-09 08:32 - 00015327 _____ C:\Users\Kamilka\Desktop\LM.bat
2016-05-09 08:30 - 2016-05-09 08:30 - 02379264 _____ (Farbar) C:\Users\Kamilka\Downloads\FRST64.exe
2016-05-09 08:29 - 2016-05-09 08:32 - 00029696 _____ C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2016-05-09 08:29 - 2016-05-09 08:29 - 00112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher (2).exe
2016-05-09 08:26 - 2016-05-09 08:26 - 00112640 _____ (forum.viry.cz) C:\Users\Kamilka\Downloads\Nepotvrzeno 30668.crdownload
2016-05-09 08:25 - 2016-05-09 08:25 - 00112640 _____ (forum.viry.cz) C:\Users\Kamilka\Downloads\Nepotvrzeno 715234.crdownload
2016-05-09 08:24 - 2016-05-09 08:33 - 00000000 ____D C:\FRST
2016-05-09 08:24 - 2016-05-09 08:24 - 01730048 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2016-05-09 08:20 - 2016-05-09 08:21 - 00000000 ____D C:\rsit
2016-05-09 00:08 - 2016-05-09 00:08 - 00987728 _____ (Google Inc.) C:\Users\Kamilka\Downloads\ChromeSetup.exe
2016-05-07 13:11 - 2016-05-07 13:11 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Light Developer
2016-05-07 13:11 - 2016-05-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stepok RAW Importer
2016-05-07 13:11 - 2016-05-07 13:11 - 00000000 ____D C:\Program Files\Stepok RAW Importer
2016-05-07 13:10 - 2016-05-07 13:10 - 04214880 _____ (Stepok Image Lab. ) C:\Users\Kamilka\Downloads\SRAWISetup.exe
2016-05-01 23:56 - 2016-05-01 23:56 - 00000017 _____ C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2016-05-01 23:53 - 2016-05-01 23:51 - 00905280 _____ (Oracle Corporation) C:\WINDOWS\system32\npdeployJava1.dll
2016-05-01 23:53 - 2016-05-01 23:51 - 00825408 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2016-05-01 23:52 - 2016-05-01 23:52 - 00000000 ____D C:\Program Files\Common Files\Java
2016-05-01 23:51 - 2016-05-01 23:51 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Sun
2016-05-01 23:51 - 2016-05-01 23:51 - 00000000 ____D C:\Users\Kamilka\.oracle_jre_usage
2016-05-01 15:13 - 2016-05-01 15:13 - 53339518 _____ C:\Users\Kamilka\Downloads\The_Sims_3_fix.rar
2016-04-30 13:42 - 2016-04-30 13:42 - 00000016 _____ C:\ProgramData\mntemp
2016-04-30 13:42 - 2016-04-30 13:42 - 00000000 ____D C:\ProgramData\Martau
2016-04-30 13:41 - 2016-04-30 13:42 - 23049888 _____ (Gavrila Martau ) C:\Users\Kamilka\Downloads\Total-Uninstall-Setup-6.16.0.exe
2016-04-27 22:03 - 2016-04-27 22:03 - 00014891 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E04_The_Broken_Kingdom_2011_TVRip_.torrent
2016-04-27 22:03 - 2016-04-27 22:03 - 00014351 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E07_Nimue_2011_TvRip_.torrent
2016-04-27 22:03 - 2016-04-27 22:03 - 00014151 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E03_Siege_Perilous_TvRip_.torrent
2016-04-27 22:03 - 2016-04-27 22:03 - 00014130 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E06_The_Bear_and_the_Bow_TVRip_.torrent
2016-04-27 22:03 - 2016-04-27 22:03 - 00013370 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E05_Dreamcatcher_TvRip_.torrent
2016-04-27 22:03 - 2016-04-27 22:03 - 00013370 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E05_Dreamcatcher_TvRip_ (1).torrent
2016-04-27 22:02 - 2016-04-27 22:02 - 00017370 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_S05E01_The_Dark_Swan_TvRip_.torrent
2016-04-27 22:02 - 2016-04-27 22:02 - 00014111 _____ C:\Users\Kamilka\Downloads\[CzT]Bylo_nebylo_Once_upon_a_time_S05E02_Cena_The_Price_TvRip_.torrent
2016-04-24 20:02 - 2016-04-24 20:04 - 221270226 _____ C:\Users\Kamilka\Downloads\zasilka-HZXE5LC57XTTAHPW.zip
2016-04-13 14:26 - 2016-03-29 11:38 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 14:26 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 14:26 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 14:26 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 14:26 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 14:26 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 14:26 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 14:26 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 14:26 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 14:26 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 14:26 - 2016-03-29 08:14 - 02975232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 14:26 - 2016-03-29 08:05 - 01894912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 14:26 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 14:26 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 14:26 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 14:26 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 14:26 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 14:26 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 14:26 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 14:25 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 14:25 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:25 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 14:25 - 2016-04-02 05:26 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 14:25 - 2016-04-02 05:22 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 14:25 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 14:25 - 2016-04-02 05:20 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 14:25 - 2016-04-02 05:17 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:25 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 14:25 - 2016-04-02 05:12 - 01887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 14:25 - 2016-04-02 05:11 - 01524736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 14:25 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 14:25 - 2016-04-02 05:05 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 14:25 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 14:25 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 14:25 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 14:25 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 14:25 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 14:25 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 14:25 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 14:25 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 14:25 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 14:25 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 14:25 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 14:25 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 14:25 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 14:25 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 14:25 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 14:25 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 14:25 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 14:25 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-13 14:25 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 14:25 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 14:25 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 14:25 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 14:25 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 14:25 - 2016-03-29 08:59 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 14:25 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 14:25 - 2016-03-29 08:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 14:25 - 2016-03-29 08:54 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 14:25 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 14:25 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 14:25 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 14:25 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 14:25 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 14:25 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 14:25 - 2016-03-29 08:43 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 14:25 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 14:25 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 14:25 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 14:25 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 14:25 - 2016-03-29 08:38 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 14:25 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 14:25 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 14:25 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 14:25 - 2016-03-29 08:34 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 14:25 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 14:25 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 14:25 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:25 - 2016-03-29 08:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 14:25 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 14:25 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 14:25 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 14:25 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 14:25 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 14:25 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 14:25 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 14:25 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 14:25 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 14:25 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 14:25 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 14:25 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 14:25 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 14:25 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 14:25 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 14:25 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 14:25 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 14:25 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 14:25 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 14:25 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 14:25 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 14:25 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 14:25 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 14:25 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 14:25 - 2016-03-29 07:42 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:25 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 14:25 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 14:25 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 14:25 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 14:25 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 14:24 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 14:24 - 2016-04-02 05:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 14:24 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 14:24 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 14:24 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 14:24 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 14:24 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 14:24 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 14:24 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 14:24 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 14:24 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 14:24 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 14:24 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 14:24 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 14:24 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 14:24 - 2016-03-29 09:30 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 14:24 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 14:24 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 14:24 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 14:24 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 14:24 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 14:24 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 14:24 - 2016-03-29 09:14 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 14:24 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 14:24 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 14:24 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 14:24 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 14:24 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 14:24 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 14:24 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 14:24 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 14:24 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:24 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 14:24 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 14:24 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 14:24 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 14:24 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:24 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 14:24 - 2016-03-29 09:05 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 14:24 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 14:24 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 14:24 - 2016-03-29 09:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 14:24 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 14:24 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 14:24 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 14:24 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 14:24 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 14:24 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:24 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 14:24 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 14:24 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 14:24 - 2016-03-29 08:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 14:24 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:24 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 14:24 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 14:24 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 14:24 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 14:24 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 14:24 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 14:24 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 14:24 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 14:24 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 14:24 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 14:24 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 14:24 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 14:24 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 14:24 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 14:24 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 14:24 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 14:24 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 14:24 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 14:24 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 14:24 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 14:24 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 14:24 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 14:24 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 14:24 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 14:24 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-11 11:51 - 2016-04-11 11:51 - 00005350 _____ C:\Users\Kamilka\Downloads\smime.p7s

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-09 08:21 - 2015-05-09 15:46 - 00000000 ____D C:\Program Files\trend micro
2016-05-09 08:12 - 2015-05-17 11:29 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
2016-05-08 23:45 - 2012-02-08 15:44 - 00000000 ____D C:\Users\Kamilka\AppData\Local\ElevatedDiagnostics
2016-05-08 20:13 - 2010-11-06 22:22 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2016-05-08 20:12 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-08 19:39 - 2010-11-13 20:09 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Skype
2016-05-08 19:12 - 2015-05-17 11:29 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
2016-05-08 14:23 - 2016-01-09 13:05 - 00000000 ____D C:\Users\Kamilka\AppData\Local\Battle.net
2016-05-08 14:02 - 2016-01-09 13:04 - 00000000 ____D C:\Program Files\Battle.net
2016-05-08 09:34 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-07 08:22 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-06 09:09 - 2010-11-06 20:07 - 00000000 ____D C:\Users\Kamilka\Documents\Youcam
2016-05-06 09:00 - 2015-10-30 07:48 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 08:58 - 2013-10-21 12:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-04 10:51 - 2011-01-03 16:59 - 00000000 ____D C:\Fotky
2016-05-04 10:47 - 2014-02-28 12:04 - 00000000 ____D C:\Hackovani & Siti
2016-05-03 08:08 - 2015-11-13 12:11 - 00000000 ____D C:\Users\Kamilka\AppData\Local\Packages
2016-05-01 23:53 - 2013-12-11 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-01 23:51 - 2015-12-20 05:13 - 00000000 ____D C:\Users\Kamilka
2016-05-01 23:51 - 2014-10-04 15:01 - 00268352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-05-01 23:51 - 2014-10-04 15:01 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-01 23:51 - 2013-12-11 19:10 - 00000000 ____D C:\ProgramData\Oracle
2016-05-01 23:50 - 2010-12-27 17:02 - 00000000 ____D C:\Program Files\Java
2016-05-01 18:55 - 2012-12-14 18:03 - 00000000 ___RD C:\Program Files\Skype
2016-05-01 18:55 - 2010-11-13 20:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-30 14:45 - 2015-09-10 06:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-30 13:49 - 2011-01-30 18:14 - 00000000 ____D C:\Program Files\SlySoft
2016-04-30 13:47 - 2010-06-14 00:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-04-30 13:45 - 2011-04-16 17:39 - 00000000 ____D C:\Program Files\Sierra
2016-04-30 13:29 - 2010-12-27 16:54 - 00000000 ____D C:\ProgramData\Sony Ericsson
2016-04-30 13:29 - 2010-12-27 16:54 - 00000000 ____D C:\Program Files\Sony Ericsson
2016-04-30 13:28 - 2016-01-31 13:36 - 00000000 ____D C:\Users\Kamilka\Documents\RCT3
2016-04-30 13:26 - 2014-10-17 17:33 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\WB Games
2016-04-30 13:26 - 2010-11-08 13:10 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Atari
2016-04-30 13:25 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-29 08:15 - 2015-05-16 00:17 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\uTorrent
2016-04-29 08:15 - 2012-02-27 22:22 - 00002503 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-25 20:24 - 2010-12-01 15:18 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\vlc
2016-04-25 08:21 - 2016-01-09 13:06 - 00000000 ____D C:\Program Files\Hearthstone
2016-04-24 18:38 - 2010-11-06 19:10 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2016-04-23 13:33 - 2015-12-20 09:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-23 13:32 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-22 09:09 - 2015-12-20 13:57 - 00796720 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-22 09:09 - 2015-12-20 13:56 - 00168116 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-22 09:09 - 2015-12-20 05:12 - 01944164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-16 12:20 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-04-16 03:05 - 2015-12-20 05:05 - 00409224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-16 03:02 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-16 03:02 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-16 03:02 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-16 03:01 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 23:28 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 23:26 - 2013-08-13 14:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 23:18 - 2010-11-06 20:54 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2004-02-04 16:53 - 2004-02-04 16:53 - 0458752 ____H () C:\Program Files\Common Files\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 0000019 ____H () C:\Program Files\Common Files\General.txt
2004-02-04 16:53 - 2004-02-04 16:53 - 0458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 0000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 19:33 - 2002-08-29 19:33 - 0319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2012-11-23 15:50 - 2012-11-23 15:50 - 0003584 _____ () C:\Users\Kamilka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-09 08:29 - 2016-05-09 08:32 - 0029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2016-05-01 23:56 - 2016-05-01 23:56 - 0000017 _____ () C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2011-01-30 18:15 - 2015-06-16 14:15 - 0000121 ___SH () C:\ProgramData\.zreglib
2010-11-13 20:12 - 2010-11-13 20:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-11-06 19:12 - 2010-01-16 09:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2013-12-24 01:40 - 2013-12-24 01:41 - 0000348 _____ () C:\ProgramData\hpzinstall.log
2016-04-30 13:42 - 2016-04-30 13:42 - 0000016 _____ () C:\ProgramData\mntemp
2010-06-14 00:51 - 2010-06-14 00:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 00:49 - 2010-06-14 00:50 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 00:46 - 2010-06-14 00:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 00:50 - 2010-06-14 00:51 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 00:45 - 2010-06-14 00:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 00:47 - 2010-06-14 00:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\ArivaUpgrade\ArivaUpgrade.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-07 11:06

==================== End of FRST.txt ============================

Doufam, ze jsem vse udelala spravne...

Krasny den Vam preju


Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 100.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne.


Odinstalujte

• Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439
• QuickTime - Apple ukoncil jeho vyvoj a je znamo nekolik kritickych zranitelnosti https://csirt.cz/page/3232/

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobry den i Vam
Tak tady je ten log, vse jsem udelala podle navodu, tak doufam, ze uz to bude ok...jinak nahodou nevite odkud se to mohlo vzit? Davam si pozor, abych opravdu nestahlanebo nesla nekam kam nemam...


# AdwCleaner v5.116 - Logfile created 11/05/2016 at 20:33:31
# Updated 09/05/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 10 Home (X86)
# Username : Kamilka - KAMILKA-PC
# Running from : C:\Users\Kamilka\Desktop\adwcleaner_5.116.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3219418776-4157282183-555089908-1000\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4

***** [ Web browsers ] *****

[-] [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4953 bytes] - [11/05/2016 20:33:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [4830 bytes] - [11/05/2016 20:29:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5099 bytes] ##########

Kdyz uz jste tady, tak ten pocitac procistime poradne

• Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 10586] (x86)
Date : 2016/05/11 21:10:42

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- WDC WD5000BEVT-35A0RT0
- TSSTcorp CDDVDW TS-L633C
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-35A0RT0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000BEVT-35A0RT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-35A0RT0
Firmware : 01.01A01
Serial Number : WD-WX51A6005864
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 23752 hod.
Power On Count : 6647 krát
Temperature : 39 C (102 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 186 182 _21 00000000067A Čas na roztočení ploten
04 _88 _88 __0 000000002F2C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _68 _68 __0 000000005CC8 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 0000000019F7 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000087 Počet vypnutí disku
C1 __1 __1 __0 0000002CB8F9 Počet cyklů načítání/vymazání
C2 108 100 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 __1 __0 000000000001 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3531 4136 3030 3538 3634
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D33 3541 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0044
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0045
090: 0045 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 0046 37DA 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 40A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 BA B6 7A 06 00 00 00 00 00 04 32 00 58 58 2C
020: 2F 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 44 44 C8 5C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5E 5E F7 19 00 00 00 00 00 C0 32
070: 00 C8 C8 87 00 00 00 00 00 00 C1 32 00 01 01 F9
080: B8 2C 00 00 00 00 C2 22 00 6C 64 27 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 01 01 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F8 34 01 7B
170: 03 00 01 00 02 9E 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A7

Ted probiha scan MBAM tak to sem pak poslu...

Tento sken prohledava cely disk, takze mu to par hodin trva. Jak bude hotovo, vlozte log a budeme si hrat dal

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.05.2016
Čas skenování: 21:15
Protokol: log.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.11.05
Databáze rootkitů: v2016.05.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x86
Souborový systém: NTFS
Uživatel: Kamilka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 570083
Uplynulý čas: 2 hod, 57 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4254522D-5350-006A-76A7-A75C790C1B00}, , [d4cd8b49297084b26692563c20e3d030],

Hodnoty registru: 1
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4254522D-5350-006A-76A7-A75C790C1B00}|InstallSource, C:\ProgramData\APN\APN-Stub\BTR-SP\, , [d4cd8b49297084b26692563c20e3d030]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Pokud jste MBAM jeste neukoncila, tak ted nalezy nechte odstranit/presunout do karanteny.



Nainstalujte a spustte HD Tune - http://www.hdtune.com/files/hdtune_255.exe

• Prejdete na zalozku Health a zkontrolujte, ze je ve sloupecku Status vsude hodnota OK a dole sviti zelene Health status: OK
• Na zalozce Error Scan kliknete na Start. Po dokonceni testu udelejte screen a prilozte ho k dalsi odpovedi.

MBAM jsem udelala presne podle navodu na kery jste odkazoval a co se tyce toho druheho tak po testu to vypada takto viz obr

A co se tyce te kontroly health tak to ukazuje toto viz obr, doufam ze je to videt ale neukazuje to nic

Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/

• spustte jako spravce
• nahore prejdete na zalozku Scan
• vpravo dole kliknete na Start Scan (potrva az nekolik desitek minut)
• vlevo dole vyberte Open Report
• vpravo dole Export TXT
• report ulozte na plochu a jeho obsah vlozte do pristi odpovedi

Mam ty detekovane soubory nechat smazat?


RogueKiller V12.2.0.0 [May 10 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 32 bits version
Spuštěno : Normální režim
Uživatel : Kamilka [Práva správce]
Started from : C:\Users\Kamilka\Downloads\RogueKiller.exe
Mód : Prohledat -- Datum : 05/14/2016 07:13:25

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WUDFRd (system32\drivers\WudfRd.sys) -> Nalezeno
[PUM.Proxy] HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 88.146.243.17:8080 -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Path][Soubor] C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [LNK@] C:\Users\Kamilka\AppData\Local\Temp\{2C3C9D34-F2FD-4EA1-8F25-5132A2D785FB}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe /remind /language=CSY /PRNM="RollerCoaster Tycoon 3"/PRMP="RCT3"/SKUN="PCXX"/GTYP="STRY" -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-35A0RT0 +++++
--- User ---
[MBR] 3034a99c180bbd19749df8003b46a504
[BSP] dd3d56edbbf13b4b289a1d01dfc9a18c : Kiwi|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 20480 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 41945088 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 42149888 | Size: 228178 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 509458432 | Size: 228180 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK