Spomaleny PC, zamrzanie, dlhe nacitanie web stranok

[rivers2]

Logfile of random's system information tool 1.10 (written by random/random)
Run by jozo at 2016-08-19 14:12:49
Microsoft Windows 10 Home
System drive C: has 58 GB (30%) free of 190 GB
Total RAM: 8103 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:59, on 19. 8. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Users\jozo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\Updater.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jozo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jozo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: NexonCs.vbs
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/SK/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWoW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12397 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\pegibbfc7.dll",HYFJBUUDD

C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\FBAgent.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe"

"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
dashost.exe {58036fe8-953e-4f29-8ed22b57f054f5f2}

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Logitech\LogiOptions\LogiOptions.exe" /noui
"C:\Users\jozo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe"
"C:\ProgramData\Logishrd\LogiOptions\Software\Current\Updater.exe" /appName "LogiOptions" /appVersion "6.00" /brand "Logitech" /bu "controldevices" /clean "1" /contextId "1" /download "1" /execute "1" /failure ">0" /messageId "32871" /osBit "64" /osFlag "w10" /overwrite "1" /prodExt "exe" /prodName "DJCU" /prodVersion "2.50.25.27" /publicKey "C:\ProgramData\Logishrd\LogiOptions\Software\Current\logikey.pub" /requireActiveSession "1" /settingsDirectory "C:\Users\jozo\AppData\Roaming\Logishrd\LogiOptions" /skipElevated "1" /success "0" /window "393348" /queryString "hcd1=c52f"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\\eOPPFrame.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x268
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7532.0.1980607829\1385090751" --mojo-application-channel-token=FF32436BBDBC6218A29E4630BA6B9342 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A6_Stable_R2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-27-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0df4 --mojo-platform-channel-handle=1368 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A6_Stable_R2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=0B5B7B568F3E2C3D4F2FCF32C0708A93 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=17C11D042B4E1E17F15930AFEC22536F --mojo-application-channel-token=5BC4290323AE0AABF82EC49349C2212E --channel="7532.3.98604411\1890387711" --mojo-platform-channel-handle=2976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A6_Stable_R2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=DC760F65C7F111C4FD3F07B1D1B91C76 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=562446466BC68E1543201EE13AA478DB --mojo-application-channel-token=6D10CB08163263D37556CA3989191A79 --channel="7532.6.24893996\1656685453" --mojo-platform-channel-handle=5700 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x248
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\jozo\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19 229072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-18 545224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2016-07-12 2348840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-18 193480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-07-12 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17 2226280]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"LogiOptions"=C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2016-07-29 1724536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\jozo\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-18 633024]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-07-13 8891608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-09-14 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2015-10-24 3638256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17 2226280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17 11855976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KMCONFIG"=C:\Program Files (x86)\Mouse Driver\StartAutorun.exe [2008-05-30 212992]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2016-06-16 1758280]

C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NexonCs.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-15 15:50:32 ----ASH---- C:\pagefile.sys
2016-08-10 16:50:13 ----D---- C:\WINDOWS\PCHEALTH
2016-08-10 16:12:40 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-08-10 16:12:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-08-10 16:12:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 16:12:38 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-10 16:12:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 16:12:37 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-08-10 16:12:37 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-08-10 16:12:37 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-08-10 16:12:36 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-08-10 16:12:36 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-08-10 16:12:36 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-10 16:12:35 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-08-10 16:12:35 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-10 16:12:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 16:12:23 ----A---- C:\WINDOWS\system32\win32u.dll
2016-08-10 16:12:23 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:12:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:12:23 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-10 16:12:23 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:12:21 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 16:12:20 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 16:12:20 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 16:12:20 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-10 16:12:20 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-08-10 16:12:20 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 16:12:19 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 16:12:19 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 16:12:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 16:12:18 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 16:12:17 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 16:12:15 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 16:12:14 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:12:13 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:12:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:12:12 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 16:12:04 ----A---- C:\WINDOWS\system32\aclui.dll
2016-08-10 16:12:03 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-08 03:14:28 ----SHD---- C:\Recovery
2016-08-08 03:14:22 ----DC---- C:\WINDOWS\Panther
2016-08-08 03:07:23 ----D---- C:\ProgramData\Microsoft OneDrive
2016-08-08 03:04:06 ----D---- C:\ProgramData\USOShared
2016-08-08 02:58:57 ----D---- C:\Windows.old
2016-08-08 02:58:42 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\wevtapi.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\user32.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\msctf.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-08 02:58:42 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-08-08 02:58:08 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-08-08 02:58:08 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-08-08 02:58:08 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-08-08 02:58:08 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-08 02:58:08 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-08-08 02:57:16 ----D---- C:\WINDOWS\system32\Microsoft
2016-08-08 02:54:25 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2016-08-08 02:54:25 ----D---- C:\WINDOWS\system32\msmq
2016-08-08 02:54:25 ----D---- C:\WINDOWS\system32\BestPractices
2016-08-08 02:54:24 ----D---- C:\Program Files\Reference Assemblies
2016-08-08 02:54:24 ----D---- C:\Program Files\MSBuild
2016-08-08 02:54:24 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-08-08 02:54:24 ----D---- C:\Program Files (x86)\MSBuild
2016-08-08 02:54:24 ----D---- C:\inetpub
2016-08-08 02:53:14 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-08-08 02:53:14 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-08-08 02:53:14 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-08 02:53:08 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-08 02:53:08 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-08 02:53:08 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-08 02:40:10 ----ASH---- C:\hiberfil.sys
2016-08-08 02:28:40 ----D---- C:\Program Files\Common Files\SpeechEngines
2016-08-08 02:24:56 ----SD---- C:\Users\jozo\AppData\Roaming\Microsoft
2016-08-08 02:24:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-08 02:23:47 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2016-08-08 02:19:52 ----D---- C:\Program Files\Elantech
2016-08-08 02:19:48 ----D---- C:\ProgramData\SonicFocus
2016-08-08 02:19:43 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-08-08 02:19:43 ----D---- C:\Program Files\Realtek
2016-08-08 02:19:06 ----D---- C:\WINDOWS\SYSWOW64\NV
2016-08-08 02:19:06 ----D---- C:\WINDOWS\system32\NV
2016-08-08 02:19:05 ----D---- C:\ProgramData\NVIDIA
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvshext.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvmctray.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nvcpl.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-08 02:18:58 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2016-08-08 02:18:56 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-08-08 02:18:48 ----HD---- C:\Program Files (x86)\Uninstall Information
2016-08-08 02:18:26 ----D---- C:\ProgramData\NVIDIA Corporation
2016-08-08 02:18:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-08-08 02:18:05 ----D---- C:\Program Files\NVIDIA Corporation
2016-08-08 02:17:18 ----AS---- C:\WINDOWS\bootstat.dat
2016-08-08 02:16:16 ----D---- C:\WINDOWS\Prefetch
2016-08-08 02:15:51 ----D---- C:\WINDOWS\system32\SleepStudy
2016-08-08 02:15:51 ----D---- C:\WINDOWS\ServiceProfiles
2016-08-08 02:15:36 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-03 09:11:57 ----D---- C:\Program Files\Logitech
2016-08-03 09:03:39 ----AD---- C:\Program Files\CCleaner
2016-08-03 08:53:39 ----A---- C:\AdwCleaner[S4].txt
2016-08-03 08:53:17 ----A---- C:\AdwCleaner[R4].txt
2016-07-25 18:45:39 ----A---- C:\WINDOWS\system32\acovcnt.exe

======List of files/folders modified in the last 1 month======

2016-08-19 14:12:57 ----D---- C:\Program Files\trend micro
2016-08-19 14:12:26 ----D---- C:\WINDOWS\Temp
2016-08-19 14:08:00 ----D---- C:\WINDOWS\system32\sru
2016-08-19 14:05:10 ----RD---- C:\Program Files (x86)
2016-08-19 14:00:05 ----SHD---- C:\WINDOWS\Installer
2016-08-19 14:00:05 ----HD---- C:\Config.Msi
2016-08-19 14:00:03 ----D---- C:\ProgramData\Microsoft Help
2016-08-19 13:45:35 ----RD---- C:\WINDOWS\assembly
2016-08-19 13:40:07 ----RD---- C:\WINDOWS\Microsoft.NET
2016-08-19 13:14:16 ----D---- C:\Counter-Strike 1.6
2016-08-19 13:13:20 ----D---- C:\WINDOWS\system32\Tasks
2016-08-19 13:11:00 ----AD---- C:\WINDOWS\System32
2016-08-18 21:08:26 ----D---- C:\WINDOWS\AppReadiness
2016-08-18 08:03:51 ----HD---- C:\Program Files\WindowsApps
2016-08-18 07:45:59 ----D---- C:\Users\jozo\AppData\Roaming\Skype
2016-08-17 07:37:10 ----RSD---- C:\WINDOWS\Fonts
2016-08-17 06:41:20 ----D---- C:\WINDOWS\system32\catroot2
2016-08-17 06:41:16 ----SHD---- C:\System Volume Information
2016-08-15 19:35:20 ----D---- C:\WINDOWS\system32\config
2016-08-15 19:31:28 ----D---- C:\WINDOWS\WinSxS
2016-08-15 18:52:27 ----D---- C:\WINDOWS\CbsTemp
2016-08-15 18:45:23 ----D---- C:\WINDOWS\system32\drivers
2016-08-15 18:44:46 ----D---- C:\WINDOWS\system32\wbem
2016-08-15 18:44:46 ----D---- C:\Windows
2016-08-15 18:43:20 ----D---- C:\WINDOWS\INF
2016-08-15 18:43:19 ----D---- C:\WINDOWS\Tasks
2016-08-15 18:43:18 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-15 18:42:43 ----D---- C:\ProgramData\Origin
2016-08-15 18:42:43 ----AD---- C:\ProgramData\P4G
2016-08-15 18:42:39 ----RD---- C:\Program Files
2016-08-15 18:42:28 ----AD---- C:\Program Files (x86)\Origin
2016-08-15 18:41:27 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-08-15 18:41:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-08-15 18:41:24 ----D---- C:\Program Files (x86)\Electronic Arts
2016-08-15 18:41:16 ----D---- C:\Games
2016-08-15 18:23:22 ----D---- C:\WINDOWS\registration
2016-08-15 18:23:12 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-15 18:10:22 ----D---- C:\WINDOWS\Logs
2016-08-12 11:37:36 ----D---- C:\WINDOWS\rescache
2016-08-12 11:29:27 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-11 08:50:48 ----D---- C:\WINDOWS\system32\WDI
2016-08-10 23:21:26 ----AD---- C:\WINDOWS\SysWOW64
2016-08-10 23:21:10 ----D---- C:\WINDOWS\system32\zh-TW
2016-08-10 23:21:10 ----D---- C:\WINDOWS\system32\zh-HK
2016-08-10 23:21:10 ----D---- C:\WINDOWS\system32\zh-CN
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\uk-UA
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\tr-TR
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\th-TH
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\sv-SE
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-08-10 23:21:09 ----D---- C:\WINDOWS\system32\sl-SI
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\sk-SK
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\ru-RU
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\ro-RO
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\pt-PT
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\pt-BR
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\pl-PL
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\nl-NL
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\nb-NO
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\lv-LV
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\lt-LT
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\ko-KR
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\ja-jp
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\it-IT
2016-08-10 23:21:08 ----D---- C:\WINDOWS\system32\hu-HU
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\hr-HR
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\he-IL
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\fr-FR
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\fr-CA
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\fi-FI
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\et-EE
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\es-MX
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\es-ES
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\en-US
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\en-GB
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\el-GR
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\de-DE
2016-08-10 23:21:07 ----D---- C:\WINDOWS\system32\da-DK
2016-08-10 23:21:06 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-10 23:21:06 ----D---- C:\WINDOWS\system32\bg-BG
2016-08-10 23:21:06 ----D---- C:\WINDOWS\system32\ar-SA
2016-08-10 23:21:06 ----D---- C:\WINDOWS\system32\appraiser
2016-08-10 23:21:03 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-10 23:21:03 ----D---- C:\WINDOWS\ShellExperiences
2016-08-10 23:21:02 ----D---- C:\Program Files\Windows Mail
2016-08-10 23:21:02 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-10 16:49:13 ----A---- C:\WINDOWS\win.ini
2016-08-10 16:48:25 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 16:24:43 ----D---- C:\WINDOWS\debug
2016-08-10 16:24:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-10 12:26:01 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-09 17:36:47 ----D---- C:\WINDOWS\system32\restore
2016-08-09 17:19:46 ----D---- C:\WINDOWS\appcompat
2016-08-08 03:07:23 ----HD---- C:\ProgramData
2016-08-08 03:04:11 ----D---- C:\ProgramData\USOPrivate
2016-08-08 03:02:03 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-08 02:59:21 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2016-08-08 02:59:19 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-08-08 02:58:17 ----D---- C:\WINDOWS\OCR
2016-08-08 02:54:25 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2016-08-08 02:54:25 ----D---- C:\WINDOWS\system32\inetsrv
2016-08-08 02:54:18 ----A---- C:\WINDOWS\SYSWOW64\mqsnap.dll
2016-08-08 02:54:18 ----A---- C:\WINDOWS\SYSWOW64\mqcertui.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\wamregps.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\iisRtl.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\iisrstap.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\iisreset.exe
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\ahadmin.dll
2016-08-08 02:54:16 ----A---- C:\WINDOWS\system32\admwprox.dll
2016-08-08 02:54:12 ----A---- C:\WINDOWS\SYSWOW64\iisRtl.dll
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\wamregps.dll
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\iisrstap.dll
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\iisreset.exe
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\cngkeyhelper.dll
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\ahadmin.dll
2016-08-08 02:54:11 ----A---- C:\WINDOWS\SYSWOW64\admwprox.dll
2016-08-08 02:54:10 ----A---- C:\WINDOWS\system32\mqrt.dll
2016-08-08 02:54:09 ----A---- C:\WINDOWS\SYSWOW64\mqoa.dll
2016-08-08 02:54:06 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2016-08-08 02:54:04 ----A---- C:\WINDOWS\system32\mqutil.dll
2016-08-08 02:53:59 ----A---- C:\WINDOWS\system32\mqsnap.dll
2016-08-08 02:53:59 ----A---- C:\WINDOWS\system32\mqcertui.dll
2016-08-08 02:53:56 ----A---- C:\WINDOWS\system32\mqoa.dll
2016-08-08 02:53:54 ----A---- C:\WINDOWS\SYSWOW64\mqrt.dll
2016-08-08 02:53:54 ----A---- C:\WINDOWS\system32\mqqm.dll
2016-08-08 02:53:51 ----A---- C:\WINDOWS\SYSWOW64\mqutil.dll
2016-08-08 02:53:49 ----A---- C:\WINDOWS\system32\mqsvc.exe
2016-08-08 02:53:49 ----A---- C:\WINDOWS\system32\mqbkup.exe
2016-08-08 02:50:30 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-08 02:48:46 ----SD---- C:\ProgramData\Microsoft
2016-08-08 02:48:35 ----RSD---- C:\WINDOWS\Media
2016-08-08 02:48:12 ----D---- C:\WINDOWS\system32\drivers\etc
2016-08-08 02:39:29 ----D---- C:\WINDOWS\SYSWOW64\System32
2016-08-08 02:39:29 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-08-08 02:39:27 ----D---- C:\WINDOWS\system32\OEM
2016-08-08 02:39:27 ----D---- C:\WINDOWS\sk
2016-08-08 02:39:27 ----D---- C:\WINDOWS\ShellNew
2016-08-08 02:39:27 ----D---- C:\WINDOWS\ro
2016-08-08 02:39:27 ----D---- C:\WINDOWS\pl
2016-08-08 02:39:27 ----D---- C:\WINDOWS\lv
2016-08-08 02:39:27 ----D---- C:\WINDOWS\lt
2016-08-08 02:39:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2016-08-08 02:39:22 ----D---- C:\WINDOWS\hu
2016-08-08 02:39:22 ----D---- C:\WINDOWS\hr
2016-08-08 02:39:22 ----D---- C:\WINDOWS\et
2016-08-08 02:39:22 ----D---- C:\WINDOWS\en
2016-08-08 02:39:22 ----D---- C:\WINDOWS\cs
2016-08-08 02:39:22 ----D---- C:\WINDOWS\bg
2016-08-08 02:35:57 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-08-08 02:31:00 ----D---- C:\WINDOWS\twain_32
2016-08-08 02:31:00 ----D---- C:\WINDOWS\SYSWOW64\xlive
2016-08-08 02:30:55 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-08-08 02:30:54 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-08 02:30:54 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-08-08 02:30:53 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-08-08 02:30:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-08 02:30:51 ----D---- C:\WINDOWS\SYSWOW64\20-20 Technologies
2016-08-08 02:30:42 ----D---- C:\WINDOWS\system32\SPReview
2016-08-08 02:30:40 ----D---- C:\WINDOWS\system32\spool
2016-08-08 02:30:33 ----D---- C:\WINDOWS\system32\oobe
2016-08-08 02:30:33 ----D---- C:\WINDOWS\system32\NDF
2016-08-08 02:30:32 ----D---- C:\WINDOWS\system32\migration
2016-08-08 02:30:32 ----D---- C:\WINDOWS\system32\Macromed
2016-08-08 02:30:31 ----D---- C:\WINDOWS\system32\IME
2016-08-08 02:30:31 ----D---- C:\WINDOWS\system32\EventProviders
2016-08-08 02:30:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-08-08 02:30:28 ----D---- C:\WINDOWS\system32\drivers\en-US
2016-08-08 02:29:41 ----D---- C:\WINDOWS\schemas
2016-08-08 02:29:39 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-08 02:29:15 ----D---- C:\WINDOWS\ehome
2016-08-08 02:29:11 ----RD---- C:\Users
2016-08-08 02:28:55 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-08-08 02:28:51 ----AD---- C:\Program Files (x86)\Microsoft.NET
2016-08-08 02:28:49 ----D---- C:\Program Files (x86)\Common Files
2016-08-08 02:28:45 ----SHD---- C:\Program Files\Windows Sidebar
2016-08-08 02:28:41 ----D---- C:\Program Files\Microsoft Games
2016-08-08 02:28:40 ----D---- C:\Program Files\Common Files
2016-08-08 02:28:40 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-08-08 02:27:58 ----D---- C:\WINDOWS\system32\Recovery
2016-08-08 02:25:48 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-08 02:20:38 ----RD---- C:\WINDOWS\PrintDialog
2016-08-08 02:20:37 ----RD---- C:\WINDOWS\MiracastView
2016-08-08 02:19:05 ----D---- C:\Temp
2016-08-08 02:18:56 ----D---- C:\WINDOWS\Help
2016-08-07 23:41:27 ----RASH---- C:\BOOTSECT.BAK
2016-08-07 23:41:24 ----SHD---- C:\Boot
2016-08-03 18:38:10 ----A---- C:\WINDOWS\system32\AutoRunFilter.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2016-03-19 84800]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-03-19 264552]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-12-19 186784]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-03-19 198096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-05-31 126944]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2015-12-19 142976]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 AMPPAL;@oem88.inf,%AMPPAL.SVCDESC%;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys [2011-04-21 294912]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2016-07-16 168448]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2016-07-16 114176]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2016-07-16 37376]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-07-16 128000]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2016-07-16 84992]
R3 ETD;@oem42.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 ibtfltcoex;@oem169.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2016-04-01 77808]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2011-05-17 2872680]
R3 IntcDAud;@oem119.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-03-12 342528]
R3 kbfiltr;@oem84.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;@oem92.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-08-08 175616]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\System32\drivers\Netwsw00.sys [2016-07-16 11518976]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 seehcri;@oem112.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2008-01-09 34032]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2016-07-16 12800]
R3 tap0901;@oem11.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2015-12-27 40664]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-03-19 14976]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-07-13 31560]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2016-03-19 53384]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 AMPPALP;@oem151.inf,%AMPPALP_Desc%;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\WINDOWS\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2016-07-16 965120]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 HTCAND64;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;@oem37.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-07-16 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 PcaSp60;@oem143.inf,%PCASP60_Desc%;Rawether NDIS 6.X SPR Protocol Driver; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RSUSBVSTOR;@oem96.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2010-08-03 290920]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2016-06-16 198216]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_452d95f;CDPUserSvc_452d95f; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-12-19 70352]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-05-19 2520928]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-11-26 1851088]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-08-08 26112]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_452d95f;Sync Host_452d95f; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_452d95f;MessagingService_452d95f; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-24 2099208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_452d95f;Kontaktné údaje_452d95f; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-07-16 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[rivers2]

Zdravim.

# AdwCleaner v6.000 - *Logfile created 19/08/2016 *at 18:42:27
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-19.2 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : jozo - JOZO-PC
# *Running from : C:\Users\jozo\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****

[-] *Service deleted: APNMCP


***** [ *Folders ] *****

[-] *Folder deleted: C:\ProgramData\AskPartnerNetwork
[-] *Folder deleted: C:\Program Files (x86)\AskPartnerNetwork
[-] *Folder deleted: C:\Users\jozo\AppData\Local\Temp\apn
[-] *Folder deleted: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdfofellfkldcddminajkgcgocndgkip


***** [ *Files ] *****

[-] *File deleted: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdfofellfkldcddminajkgcgocndgkip_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\iMesh
[-] *Key deleted: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] *Key deleted: HKU\S-1-5-21-2166713913-840719987-1516321088-1001\Software\AskPartnerNetwork
[#] *Key deleted on reboot: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] *Key deleted on reboot: HKCU\Software\AskPartnerNetwork
[-] *Key deleted: HKLM\SOFTWARE\AskPartnerNetwork
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] *Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] *Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]


***** [ *Browsers ] *****

[-] [C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default] [extension] *Deleted: fdfofellfkldcddminajkgcgocndgkip


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4961 *Bytes] - [19/08/2016 18:42:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [5058 *Bytes] - [19/08/2016 18:41:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5109 *Bytes] ##########

[Rudy]

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[rivers2]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
Ran by jozo (administrator) on JOZO-PC (19-08-2016 20:06:41)
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
Failed to access process -> obexsrv.exe
Failed to access process -> devmonsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1724536 2016-07-29] (Logitech, Inc.)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
Startup: C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2016-08-19] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f8f4477-8d09-4758-b608-7412a9b63da5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c13e6b8d-d1b9-4160-94c4-646b7f508980}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-18] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab

FireFox:
========
FF ProfilePath: C:\Users\jozo\AppData\Roaming\Mozilla\Firefox\Profiles\hi8xqg3c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2166713913-840719987-1516321088-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jozo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Disk Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Google Search) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (IE Tab) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-04-14]
CHR Extension: (Gmail) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-12-19] (Comodo Security Solutions Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2520928 2016-05-19] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-24] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [168448 2016-07-16] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [37376 2016-07-16] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-19] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2016-03-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-12-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2015-12-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2016-03-19] (ESET)
S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53384 2016-03-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-03-19] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 20:06 - 2016-08-19 20:07 - 00016949 _____ C:\Users\jozo\Desktop\FRST.txt
2016-08-19 20:03 - 2016-08-19 20:04 - 02395648 _____ (Farbar) C:\Users\jozo\Desktop\FRST64.exe
2016-08-19 20:00 - 2016-08-19 20:00 - 00015327 _____ C:\Users\jozo\Desktop\LM.bat
2016-08-19 19:56 - 2016-08-19 20:00 - 00029696 _____ C:\Users\jozo\AppData\Local\MSGBOX.EXE
2016-08-19 18:37 - 2016-08-19 18:42 - 00000000 ____D C:\AdwCleaner
2016-08-19 18:36 - 2016-08-19 18:37 - 03784256 _____ C:\Users\jozo\Desktop\adwcleaner_6.000.exe
2016-08-19 14:11 - 2016-08-19 14:12 - 01222144 _____ C:\Users\jozo\Downloads\RSITx64.exe
2016-08-18 07:49 - 2016-08-18 07:49 - 00003322 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\Users\jozo\AppData\LocalLow\SquareClock.Production_Home_Siko_Web
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\Users\jozo\AppData\Local\SquareClock.Production_Home_Siko_Web
2016-08-17 21:23 - 2016-08-17 21:25 - 00427840 _____ (SquareClock SAS) C:\Users\jozo\Downloads\Siko_Web_Kitchen_Planner_SK.exe
2016-08-11 13:26 - 2016-08-11 13:26 - 00280851 _____ C:\Users\jozo\Downloads\kls22016.pdf
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-10 16:12 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 16:12 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 16:12 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 16:12 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 16:12 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 16:12 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 16:12 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-10 16:12 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 16:12 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-10 16:12 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 16:12 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 16:12 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 16:12 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-10 16:12 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 16:12 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 16:12 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 16:12 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 16:12 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 16:12 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 16:12 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 16:12 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 16:12 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 16:12 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-10 16:12 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 16:12 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 16:12 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 16:12 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:12 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 16:12 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-10 16:12 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 16:12 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 16:12 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 16:12 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 16:12 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 16:12 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 16:12 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 16:12 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-10 16:12 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-10 16:12 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-10 16:12 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-10 16:12 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-10 16:12 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 16:12 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 16:12 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 16:12 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-10 16:12 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 16:12 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-10 16:12 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 16:12 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 16:12 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-10 16:12 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 16:12 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 16:12 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 16:12 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-10 16:12 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-10 12:47 - 2016-08-10 12:47 - 00000000 ____D C:\Users\jozo\Downloads\inson3
2016-08-10 12:36 - 2016-08-10 12:44 - 1167608477 _____ C:\Users\jozo\Downloads\inson3.part2.rar
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Users\jozo\Downloads\ortor3
2016-08-08 03:14 - 2016-08-08 03:02 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-08 03:07 - 2016-08-08 03:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-08 03:04 - 2016-08-08 03:04 - 00000000 ____D C:\ProgramData\USOShared
2016-08-08 03:03 - 2016-08-08 22:16 - 00000000 ____D C:\Users\jozo\AppData\Local\ConnectedDevicesPlatform
2016-08-08 03:03 - 2016-08-08 03:03 - 00000020 ___SH C:\Users\jozo\ntuser.ini
2016-08-08 03:00 - 2016-08-08 03:01 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-08 03:00 - 2016-08-08 03:01 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-08 02:58 - 2016-08-19 19:09 - 00000000 ____D C:\Windows.old
2016-08-08 02:58 - 2016-08-08 02:58 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-08 02:58 - 2016-08-08 02:58 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-08 02:58 - 2016-08-08 02:58 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-08 02:58 - 2016-08-08 02:58 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-08 02:58 - 2016-08-08 02:58 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-08 02:58 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-08 02:58 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-08 02:58 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-08 02:58 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-08-08 02:58 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-08-08 02:57 - 2016-08-08 02:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\Program Files\MSBuild
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-08 02:54 - 2016-08-08 02:54 - 00000000 ____D C:\inetpub
2016-08-08 02:53 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-08 02:53 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-08 02:53 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-08 02:53 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-08 02:53 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-08 02:53 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-08 02:50 - 2016-08-15 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-08 02:49 - 2016-08-19 18:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-08 02:49 - 2016-08-08 02:50 - 00003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-08 02:49 - 2016-08-08 02:50 - 00003088 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-08 02:49 - 2016-08-08 02:50 - 00003082 _____ C:\WINDOWS\System32\Tasks\Launch HTC Sync Loader
2016-08-08 02:49 - 2016-08-08 02:50 - 00002662 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 5520 series
2016-08-08 02:49 - 2016-08-08 02:50 - 00002428 _____ C:\WINDOWS\System32\Tasks\AdobeFlashPlayerUpdate
2016-08-08 02:49 - 2016-08-08 02:50 - 00002352 _____ C:\WINDOWS\System32\Tasks\{29A72AC4-B6D9-4682-AF34-3D70E272F93F}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002324 _____ C:\WINDOWS\System32\Tasks\{A919889A-51C1-4E0C-ADE0-E8923F7B0306}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002268 _____ C:\WINDOWS\System32\Tasks\{C8FB5642-8979-4817-9366-070F92A97461}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002250 _____ C:\WINDOWS\System32\Tasks\{A2F4CCEA-4867-4A9B-817D-A131909CAFA8}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002220 _____ C:\WINDOWS\System32\Tasks\{4C56EF0E-3347-4007-AC05-8795BD250B93}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-08 02:49 - 2016-08-08 02:50 - 00002194 _____ C:\WINDOWS\System32\Tasks\{1F86A1AC-2FD8-4C80-B552-3725BD27E4C8}
2016-08-08 02:49 - 2016-08-08 02:50 - 00002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2016-08-08 02:49 - 2016-08-08 02:50 - 00002056 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2016-08-08 02:49 - 2016-08-08 02:49 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-08 02:49 - 2016-08-08 02:49 - 00003248 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-08 02:49 - 2016-08-08 02:49 - 00002412 _____ C:\WINDOWS\System32\Tasks\ACMON
2016-08-08 02:49 - 2016-08-08 02:49 - 00002362 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2016-08-08 02:49 - 2016-08-08 02:49 - 00002332 _____ C:\WINDOWS\System32\Tasks\ASUS SmartLogon Console Sensor
2016-08-08 02:49 - 2016-08-08 02:49 - 00002284 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2016-08-08 02:49 - 2016-08-08 02:49 - 00002276 _____ C:\WINDOWS\System32\Tasks\AdobeFlashPlayerUpdate 2
2016-08-08 02:49 - 2016-08-08 02:49 - 00002246 _____ C:\WINDOWS\System32\Tasks\ATKOSD2
2016-08-08 02:49 - 2016-08-08 02:49 - 00002220 _____ C:\WINDOWS\System32\Tasks\bzgphjexwj
2016-08-08 02:49 - 2016-08-08 02:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-08-08 02:49 - 2016-08-08 02:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-08-08 02:49 - 2013-10-03 20:28 - 00002896 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-08-08 02:35 - 2016-08-08 02:35 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default\AppData\Local\Power2Go
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Power2Go
2016-08-08 02:35 - 2016-08-08 02:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-08 02:29 - 2016-08-08 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2016-08-08 02:28 - 2016-08-08 02:39 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-08 02:28 - 2016-08-08 02:28 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-08 02:24 - 2016-08-19 19:52 - 01157598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-08 02:24 - 2016-08-15 18:46 - 00000000 ____D C:\Users\jozo
2016-08-08 02:24 - 2016-08-15 18:43 - 00000000 ____D C:\Users\UpdatusUser
2016-08-08 02:23 - 2016-08-08 02:23 - 00968848 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-08 02:19 - 2016-08-15 18:42 - 00000000 ____D C:\Program Files\Elantech
2016-08-08 02:19 - 2016-08-08 02:39 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-08-08 02:19 - 2016-08-08 02:39 - 00000000 ____D C:\WINDOWS\system32\NV
2016-08-08 02:19 - 2016-08-08 02:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-08 02:19 - 2016-08-08 02:19 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-08 02:19 - 2016-08-08 02:19 - 00000000 ____D C:\ProgramData\SonicFocus
2016-08-08 02:19 - 2016-08-08 02:19 - 00000000 ____D C:\Program Files\Realtek
2016-08-08 02:18 - 2016-08-08 02:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-08 02:18 - 2016-08-08 02:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-08 02:18 - 2016-08-08 02:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-08 02:18 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-08 02:18 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-08 02:18 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-08 02:18 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-08 02:15 - 2016-08-19 19:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-08 02:15 - 2016-08-19 15:19 - 00343000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-08 02:15 - 2016-08-08 02:15 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-06 19:21 - 2016-08-06 19:21 - 00001018 _____ C:\Users\jozo\Desktop\LIN MUSIC – odkaz.lnk
2016-08-03 09:12 - 2016-08-08 02:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-03 09:11 - 2016-08-03 09:11 - 00000000 ____D C:\Program Files\Logitech
2016-08-03 09:03 - 2016-08-08 02:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-03 09:03 - 2016-08-03 09:03 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-03 09:03 - 2016-08-03 09:03 - 00000000 ____D C:\Program Files\CCleaner
2016-08-03 08:53 - 2016-08-03 08:53 - 00001646 _____ C:\AdwCleaner[S4].txt
2016-08-03 08:53 - 2016-08-03 08:53 - 00001580 _____ C:\AdwCleaner[R4].txt
2016-08-02 09:20 - 2016-08-02 09:37 - 1468006400 _____ C:\Users\jozo\Downloads\inson3.part1.rar
2016-07-25 18:45 - 2016-07-25 18:45 - 00045056 _____ C:\WINDOWS\system32\acovcnt.exe
2016-07-23 17:05 - 2016-07-23 17:29 - 00000000 ____D C:\Users\jozo\Desktop\praha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 20:06 - 2016-03-10 22:21 - 00000000 ____D C:\FRST
2016-08-19 18:53 - 2015-07-28 10:40 - 00000000 ____D C:\Users\jozo\Counter-Strike 1.6
2016-08-19 18:42 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-19 18:30 - 2016-02-13 15:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-19 18:30 - 2011-09-14 05:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-19 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 14:12 - 2012-10-17 11:22 - 00000000 ____D C:\Program Files\trend micro
2016-08-19 13:59 - 2015-04-04 20:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-18 08:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-18 07:48 - 2016-03-27 13:49 - 00002366 _____ C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 07:48 - 2016-03-27 13:49 - 00000000 ___RD C:\Users\jozo\OneDrive
2016-08-18 07:45 - 2012-04-20 21:01 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Skype
2016-08-15 18:52 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-15 18:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-15 18:43 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-15 18:43 - 2016-01-02 21:42 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-15 18:43 - 2015-10-16 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-15 18:42 - 2015-10-16 16:10 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-15 18:42 - 2015-07-28 10:42 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2016-08-15 18:42 - 2015-07-28 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2016-08-15 18:42 - 2012-08-22 16:18 - 00000000 ____D C:\ProgramData\Origin
2016-08-15 18:42 - 2011-09-14 05:52 - 00000000 ____D C:\ProgramData\P4G
2016-08-15 18:41 - 2013-01-23 16:39 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-08-15 18:41 - 2012-11-24 12:59 - 00000000 ____D C:\Games
2016-08-15 18:41 - 2011-04-01 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-15 18:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\registration
2016-08-12 11:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 23:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-10 16:49 - 2009-07-14 04:34 - 00000478 _____ C:\WINDOWS\win.ini
2016-08-10 16:48 - 2013-07-24 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 16:24 - 2012-04-20 20:37 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-08 03:43 - 2016-03-27 13:33 - 00000000 ____D C:\Users\jozo\AppData\Local\Packages
2016-08-08 03:14 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-08 03:04 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-08 02:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-08 02:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-08 02:58 - 2016-07-17 00:02 - 00000000 ____D C:\WINDOWS\OCR
2016-08-08 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-08 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-08 02:54 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-08 02:54 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-08 02:54 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-08 02:54 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-08 02:54 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-08 02:54 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-08-08 02:54 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-08 02:54 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-08 02:54 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-08 02:54 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-08 02:54 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-08 02:54 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-08 02:54 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-08 02:54 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-08 02:54 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-08 02:53 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-08 02:53 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-08 02:53 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-08 02:53 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-08 02:53 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-08 02:53 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-08 02:53 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-08 02:53 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-08 02:53 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-08 02:50 - 2016-03-27 13:28 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-08 02:48 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-08 02:48 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-08 02:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-08 02:39 - 2016-06-19 13:54 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-08 02:39 - 2016-04-17 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2016-08-08 02:39 - 2016-02-13 15:18 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-08 02:39 - 2016-01-13 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-08-08 02:39 - 2015-12-27 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-08-08 02:39 - 2015-10-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vanilla DayZmod
2016-08-08 02:39 - 2015-04-06 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-08-08 02:39 - 2014-09-01 19:58 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 02:39 - 2014-09-01 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 02:39 - 2013-08-27 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2016-08-08 02:39 - 2013-08-06 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2016-08-08 02:39 - 2013-07-06 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2016-08-08 02:39 - 2013-07-06 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
2016-08-08 02:39 - 2013-07-06 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
2016-08-08 02:39 - 2013-07-01 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-08 02:39 - 2013-06-20 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-08 02:39 - 2013-05-24 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Language Teacher
2016-08-08 02:39 - 2013-05-05 10:29 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-08-08 02:39 - 2013-04-29 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-08 02:39 - 2013-04-13 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-08-08 02:39 - 2013-03-21 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
2016-08-08 02:39 - 2013-03-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-08 02:39 - 2013-03-11 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-08 02:39 - 2012-06-22 01:06 - 00000000 ____D C:\WINDOWS\SysWOW64\System32
2016-08-08 02:39 - 2012-05-17 10:02 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-08-08 02:39 - 2012-04-22 13:01 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-08 02:39 - 2012-04-21 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Driver
2016-08-08 02:39 - 2012-04-20 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 10
2016-08-08 02:39 - 2011-09-14 05:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-08 02:39 - 2011-09-14 05:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2016-08-08 02:39 - 2011-04-01 11:17 - 00000000 ____D C:\WINDOWS\en
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\sk
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\ro
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\pl
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\lv
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\lt
2016-08-08 02:39 - 2011-04-01 11:13 - 00000000 ____D C:\WINDOWS\hu
2016-08-08 02:39 - 2011-04-01 11:12 - 00000000 ____D C:\WINDOWS\hr
2016-08-08 02:39 - 2011-04-01 11:12 - 00000000 ____D C:\WINDOWS\et
2016-08-08 02:39 - 2011-04-01 11:12 - 00000000 ____D C:\WINDOWS\cs
2016-08-08 02:39 - 2011-04-01 11:12 - 00000000 ____D C:\WINDOWS\bg
2016-08-08 02:39 - 2011-04-01 11:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-08-08 02:39 - 2011-04-01 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance
2016-08-08 02:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-08 02:35 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-08 02:35 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-08 02:31 - 2013-08-27 10:48 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-08 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-08 02:30 - 2014-04-19 14:42 - 00000000 ____D C:\WINDOWS\SysWOW64\20-20 Technologies
2016-08-08 02:30 - 2011-02-18 22:08 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-08 02:30 - 2011-02-18 21:48 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-08 02:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-08-08 02:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-08 02:29 - 2016-03-19 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2016-08-08 02:29 - 2015-11-30 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-08 02:29 - 2013-06-09 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-08-08 02:29 - 2011-09-14 05:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
2016-08-08 02:29 - 2011-04-01 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\syncables
2016-08-08 02:29 - 2011-04-01 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-08-08 02:29 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-08 02:28 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-08 02:28 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-08 02:28 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-08 02:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-08-08 02:26 - 2012-04-26 12:17 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nero 10
2016-08-08 02:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-08 02:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-08 02:19 - 2012-06-22 01:43 - 00000000 ____D C:\Temp
2016-08-08 02:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-07 23:41 - 2009-07-29 08:03 - 00008192 __RSH C:\BOOTSECT.BAK
2016-08-07 23:03 - 2016-05-10 23:52 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-07 22:50 - 2015-12-29 12:50 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-07 18:03 - 2016-05-10 23:52 - 00000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-04 23:05 - 2014-04-14 21:55 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-04 10:52 - 2016-04-20 10:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:38 - 2011-09-14 05:56 - 00003234 _____ C:\WINDOWS\system32\AutoRunFilter.ini

==================== Files in the root of some directories =======

2014-03-16 12:08 - 2014-03-16 12:08 - 0000092 _____ () C:\Users\jozo\AppData\Local\fusioncache.dat
2016-08-19 19:56 - 2016-08-19 20:00 - 0029696 _____ () C:\Users\jozo\AppData\Local\MSGBOX.EXE
2012-04-25 13:08 - 2013-06-12 21:17 - 0007602 _____ () C:\Users\jozo\AppData\Local\Resmon.ResmonCfg
2013-06-19 16:50 - 2013-06-19 16:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-09-14 06:00 - 2011-09-14 06:01 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-14 06:00 - 2011-09-14 06:00 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\jozo\AppData\Local\Temp\eauninstall.exe
C:\Users\jozo\AppData\Local\Temp\libeay32.dll
C:\Users\jozo\AppData\Local\Temp\msvcr120.dll
C:\Users\jozo\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\UTSCSI.EXE

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-19 13:39

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\bzgphjexwj
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\jozo\AppData\Local\Temp
C:\Windows\SysWOW64\UTSCSI.EXE
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[rivers2]

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-08-2016
Ran by jozo (20-08-2016 10:56:46) Run:3
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\bzgphjexwj
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\jozo\AppData\Local\Temp
C:\Windows\SysWOW64\UTSCSI.EXE
End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
Chrome HomePage => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\System32\Tasks\bzgphjexwj => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\jozo\AppData\Local\Temp" folder move:

Could not move "C:\Users\jozo\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Windows\SysWOW64\UTSCSI.EXE => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-08-2016 11:00:15)

C:\Users\jozo\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:00:20 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[rivers2]

Chvilku otestujem a uvidim ako sa chova pc ale myslim ze to bude dobre. Zatial dakujem

[Rudy]

OK, zatím není zač.