Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 26 úno 2016 21:57

Ten CCleaner tady běžel už čtyřikrát bez žádné změny. Zkusil jsem dvakrát znovu indexovat a ani žádné další rady na internetu mi nepomáhají. :huh:
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 27 úno 2016 09:19

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku


Deaktivuj si rezidenční štíty u svého antiviru i Windows Defenderu, nejlépe až do restartu PC.
Stáhni si AdsFix
http://www.telecharger.sosvirus.net/download/quickdiag/
nebo:
https://toolslib.net/downloads/viewdownload/20-adsfix/

klikni na „Télécharger“. A ulož si soubor na svojí plochu.
Poznámka: Ulož si svojí práci před pokračováním!
Zavři všechny ostatní programy a prohlížeče.
Spusť AdsFix.exe poklepáním ( u Windows Vista/7/8/8.1/10, klikni pravým myšítkem a z nabídky vyber "spustit jako správce")
Pro silně infikovaný PC to může trvat několik sekund, než se program spustí.
Nástroj se spustí a zobrazí se, vyhledávání a inicializace jejich aktualizaci, zobrazí se funkce nástroje.
Chceš-li odemknout nástroj pro čištění počítače, klikni na tlačítko „Option“ ("Možnosti")

Objeví se okno ,klikni na tlačítko „Unlock the deletion“ ("Odblokovat")
Klikneš-li přímo na "Clean" bez možnosti odemknutí, ukáže Vám nástroj okno , abyste nejprve nástroj odblokovali.
Pokud nástroj zjistí, že váš antivirový je stále aktivní, objeví se okno označující, že byste ho měli zakázat před klepnutím na tlačítko "OK" pro pokračování čištění AdsFix.
Pak klikni na tlačítko „Clean“ (Vyčistit) poté , co se zveřejní možnosti.
Zadejte svou "Zemi", a potvrďte tlačítkem "OK"
Nástroj provede zálohu registru.
Obrazovka zmizí a nástroj začne pracovat ...
Při čištění, Tě může nástroj vyzvat k odstranění proxy, klepni na tlačítko "Delete".

Na konci čištění, se AdsFix zeptá, zda: chceš nechat zprávu odeslat do Infekční laboratoře k analýze? .... Klikni na "OK" to umožní aktualizovat nástroj..

Pro kompletní vyčištění,vás nástroj vyzve k restartování počítače, klepněte na tlačítko "OK".
Pak se PC restartuje.
Po spuštění PC se objeví zpráva na ploše.
Nicméně, pokud se zpráva neobjeví na ploše, nachází se také zde => C: \ AdsFix_[b](datum_hodina_minuta_).txt [/b]Bude to jen hostovat na upload.sosvirus a zveřejnění své zprávy na Virus fóru SOS.
Zkopíruj sem celý obsah té zprávy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 27 úno 2016 13:10

VRT z nějakého důvodu odmítá spolupracovat a vždy se v průběhu scanu samo vypne a znovu spustí s hláškou, že aplikace spadla. Dělá to i v nouzovém režimu. Jdu zkusit ten AdsFix.
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 27 úno 2016 16:43

---------- | AdsFix | g3n-h@ckm@n | 3_27.02.2016.1

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 13:14:39 - 27/02/2016

update on : 27/02/2016 | 10.55 by g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\ondre\Desktop\adsfix_3_27.02.2016.1.exe
Boot: Normal boot
[Ondra (Administrator)] - [XEON] - (Czech republic [0405])
SID = S-1-5-21-3387157438-688928810-2954947604-1001 || [4f6e647261205e5e]
PC : ASUSTeK COMPUTER INC. - B85-PRO GAMER - All
Processor : X64 - 3392 - Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Bios : American Megatrends Inc. - 04/27/2015 - V.2203
CoreTemp : 29.8° C - Max : 105° C
System : Windows 10 Home (64 bits) Core
RAM memory = Total (MB) : 16714 | Free (MB) : 15113
Pagefile = Total (MB) : 17762 | Free (MB) : 16156
Virtual = Total (MB) : 4194 | Free (MB) : 3954

C:\ -> [Fixed] | [] | Total : 111.35 Go | Free : 29.87 Go -> NTFS (SSD) [SATA]
E:\ -> [Fixed] | [Místní disk] | Total : 931.02 Go | Free : 616.91 Go -> NTFS [SATA]

Registry saved, to restore : Click on Options & Restore the register (C:\AdsFix\Save\Registry [27.02.2016 @ 13_14_39]) or an element
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"

---------- | Windows Updates

No windows updates detected !!!

Microsoft : +

---------- | Browsers

IE : 11.0.10586.20 (© Microsoft Corporation. Všechna práva vyhrazena.)
GC : 48.0.2564.116 (Copyright 2015 Google Inc. All rights reserved.)
MS-Edge : 11.0.10586.103 (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 0)

AM : Malwarebytes' Anti-Malware (2.3.125.0) [Update : 23/02/2016 20:24:17]
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Started
AS: Windows Defender [Auto(2)] = Started
FW: Windows FireWall Service [Auto(2)] = Started
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = Started

---------- | FlashPlayer

ActiveX : 20.0.0.306

---------- | Killed processes

1300 | [Owner : |Parent : 800(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.92.) - (8.17.13.4192) = C:\Windows\System32\nvvsvc.exe
1312 | [Owner : |Parent : 800(services.exe)] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.4192) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1616 | [Owner : |Parent : 1300()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.4192) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1624 | [Owner : |Parent : 1300()] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.92.) - (8.17.13.4192) = C:\Windows\System32\nvvsvc.exe
1492 | [Owner : |Parent : 800(services.exe)] - (.Microsoft Corporation - Spooler SubSystem App.) - (10.0.10586.0) = C:\Windows\System32\spoolsv.exe
2240 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.16.6751) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2248 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2296 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2304 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.9.1.35) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
2360 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.2036.1280) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
2368 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2620 | [Owner : |Parent : 800(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.9.10586.0) = C:\Program Files\Windows Defender\MsMpEng.exe
2724 | [Owner : LOCAL SERVICE |Parent : 8(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.10586.0) = C:\Windows\System32\dasHost.exe
3360 | [Owner : NETWORK SERVICE |Parent : 800(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (4.1.2036.1280) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
3900 | [Owner : Ondra |Parent : 932(svchost.exe)] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe
3932 | [Owner : Ondra |Parent : 932(svchost.exe)] - (.- MSIAfterburner.) - (4.2.0.7826) = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
4176 | [Owner : Ondra |Parent : 964(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe
5020 | [Owner : SYSTEM |Parent : 2360()] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (4.1.2036.1280) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
5536 | [Owner : Ondra |Parent : 1616()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.4192) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
5932 | [Owner : Ondra |Parent : 5536()] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.14.1.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
3308 | [Owner : Ondra |Parent : 964(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.0) = C:\Windows\System32\SettingSyncHost.exe
4044 | [Owner : Ondra |Parent : 3932()] - (.- RTSS.) - (6.4.1.7844) = C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
4016 | [Owner : Ondra |Parent : 4044()] - (.- EncoderServer.) - (2.1.0.0) = C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
5220 | [Owner : Ondra |Parent : 4044()] - (.- RTSS.) - (1.0.0.0) = C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
6328 | [Owner : Ondra |Parent : 3888(explorer.exe)] - (.-.) - (3.3.0.2494) = C:\Program Files\Rainmeter\Rainmeter.exe
6680 | [Owner : NETWORK SERVICE |Parent : 6836()] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.9.10586.0) = C:\Program Files\Windows Defender\MpCmdRun.exe
2312 | [Owner : Ondra |Parent : 800(services.exe)] - (.Microsoft Corporation - Host Process for Windows Services.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe
3780 | [Owner : SYSTEM |Parent : 2264()] - (.Google Inc. - Instalační program Google.) - (1.3.28.15) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
6780 | [Owner : SYSTEM |Parent : 800(services.exe)] - (.Intel Corporation - IAStorDataSvc.) - (14.5.0.1081) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
456 | [Owner : LogonSessionId_0_1457088 |Parent : 800(services.exe)] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.10586.0) = C:\Program Files\Windows Media Player\wmpnetwk.exe
2324 | [Owner : Ondra |Parent : 964(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe
3000 | [Owner : Ondra |Parent : 3888(explorer.exe)] - (.Microsoft Corporation - Windows Defender User Interface.) - (4.9.10586.0) = C:\Program Files\Windows Defender\MSASCui.exe

---------- | Tasks



---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Register

Deleted successfully : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[E:\Hry\NFS Underground\Speed.exe]
Deleted successfully : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[E:\Hry\NFS Underground\Support\Need For Speed Underground_EZ.exe]
Deleted successfully : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : 1
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

---------- | Folders | Files


---------- | .LNK


---------- | opening unknown extension


---------- | Proxy


---------- | Internet Explorer

Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Repaired : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Repaired : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2
Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1
Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1
Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1
Repaired : [HKU\S-1-5-21-3387157438-688928810-2954947604-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0

---------- | Yandex



---------- | Google Chrome



---------- | Chromium



---------- | Comodo Dragon



---------- | Firefox



---------- | SeaMonkey



---------- | Pale moon



---------- | Opera



---------- | Spark



---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall


---------- | ADS


---------- | Temporary files

[.idlerc] Temporary files deleted : 0 Ko
[.kivy] Temporary files deleted : 0 Ko
[AppData] Temporary files deleted : 0 Ko
[Contacts] Temporary files deleted : 0 Ko
[Data aplikací] Temporary files deleted : 0 Ko
[Desktop] Temporary files deleted : 0 Ko
[Documents] Temporary files deleted : 0 Ko
[Dokumenty] Temporary files deleted : 0 Ko
[Downloads] Temporary files deleted : 0 Ko
[Favorites] Temporary files deleted : 0 Ko
[Intel] Temporary files deleted : 0 Ko
[Links] Temporary files deleted : 0 Ko
[Local Settings] Temporary files deleted : 0 Ko
[Music] Temporary files deleted : 0 Ko
[Nabídka Start] Temporary files deleted : 0 Ko
[Okolní síť] Temporary files deleted : 0 Ko
[Okolní tiskárny] Temporary files deleted : 0 Ko
[OneDrive] Temporary files deleted : 0 Ko
[Pictures] Temporary files deleted : 0 Ko
[Poslední] Temporary files deleted : 0 Ko
[Saved Games] Temporary files deleted : 0 Ko
[Searches] Temporary files deleted : 0 Ko
[SendTo] Temporary files deleted : 0 Ko
[Soubory cookie] Temporary files deleted : 0 Ko
[Tracing] Temporary files deleted : 0 Ko
[Valley] Temporary files deleted : 0 Ko
[Videos] Temporary files deleted : 0 Ko
[Šablony] Temporary files deleted : 0 Ko
[C:\WINDOWS\Temp] Temporary files deleted : 28 Ko
[C:\Temp] Temporary files deleted : 0 Ko


Other(s) report(s)


---------- | Listing


---------- | C:\Program Files (x86)

[04/12/2015 14:47:05] - |D| - [199991.37 Ko] - C:\Program Files (x86)\Adobe
[09/12/2015 22:57:28] - |D| - [4473.17 Ko] - C:\Program Files (x86)\ASUS
[03/12/2015 20:46:41] - |AD| - [234530.24 Ko] - C:\Program Files (x86)\Battle.net
[03/12/2015 19:50:54] - |D| - [26379.44 Ko] - C:\Program Files (x86)\Brother
[03/12/2015 19:51:00] - |D| - [11815.06 Ko] - C:\Program Files (x86)\Browny02
[30/10/2015 07:28:30] - |D| - [187577.29 Ko] - C:\Program Files (x86)\Common Files
[03/12/2015 19:50:58] - |D| - [71037.06 Ko] - C:\Program Files (x86)\ControlCenter4
[02/01/2016 14:26:36] - |D| - [4464.14 Ko] - C:\Program Files (x86)\DesetiPrsty
[30/10/2015 08:24:28] - |ASH| - [0.17 Ko] - C:\Program Files (x86)\desktop.ini
[03/12/2015 22:32:57] - |D| - [31515.27 Ko] - C:\Program Files (x86)\FinalWire
[25/12/2015 16:28:52] - |D| - [8034.29 Ko] - C:\Program Files (x86)\Geeks3D
[03/12/2015 19:09:33] - |D| - [602702.22 Ko] - C:\Program Files (x86)\Google
[03/12/2015 20:48:51] - |AD| - [1363866.63 Ko] - C:\Program Files (x86)\Hearthstone
[03/12/2015 19:50:51] - |HD| - [16098.13 Ko] - C:\Program Files (x86)\InstallShield Installation Information
[30/10/2015 08:24:24] - |D| - [2103.44 Ko] - C:\Program Files (x86)\Internet Explorer
[23/02/2016 20:24:16] - |AD| - [57214.92 Ko] - C:\Program Files (x86)\Malwarebytes Anti-Malware
[08/12/2015 20:01:53] - |D| - [89797.78 Ko] - C:\Program Files (x86)\Microsoft Analysis Services
[08/12/2015 20:01:41] - |D| - [73278.19 Ko] - C:\Program Files (x86)\Microsoft Office
[08/12/2015 20:05:02] - |D| - [21.19 Ko] - C:\Program Files (x86)\Microsoft SQL Server
[30/10/2015 08:24:24] - |AD| - [8719.84 Ko] - C:\Program Files (x86)\Microsoft.NET
[12/12/2015 12:13:44] - |D| - [25.15 Ko] - C:\Program Files (x86)\MSBuild
[25/12/2015 16:20:59] - |D| - [47892.08 Ko] - C:\Program Files (x86)\MSI Afterburner
[09/12/2015 22:57:14] - |D| - [247399.44 Ko] - C:\Program Files (x86)\NVIDIA Corporation
[11/01/2016 16:39:54] - |AD| - [14035.42 Ko] - C:\Program Files (x86)\PSPad editor
[19/02/2016 20:16:34] - |D| - [3358.96 Ko] - C:\Program Files (x86)\Realtek
[12/12/2015 12:13:44] - |D| - [37482.25 Ko] - C:\Program Files (x86)\Reference Assemblies
[25/12/2015 16:21:23] - |D| - [60876.37 Ko] - C:\Program Files (x86)\RivaTuner Statistics Server
[04/12/2015 14:36:00] - |RD| - [77210.32 Ko] - C:\Program Files (x86)\Skype
[03/12/2015 19:26:04] - |D| - [36338049.08 Ko] - C:\Program Files (x86)\Steam
[05/12/2015 20:57:03] - |AD| - [105400.88 Ko] - C:\Program Files (x86)\TeamViewer
[17/12/2015 16:08:14] - |HD| - [0 Ko] - C:\Program Files (x86)\Temp
[04/01/2016 16:11:45] - |D| - [466831.98 Ko] - C:\Program Files (x86)\Unigine
[09/12/2015 22:57:22] - |HD| - [0 Ko] - C:\Program Files (x86)\Uninstall Information
[23/02/2016 15:36:16] - |AD| - [6508.21 Ko] - C:\Program Files (x86)\WinCDEmu
[30/10/2015 08:24:24] - |D| - [1416 Ko] - C:\Program Files (x86)\Windows Defender
[30/10/2015 08:24:24] - |D| - [5822 Ko] - C:\Program Files (x86)\Windows Mail
[30/10/2015 08:24:24] - |D| - [3258.58 Ko] - C:\Program Files (x86)\Windows Media Player
[30/10/2015 08:24:24] - |D| - [214.91 Ko] - C:\Program Files (x86)\Windows Multimedia Platform
[30/10/2015 08:24:24] - |D| - [7395.06 Ko] - C:\Program Files (x86)\Windows NT
[30/10/2015 08:24:24] - |D| - [5351.19 Ko] - C:\Program Files (x86)\Windows Photo Viewer
[30/10/2015 08:24:24] - |D| - [214.91 Ko] - C:\Program Files (x86)\Windows Portable Devices
[30/10/2015 08:24:24] - |SHD| - [0 Ko] - C:\Program Files (x86)\Windows Sidebar
[30/10/2015 08:24:24] - |SD| - [3495.55 Ko] - C:\Program Files (x86)\WindowsPowerShell

---------- | C:\Program Files

[09/12/2015 22:57:27] - |D| - [2952.67 Ko] - C:\Program Files\ASUS
[25/02/2016 15:15:45] - |AD| - [18114.16 Ko] - C:\Program Files\CCleaner
[30/10/2015 07:28:30] - |D| - [423164.8 Ko] - C:\Program Files\Common Files
[03/12/2015 18:55:32] - |D| - [2975.41 Ko] - C:\Program Files\CPUID
[30/10/2015 08:24:28] - |ASH| - [0.17 Ko] - C:\Program Files\desktop.ini
[03/12/2015 18:43:43] - |D| - [20946.62 Ko] - C:\Program Files\Intel
[30/10/2015 08:24:24] - |D| - [2708.67 Ko] - C:\Program Files\Internet Explorer
[04/12/2015 21:06:52] - |AD| - [19251.7 Ko] - C:\Program Files\KMSpico
[13/12/2015 13:05:48] - |D| - [13980.41 Ko] - C:\Program Files\Logitech
[08/12/2015 20:01:53] - |D| - [104536.28 Ko] - C:\Program Files\Microsoft Analysis Services
[08/12/2015 20:01:41] - |AD| - [892453.56 Ko] - C:\Program Files\Microsoft Office
[08/12/2015 20:05:01] - |D| - [25.69 Ko] - C:\Program Files\Microsoft SQL Server
[08/12/2015 20:05:08] - |D| - [702.15 Ko] - C:\Program Files\Microsoft.NET
[12/12/2015 12:13:44] - |D| - [25.15 Ko] - C:\Program Files\MSBuild
[25/12/2015 16:24:56] - |AD| - [53441.1 Ko] - C:\Program Files\MSI Kombustor 3
[09/12/2015 22:57:14] - |D| - [971123.33 Ko] - C:\Program Files\NVIDIA Corporation
[18/12/2015 19:00:53] - |AD| - [57249.97 Ko] - C:\Program Files\paint.net
[02/01/2016 17:10:44] - |D| - [6004.05 Ko] - C:\Program Files\Rainmeter
[19/02/2016 20:17:33] - |D| - [42612.84 Ko] - C:\Program Files\Realtek
[12/12/2015 12:13:44] - |D| - [35863.17 Ko] - C:\Program Files\Reference Assemblies
[17/12/2015 16:00:32] - |AD| - [64116.04 Ko] - C:\Program Files\TeamSpeak 3 Client
[30/07/2015 22:52:28] - |HD| - [0 Ko] - C:\Program Files\Uninstall Information
[04/12/2015 22:12:49] - |D| - [121636.06 Ko] - C:\Program Files\VideoLAN
[30/10/2015 08:24:24] - |D| - [11090.8 Ko] - C:\Program Files\Windows Defender
[30/10/2015 19:35:08] - |D| - [8756.62 Ko] - C:\Program Files\Windows Journal
[30/10/2015 08:24:24] - |D| - [6174 Ko] - C:\Program Files\Windows Mail
[30/10/2015 08:24:24] - |D| - [5256.61 Ko] - C:\Program Files\Windows Media Player
[30/10/2015 08:24:24] - |D| - [252.23 Ko] - C:\Program Files\Windows Multimedia Platform
[30/10/2015 08:24:24] - |D| - [7675.06 Ko] - C:\Program Files\Windows NT
[30/10/2015 08:24:24] - |D| - [6227.19 Ko] - C:\Program Files\Windows Photo Viewer
[30/10/2015 08:24:24] - |D| - [252.23 Ko] - C:\Program Files\Windows Portable Devices
[30/10/2015 08:24:24] - |SHD| - [0 Ko] - C:\Program Files\Windows Sidebar
[30/10/2015 08:24:24] - |HD| - [962538.38 Ko] - C:\Program Files\WindowsApps
[30/10/2015 08:24:24] - |SD| - [3663 Ko] - C:\Program Files\WindowsPowerShell
[04/12/2015 21:06:15] - |AD| - [5697.4 Ko] - C:\Program Files\WinRAR

---------- | C:\Program Files (x86)\Common Files

[04/12/2015 14:47:05] - |AD| - [10105.15 Ko] - C:\Program Files (x86)\Common Files\Adobe
[19/02/2016 20:16:25] - |D| - [2057.19 Ko] - C:\Program Files (x86)\Common Files\InstallShield
[03/12/2015 18:44:29] - |D| - [239.55 Ko] - C:\Program Files (x86)\Common Files\Intel Corporation
[30/10/2015 08:24:24] - |AD| - [162210.38 Ko] - C:\Program Files (x86)\Common Files\Microsoft Shared
[30/10/2015 08:24:24] - |D| - [2.64 Ko] - C:\Program Files (x86)\Common Files\Services
[04/12/2015 14:36:00] - |AD| - [2343.63 Ko] - C:\Program Files (x86)\Common Files\Skype
[03/12/2015 19:26:05] - |D| - [815.58 Ko] - C:\Program Files (x86)\Common Files\Steam
[30/10/2015 08:24:24] - |D| - [9803.17 Ko] - C:\Program Files (x86)\Common Files\System

---------- | C:\Program Files\Common Files

[08/12/2015 20:05:04] - |AD| - [14.21 Ko] - C:\Program Files\Common Files\DESIGNER
[13/12/2015 13:05:48] - |AD| - [1471.23 Ko] - C:\Program Files\Common Files\Logitech
[30/10/2015 08:24:24] - |AD| - [410995.54 Ko] - C:\Program Files\Common Files\microsoft shared
[30/10/2015 08:24:24] - |D| - [2.64 Ko] - C:\Program Files\Common Files\Services
[30/10/2015 08:24:24] - |D| - [10681.17 Ko] - C:\Program Files\Common Files\System

---------- | C:\Users\ondre

[17/01/2016 14:11:38] - |D| - [0.06 Ko] - C:\Users\ondre\.idlerc
[18/01/2016 17:48:50] - |D| - [49.14 Ko] - C:\Users\ondre\.kivy
[09/12/2015 22:58:01] - |HD| - [80714351.63 Ko] - C:\Users\ondre\AppData
[03/12/2015 18:31:13] - |RD| - [0.4 Ko] - C:\Users\ondre\Contacts
[09/12/2015 22:58:01] - |SHD| - [459890.93 Ko] - C:\Users\ondre\Data aplikací
[03/12/2015 18:30:43] - |RD| - [2495151.38 Ko] - C:\Users\ondre\Desktop
[03/12/2015 18:30:43] - |RD| - [2404.62 Ko] - C:\Users\ondre\Documents
[09/12/2015 22:58:01] - |SHD| - [2404.62 Ko] - C:\Users\ondre\Dokumenty
[03/12/2015 18:30:43] - |RD| - [767085.67 Ko] - C:\Users\ondre\Downloads
[03/12/2015 18:30:43] - |RD| - [0.47 Ko] - C:\Users\ondre\Favorites
[03/12/2015 18:43:32] - |D| - [961.28 Ko] - C:\Users\ondre\Intel
[03/12/2015 18:30:43] - |RD| - [1.97 Ko] - C:\Users\ondre\Links
[09/12/2015 22:58:01] - |SHD| - [80190733.52 Ko] - C:\Users\ondre\Local Settings
[03/12/2015 18:30:43] - |RD| - [0.49 Ko] - C:\Users\ondre\Music
[09/12/2015 22:58:01] - |SHD| - [109.56 Ko] - C:\Users\ondre\Nabídka Start
[09/12/2015 22:58:01] - |ASH| - [2560 Ko] - C:\Users\ondre\NTUSER.DAT
[09/12/2015 22:58:01] - |ASH| - [64 Ko] - C:\Users\ondre\ntuser.dat.LOG1
[09/12/2015 22:58:01] - |ASH| - [662 Ko] - C:\Users\ondre\ntuser.dat.LOG2
[09/12/2015 22:58:01] - |ASH| - [64 Ko] - C:\Users\ondre\NTUSER.DAT{ba3b0593-9ebf-11e5-974d-94e6b57ec483}.TM.blf
[09/12/2015 22:58:01] - |ASH| - [512 Ko] - C:\Users\ondre\NTUSER.DAT{ba3b0593-9ebf-11e5-974d-94e6b57ec483}.TMContainer00000000000000000001.regtrans-ms
[09/12/2015 22:58:01] - |ASH| - [512 Ko] - C:\Users\ondre\NTUSER.DAT{ba3b0593-9ebf-11e5-974d-94e6b57ec483}.TMContainer00000000000000000002.regtrans-ms
[09/12/2015 23:01:07] - |SH| - [0.02 Ko] - C:\Users\ondre\ntuser.ini
[09/12/2015 22:58:01] - |SHD| - [0 Ko] - C:\Users\ondre\Okolní síť
[09/12/2015 22:58:01] - |SHD| - [0 Ko] - C:\Users\ondre\Okolní tiskárny
[03/12/2015 18:32:40] - |RD| - [0.09 Ko] - C:\Users\ondre\OneDrive
[03/12/2015 18:30:43] - |RD| - [1.03 Ko] - C:\Users\ondre\Pictures
[09/12/2015 22:58:01] - |SHD| - [93.03 Ko] - C:\Users\ondre\Poslední
[03/12/2015 18:30:43] - |RD| - [0.28 Ko] - C:\Users\ondre\Saved Games
[03/12/2015 18:31:13] - |RD| - [1.83 Ko] - C:\Users\ondre\Searches
[09/12/2015 22:58:01] - |SHD| - [8.41 Ko] - C:\Users\ondre\SendTo
[09/12/2015 22:58:01] - |SHD| - [1.24 Ko] - C:\Users\ondre\Soubory cookie
[03/12/2015 19:52:19] - |A| - [0 Ko] - C:\Users\ondre\Sti_Trace.log
[04/12/2015 14:36:48] - |D| - [640 Ko] - C:\Users\ondre\Tracing
[04/01/2016 16:16:45] - |D| - [997.91 Ko] - C:\Users\ondre\Valley
[03/12/2015 18:30:43] - |RD| - [0.68 Ko] - C:\Users\ondre\Videos
[09/12/2015 22:58:01] - |SHD| - [1.65 Ko] - C:\Users\ondre\Šablony

---------- | C:\Users\ondre\AppData\Roaming

[04/12/2015 14:26:44] - |D| - [172934.79 Ko] - C:\Users\ondre\AppData\Roaming\.minecraft
[19/02/2016 17:43:21] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\.mono
[03/12/2015 18:31:13] - |D| - [29.24 Ko] - C:\Users\ondre\AppData\Roaming\Adobe
[03/12/2015 20:47:25] - |D| - [4.82 Ko] - C:\Users\ondre\AppData\Roaming\Battle.net
[04/01/2016 16:11:14] - |D| - [8.3 Ko] - C:\Users\ondre\AppData\Roaming\CadSoft
[03/12/2015 19:51:56] - |D| - [19.3 Ko] - C:\Users\ondre\AppData\Roaming\ControlCenter4
[23/02/2016 14:57:46] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\DAEMON Tools Lite
[27/12/2015 12:11:46] - |D| - [0.4 Ko] - C:\Users\ondre\AppData\Roaming\dvdcss
[03/12/2015 19:50:16] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\InstallShield
[03/12/2015 18:43:46] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\Intel Corporation
[04/12/2015 14:26:45] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\java
[03/12/2015 18:33:22] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\Macromedia
[09/12/2015 22:58:01] - |SD| - [53583.46 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft
[23/02/2016 14:59:02] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\Mozilla
[03/12/2015 19:02:20] - |D| - [4990.48 Ko] - C:\Users\ondre\AppData\Roaming\NVIDIA
[23/02/2016 15:25:16] - |D| - [0.23 Ko] - C:\Users\ondre\AppData\Roaming\PowerISO
[11/01/2016 16:39:58] - |D| - [6.68 Ko] - C:\Users\ondre\AppData\Roaming\PSpad
[02/01/2016 17:10:49] - |D| - [707.24 Ko] - C:\Users\ondre\AppData\Roaming\Rainmeter
[04/12/2015 14:36:04] - |D| - [117599.15 Ko] - C:\Users\ondre\AppData\Roaming\Skype
[05/12/2015 12:56:52] - |D| - [103342.4 Ko] - C:\Users\ondre\AppData\Roaming\Spotify
[05/12/2015 21:07:06] - |D| - [0 Ko] - C:\Users\ondre\AppData\Roaming\TeamViewer
[17/12/2015 16:00:35] - |D| - [2293.49 Ko] - C:\Users\ondre\AppData\Roaming\TS3Client
[04/12/2015 21:03:38] - |D| - [4276.05 Ko] - C:\Users\ondre\AppData\Roaming\uTorrent
[04/12/2015 22:13:52] - |D| - [94.88 Ko] - C:\Users\ondre\AppData\Roaming\vlc
[04/12/2015 21:06:39] - |D| - [0.01 Ko] - C:\Users\ondre\AppData\Roaming\WinRAR

---------- | C:\Users\ondre\AppData\Local

[25/02/2016 14:55:31] - |D| - [0 Ko] - C:\Users\ondre\AppData\Local\ActiveSync
[04/12/2015 14:46:38] - |D| - [8697 Ko] - C:\Users\ondre\AppData\Local\Adobe
[25/02/2016 15:13:32] - |D| - [0 Ko] - C:\Users\ondre\AppData\Local\Apps
[03/12/2015 20:47:25] - |D| - [11518.17 Ko] - C:\Users\ondre\AppData\Local\Battle.net
[29/01/2016 11:00:05] - |D| - [188.86 Ko] - C:\Users\ondre\AppData\Local\BLACKHOLE
[03/12/2015 21:07:20] - |D| - [88.24 Ko] - C:\Users\ondre\AppData\Local\Blizzard
[03/12/2015 20:47:31] - |D| - [0.26 Ko] - C:\Users\ondre\AppData\Local\Blizzard Entertainment
[03/12/2015 19:26:55] - |D| - [7994.11 Ko] - C:\Users\ondre\AppData\Local\CEF
[19/02/2016 17:43:20] - |D| - [0.54 Ko] - C:\Users\ondre\AppData\Local\Colossal Order
[03/12/2015 18:33:13] - |D| - [22728.02 Ko] - C:\Users\ondre\AppData\Local\Comms
[25/02/2016 17:43:56] - |D| - [34203.72 Ko] - C:\Users\ondre\AppData\Local\CrashDumps
[09/12/2015 22:58:01] - |SHD| - [75058520.93 Ko] - C:\Users\ondre\AppData\Local\Data aplikací
[24/12/2015 21:46:13] - |D| - [0 Ko] - C:\Users\ondre\AppData\Local\Diagnostics
[23/02/2016 15:02:13] - |D| - [1.91 Ko] - C:\Users\ondre\AppData\Local\Disc_Soft_Ltd
[04/01/2016 16:16:44] - |A| - [1041 Ko] - C:\Users\ondre\AppData\Local\file__0.localstorage
[03/12/2015 19:09:31] - |D| - [675168.85 Ko] - C:\Users\ondre\AppData\Local\Google
[09/12/2015 22:58:01] - |SHD| - [0.13 Ko] - C:\Users\ondre\AppData\Local\History
[09/12/2015 22:58:01] - |D| - [121412.08 Ko] - C:\Users\ondre\AppData\Local\Microsoft
[08/12/2015 20:01:42] - |D| - [63.99 Ko] - C:\Users\ondre\AppData\Local\Microsoft Help
[03/12/2015 18:33:06] - |D| - [94.08 Ko] - C:\Users\ondre\AppData\Local\MicrosoftEdge
[19/02/2016 20:20:22] - |D| - [0.68 Ko] - C:\Users\ondre\AppData\Local\NAHIMICAPO1.0.0
[03/12/2015 18:40:04] - |D| - [59561.26 Ko] - C:\Users\ondre\AppData\Local\NVIDIA
[03/12/2015 18:39:56] - |D| - [1.22 Ko] - C:\Users\ondre\AppData\Local\NVIDIA Corporation
[16/01/2016 16:39:48] - |D| - [0.4 Ko] - C:\Users\ondre\AppData\Local\OfficeBSCache-MyComputer
[03/12/2015 18:31:13] - |D| - [68525.25 Ko] - C:\Users\ondre\AppData\Local\Packages
[18/12/2015 19:00:53] - |D| - [0.13 Ko] - C:\Users\ondre\AppData\Local\paint.net
[17/01/2016 14:24:46] - |D| - [49174.48 Ko] - C:\Users\ondre\AppData\Local\pip
[03/12/2015 18:55:27] - |D| - [0 Ko] - C:\Users\ondre\AppData\Local\Programs
[03/12/2015 18:31:17] - |D| - [0 Ko] - C:\Users\ondre\AppData\Local\Publishers
[03/12/2015 18:42:32] - |A| - [7.42 Ko] - C:\Users\ondre\AppData\Local\resmon.resmoncfg
[05/12/2015 12:57:13] - |D| - [3121934.64 Ko] - C:\Users\ondre\AppData\Local\Spotify
[03/12/2015 19:26:55] - |D| - [358839.33 Ko] - C:\Users\ondre\AppData\Local\Steam
[25/02/2016 14:53:02] - |D| - [641104.67 Ko] - C:\Users\ondre\AppData\Local\Temp
[09/12/2015 22:58:01] - |SHD| - [0.13 Ko] - C:\Users\ondre\AppData\Local\Temporary Internet Files
[03/12/2015 18:31:13] - |D| - [11464 Ko] - C:\Users\ondre\AppData\Local\TileDataLayer
[03/12/2015 18:31:13] - |D| - [13.13 Ko] - C:\Users\ondre\AppData\Local\VirtualStore

---------- | C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu

[03/12/2015 18:31:13] - |ASH| - [0.17 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[09/12/2015 22:58:01] - |RD| - [54.69 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[09/12/2015 22:58:01] - |SHD| - [54.69 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programy

---------- | C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

[09/12/2015 22:58:01] - |RD| - [3.8 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[09/12/2015 22:58:01] - |RD| - [2.86 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[03/12/2015 18:31:13] - |RD| - [0.17 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[03/12/2015 19:10:40] - |D| - [2.88 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
[02/01/2016 14:26:39] - |D| - [3.31 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deseti prsty
[09/12/2015 23:01:08] - |ASH| - [0.17 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[09/12/2015 22:58:01] - |D| - [0.17 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[25/12/2015 16:21:11] - |D| - [7.51 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[25/12/2015 16:21:29] - |D| - [7.95 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
[05/12/2015 12:57:13] - |A| - [1.79 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[03/12/2015 18:31:13] - |RD| - [4 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[09/12/2015 22:58:01] - |RD| - [5.19 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[04/12/2015 21:03:45] - |D| - [3.65 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[09/12/2015 22:58:01] - |RSD| - [7.07 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[04/12/2015 21:06:29] - |D| - [4.18 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---------- | C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[03/12/2015 18:31:13] - |ASH| - [0.17 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[02/01/2016 17:10:45] - |A| - [1.73 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[27/02/2016 12:58:46] - |A| - [1.01 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
[27/02/2016 12:11:08] - |A| - [1.09 Ko] - C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_15361906.lnk

---------- | C:\ProgramData

[19/02/2016 17:43:21] - |D| - [0 Ko] - C:\ProgramData\.mono
[04/12/2015 14:46:58] - |D| - [179240.38 Ko] - C:\ProgramData\Adobe
[03/12/2015 20:46:10] - |D| - [14540.27 Ko] - C:\ProgramData\Battle.net
[03/12/2015 20:47:25] - |D| - [441.86 Ko] - C:\ProgramData\Blizzard Entertainment
[03/12/2015 19:50:18] - |D| - [34.74 Ko] - C:\ProgramData\Brother
[15/12/2015 20:45:08] - |D| - [0 Ko] - C:\ProgramData\Codemasters
[03/12/2015 19:51:00] - |D| - [0.49 Ko] - C:\ProgramData\ControlCenter4
[23/02/2016 14:57:16] - |D| - [3.03 Ko] - C:\ProgramData\DAEMON Tools Lite
[10/09/2015 05:47:38] - |SHD| - [74479543.68 Ko] - C:\ProgramData\Data aplikací
[10/09/2015 05:47:38] - |SHD| - [5116.67 Ko] - C:\ProgramData\Dokumenty
[03/12/2015 18:43:44] - |D| - [4072.49 Ko] - C:\ProgramData\Intel
[27/02/2016 12:11:08] - |D| - [210.96 Ko] - C:\ProgramData\Kaspersky Lab
[23/02/2016 20:24:16] - |D| - [2594385.62 Ko] - C:\ProgramData\Malwarebytes
[04/12/2015 14:47:12] - |D| - [0 Ko] - C:\ProgramData\McAfee
[30/10/2015 08:24:24] - |SD| - [2463501.47 Ko] - C:\ProgramData\Microsoft
[08/12/2015 20:01:41] - |D| - [9.71 Ko] - C:\ProgramData\Microsoft Help
[10/09/2015 06:43:46] - |D| - [0.02 Ko] - C:\ProgramData\Microsoft OneDrive
[10/09/2015 05:47:38] - |SHD| - [313.11 Ko] - C:\ProgramData\Nabídka Start
[23/02/2016 16:01:55] - |D| - [124.36 Ko] - C:\ProgramData\NFS Underground
[23/02/2016 14:58:27] - |RASH| - [0.01 Ko] - C:\ProgramData\ntuser.pol
[09/12/2015 22:57:23] - |D| - [2340.68 Ko] - C:\ProgramData\NVIDIA
[09/12/2015 22:57:17] - |D| - [302154.07 Ko] - C:\ProgramData\NVIDIA Corporation
[10/09/2015 05:47:38] - |SHD| - [17.36 Ko] - C:\ProgramData\Plocha
[30/10/2015 08:24:24] - |AD| - [2.02 Ko] - C:\ProgramData\regid.1991-06.com.microsoft
[24/02/2016 18:42:19] - |D| - [458.1 Ko] - C:\ProgramData\RogueKiller
[04/12/2015 14:35:58] - |D| - [41596 Ko] - C:\ProgramData\Skype
[15/12/2015 20:45:07] - |D| - [4125.88 Ko] - C:\ProgramData\Steam
[30/10/2015 08:24:24] - |D| - [2.38 Ko] - C:\ProgramData\USOPrivate
[30/07/2015 22:53:14] - |D| - [1904 Ko] - C:\ProgramData\USOShared
[10/09/2015 05:47:38] - |SHD| - [0 Ko] - C:\ProgramData\Šablony

---------- | C:\WINDOWS\Tasks

[27/02/2016 12:58:27] - |A| - [0.21 Ko] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
[09/12/2015 23:00:04] - |AH| - [0.01 Ko] - C:\WINDOWS\Tasks\SA.DAT

---------- | C:\WINDOWS\System32\Tasks

[30/10/2015 08:24:25] - |D| - [0 Ko] - C:\WINDOWS\System32\Tasks\Microsoft

Analyzed : 1096326 | Modified : 9 | Deleted : 7

---------- |EOF| ---------- | 15:21:32 | [34 Ko]
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 27 úno 2016 16:49

Momentálně mi přestala fungovat celá nabídka Start. Ani nevyjede.
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Orcus » 27 úno 2016 20:15

Ověříme integritu a úplnost všech systémových souborů:
- Zmáčkni Win + R najednou
- vepiš do spuštění "cmd" bez úvozovek. a stiskni Enter.
- do příkazového řádku vepiš "sfc /scannow" bez úvozovek a stiskni Enter.
- Po dokončení skenu restartuje počítač.
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 27 úno 2016 22:11

"Windows Resource Protection did not find any integrity violations."
Ani po restartu nabídka Start odmítá fungovat. :huh:
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 28 úno 2016 09:26

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Hosts:
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 28 úno 2016 12:08

Nabídka Start beze změny.

Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Ondra (2016-02-28 12:05:57) Run:2
Running from C:\Users\ondre\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.2 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 12:06:07 ====
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jerabina » 28 úno 2016 20:11

Udělej prosím ještě jednou FRST a oba logy sem vlož.

+

můžeš zkusit postup, který jsem našel v jedné diskuzi:
Pomohlo založení nového uživatele, při následném čekání na nastavení plochy vypnutí PC natvrdo a při dalším spuštění vše fungovalo jak má. Pro anglicky zdatnější jedince- https://www.techmesto.com/fix-start-men ... l-preview/
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 28 úno 2016 20:34

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by Ondra (administrator) on XEON (28-02-2016 20:33:32)
Running from C:\Users\ondre\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Spotify Ltd) C:\Users\ondre\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Run: [Spotify Web Helper] => C:\Users\ondre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-19] (Spotify Ltd)
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Run: [Spotify] => C:\Users\ondre\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-19] (Spotify Ltd)
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
Startup: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-01-02]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk [2016-02-27]
ShortcutTarget: _uninst_.lnk -> C:\Users\ondre\AppData\Local\Temp\_uninst_.bat (No File)
Startup: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_15361906.lnk [2016-02-27]
ShortcutTarget: _uninst_15361906.lnk -> C:\Users\ondre\AppData\Local\Temp\_uninst_15361906.bat (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d36da8ca-7876-407f-8b4d-a30367afd678}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=dam&uid=96F9C1C12D6988EC3F638884592CF513&v=20160202&ts=AHEpBX8nBHUtAk.."
CHR Profile: C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-25]
CHR Extension: (BetterTTV) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-02-25]
CHR Extension: (Dokumenty Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-25]
CHR Extension: (Disk Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (YouTube) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Oznámení Google+) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2016-02-25]
CHR Extension: (Vyhledávání Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Google+) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-25]
CHR Extension: (Tabulky Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-25]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-02-25]
CHR Extension: (LoungeDestroyer) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-02-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25]
CHR Extension: (AdBlock) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-25]
CHR Extension: (Uložit na Disk Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-02-25]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25]
CHR Extension: (Gmail) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-25]
CHR Profile: C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-25]
CHR Extension: (Dokumenty Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-25]
CHR Extension: (Disk Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (Seznam Lištička - Email) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-02-25]
CHR Extension: (YouTube) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Vyhledávání Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Tabulky Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25]
CHR Extension: (AdBlock) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25]
CHR Extension: (Gmail) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-25]
CHR Profile: C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-25]
CHR Extension: (Dokumenty Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-25]
CHR Extension: (Disk Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (YouTube) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Vyhledávání Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Tabulky Google) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25]
CHR Extension: (Gmail) - C:\Users\ondre\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [44192 2015-09-29] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-03] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-23] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-23] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-12-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2016-02-23] (Macrovision Europe Ltd) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\ondre\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 20:33 - 2016-02-28 20:33 - 00017748 _____ C:\Users\ondre\Desktop\FRST.txt
2016-02-27 13:14 - 2016-02-27 15:21 - 00033794 _____ C:\AdsFix_27_02_2016_15_22_02.txt
2016-02-27 13:11 - 2016-02-27 15:22 - 00000000 ____D C:\AdsFix
2016-02-27 13:09 - 2016-02-27 13:09 - 05611024 _____ (SosVirus) C:\Users\ondre\Downloads\adsfix_3_27.02.2016.1.exe
2016-02-27 13:09 - 2016-02-27 13:09 - 05611024 _____ (SosVirus) C:\Users\ondre\Desktop\adsfix_3_27.02.2016.1.exe
2016-02-27 12:58 - 2016-02-27 12:58 - 00223358 _____ C:\WINDOWS\ntbtlog.txt
2016-02-27 12:58 - 2016-02-27 12:58 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-27 12:55 - 2014-08-28 05:42 - 00458336 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\12991093.sys
2016-02-27 12:11 - 2016-02-27 12:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-27 12:10 - 2016-02-27 12:10 - 159428216 _____ C:\Users\ondre\Desktop\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
2016-02-27 12:10 - 2014-08-28 05:42 - 00458336 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\35946107.sys
2016-02-27 12:10 - 2014-08-28 05:42 - 00458336 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\15361906.sys
2016-02-27 12:09 - 2016-02-27 12:10 - 159428216 _____ C:\Users\ondre\Downloads\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
2016-02-27 12:05 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-27 12:01 - 2016-02-27 12:03 - 282949128 _____ (NVIDIA Corporation) C:\Users\ondre\Downloads\341.92-desktop-win10-64bit-international.exe
2016-02-27 12:00 - 2016-02-27 12:01 - 00000000 ____D C:\WINDOWS\LastGood
2016-02-26 23:25 - 2016-02-09 09:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-02-26 23:25 - 2016-02-09 09:25 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-26 23:25 - 2016-02-09 06:29 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-26 23:25 - 2016-02-09 06:29 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-26 23:25 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-02-26 23:25 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-02-26 23:24 - 2016-02-26 23:24 - 00000000 ____D C:\NVIDIA
2016-02-26 23:20 - 2016-02-26 23:26 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-26 23:20 - 2016-02-26 23:23 - 337507360 _____ (NVIDIA Corporation) C:\Users\ondre\Downloads\361.91-desktop-win10-64bit-international-whql.exe
2016-02-25 22:23 - 2016-02-28 20:33 - 00000000 ____D C:\FRST
2016-02-25 22:23 - 2016-02-25 22:23 - 02371072 _____ (Farbar) C:\Users\ondre\Desktop\FRST64.exe
2016-02-25 17:43 - 2016-02-28 20:33 - 00000000 ____D C:\Users\ondre\AppData\Local\CrashDumps
2016-02-25 15:22 - 2016-02-25 15:22 - 00000871 _____ C:\DelFix.txt
2016-02-25 15:15 - 2016-02-25 15:15 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-25 15:15 - 2016-02-25 15:15 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-25 15:15 - 2016-02-25 15:15 - 00000000 ____D C:\Program Files\CCleaner
2016-02-25 15:13 - 2016-02-25 15:13 - 00000000 ____D C:\Users\ondre\AppData\Local\Apps\2.0
2016-02-25 14:55 - 2016-02-25 14:55 - 00000000 ____D C:\Users\ondre\AppData\Local\ActiveSync
2016-02-25 14:53 - 2016-02-25 14:53 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-02-25 14:53 - 2016-02-25 14:44 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-02-24 18:42 - 2016-02-25 14:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-24 18:42 - 2016-02-25 14:31 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-24 18:37 - 2016-02-24 18:37 - 00001133 _____ C:\gdf.txt
2016-02-23 20:24 - 2016-02-24 18:33 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 20:24 - 2016-02-23 20:24 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-23 20:24 - 2016-02-23 20:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-23 20:24 - 2016-02-23 20:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-23 20:24 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-23 20:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-23 20:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-23 15:39 - 2016-02-23 16:00 - 00012400 _____ (Macrovision Europe Ltd) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2016-02-23 15:39 - 2016-02-23 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2016-02-23 15:36 - 2016-02-23 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2016-02-23 15:36 - 2016-02-23 15:36 - 00000000 ____D C:\Program Files (x86)\WinCDEmu
2016-02-23 15:25 - 2016-02-23 15:25 - 00000000 ____D C:\Users\ondre\AppData\Roaming\PowerISO
2016-02-23 15:02 - 2016-02-23 15:02 - 00000000 ____D C:\Users\ondre\AppData\Local\Disc_Soft_Ltd
2016-02-23 14:59 - 2016-02-23 14:59 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-02-23 14:59 - 2016-02-23 14:59 - 00000000 ____D C:\Users\ondre\AppData\Roaming\Mozilla
2016-02-23 14:58 - 2016-02-25 14:53 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-23 14:57 - 2016-02-25 15:18 - 00000000 ____D C:\Users\ondre\AppData\Roaming\DAEMON Tools Lite
2016-02-23 14:57 - 2016-02-23 14:57 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-02-23 14:57 - 2016-02-23 14:57 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-02-23 14:57 - 2016-02-23 14:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-02-19 20:20 - 2016-02-19 20:20 - 00000000 ____D C:\Users\ondre\AppData\Local\NAHIMICAPO1.0.0
2016-02-19 20:17 - 2016-02-19 20:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-02-19 20:17 - 2016-02-19 20:17 - 00000000 ____D C:\Program Files\Realtek
2016-02-19 20:17 - 2014-02-18 12:42 - 03867992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-02-19 20:17 - 2014-02-18 10:33 - 00624344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-02-19 20:17 - 2014-02-18 09:56 - 00749977 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-02-19 20:17 - 2014-02-18 08:18 - 55506944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-02-19 20:17 - 2014-02-18 07:33 - 00946392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-02-19 20:17 - 2014-02-18 03:35 - 01024216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-02-19 20:17 - 2014-02-17 09:04 - 02788056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2016-02-19 20:17 - 2014-02-07 10:22 - 02157704 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-02-19 20:17 - 2014-02-06 04:28 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-02-19 20:17 - 2014-02-03 17:45 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-02-19 20:17 - 2014-01-28 04:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-02-19 20:17 - 2014-01-09 23:52 - 00899320 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-02-19 20:17 - 2014-01-09 23:52 - 00724728 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-02-19 20:17 - 2014-01-09 23:51 - 01045752 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-02-19 20:17 - 2014-01-09 23:51 - 00245496 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-02-19 20:17 - 2013-12-31 04:16 - 02825432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-02-19 20:17 - 2013-12-04 09:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-02-19 20:17 - 2013-10-11 04:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-02-19 20:17 - 2013-08-20 10:37 - 00605496 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-02-19 20:17 - 2013-06-25 05:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-02-19 20:17 - 2013-06-25 05:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-02-19 20:17 - 2013-06-25 05:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-02-19 20:17 - 2012-01-30 04:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-02-19 20:17 - 2012-01-10 03:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-02-19 20:17 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-02-19 20:17 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-02-19 20:17 - 2011-09-02 07:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-02-19 20:17 - 2011-09-02 07:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-02-19 20:17 - 2011-09-02 07:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-02-19 20:17 - 2011-03-17 05:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-02-19 20:17 - 2011-03-07 10:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-02-19 20:17 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-02-19 20:17 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-02-19 20:17 - 2010-07-22 09:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-02-19 20:17 - 2009-11-24 02:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-02-19 20:17 - 2009-11-24 02:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-02-19 20:17 - 2009-11-24 02:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-02-19 20:17 - 2009-11-24 02:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-02-19 20:16 - 2016-02-19 20:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-02-19 20:16 - 2014-02-18 10:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-02-19 20:16 - 2014-02-05 02:23 - 02319960 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 28310104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 14737496 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 12793944 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 03923032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 02037336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 01932888 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2016-02-19 20:16 - 2014-02-03 17:45 - 01033304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-02-19 20:16 - 2014-01-31 10:28 - 00938608 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-02-19 20:16 - 2014-01-31 10:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-02-19 20:16 - 2014-01-31 10:23 - 01419376 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-02-19 20:16 - 2014-01-31 10:22 - 01419376 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-02-19 20:16 - 2014-01-20 12:11 - 02080472 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-02-19 20:16 - 2014-01-16 19:02 - 00942384 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll
2016-02-19 20:16 - 2014-01-16 18:59 - 05752072 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-02-19 20:16 - 2013-10-15 20:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-02-19 20:16 - 2013-10-11 05:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-02-19 20:16 - 2013-10-06 17:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-02-19 20:16 - 2013-10-06 17:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-02-19 20:16 - 2013-10-06 17:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-02-19 20:16 - 2013-09-09 21:02 - 06217904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-02-19 20:16 - 2013-09-09 21:02 - 00313520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-02-19 20:16 - 2013-09-09 21:01 - 01938608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-02-19 20:16 - 2013-09-09 21:01 - 00260272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-02-19 20:16 - 2013-08-14 08:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-02-19 20:16 - 2013-08-14 08:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-02-19 20:16 - 2013-07-23 08:39 - 00790272 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll
2016-02-19 20:16 - 2013-06-21 04:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-02-19 20:16 - 2013-04-03 07:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-02-19 20:16 - 2012-08-31 12:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-02-19 20:16 - 2012-08-31 12:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-02-19 20:16 - 2012-08-31 12:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-02-19 20:16 - 2012-08-31 12:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-02-19 20:16 - 2012-08-31 12:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-02-19 20:16 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-02-19 20:16 - 2011-08-23 10:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-02-19 20:16 - 2011-05-31 02:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-02-19 20:16 - 2010-09-27 02:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-02-19 20:15 - 2016-02-19 20:15 - 00038628 _____ C:\WINDOWS\Ascd_tmp.ini
2016-02-19 20:15 - 2009-04-02 13:30 - 00010296 _____ C:\WINDOWS\SysWOW64\Drivers\ASUSHWIO.SYS
2016-02-19 17:43 - 2016-02-19 17:43 - 00000000 ____D C:\Users\ondre\AppData\Roaming\.mono
2016-02-19 17:43 - 2016-02-19 17:43 - 00000000 ____D C:\Users\ondre\AppData\Local\Colossal Order
2016-02-19 17:43 - 2016-02-19 17:43 - 00000000 ____D C:\ProgramData\.mono
2016-02-17 15:36 - 2016-02-17 15:36 - 00000222 _____ C:\Users\ondre\Desktop\Jet Set Radio.url
2016-02-17 15:36 - 2016-02-17 15:36 - 00000222 _____ C:\Users\ondre\Desktop\Hell Yeah!.url
2016-02-17 15:36 - 2016-02-17 15:36 - 00000221 _____ C:\Users\ondre\Desktop\SEGA Genesis & Mega Drive Classics.url
2016-02-10 17:25 - 2016-02-25 12:20 - 00000000 ____D C:\Users\ondre\Desktop\ASProPack
2016-02-10 15:31 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 15:31 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 15:31 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 15:31 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 15:31 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 15:31 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 15:31 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 15:31 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 15:31 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:31 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 15:31 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 15:31 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 15:31 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 15:31 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 15:31 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 15:31 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 15:31 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 15:31 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 15:31 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 15:31 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 15:31 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 15:31 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 15:31 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 15:31 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 15:31 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 15:31 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 15:31 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 15:31 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 15:31 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 15:31 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 15:31 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 15:31 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 15:31 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 15:31 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 15:31 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:31 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 15:31 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 15:31 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 15:31 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 15:31 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 15:31 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 15:31 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 15:31 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 15:31 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 15:31 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 15:31 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 15:31 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:31 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 15:31 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:31 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 15:31 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 15:31 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 15:31 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 15:31 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 15:31 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:31 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 15:31 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 15:31 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 15:31 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 15:31 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 15:31 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:31 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 15:31 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 15:31 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 15:31 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 20:39 - 2016-02-07 20:39 - 00000000 ____D C:\Users\ondre\Desktop\Bettyna zrcadlovka
2016-01-31 11:13 - 2016-01-31 11:30 - 00000000 ____D C:\Users\ondre\Desktop\Babička 70
2016-01-29 19:53 - 2016-01-29 20:11 - 00000000 ____D C:\Users\ondre\Desktop\Zlatá svatba
2016-01-29 11:00 - 2016-01-29 11:18 - 00000000 ____D C:\Users\ondre\AppData\Local\BLACKHOLE
2016-01-29 10:38 - 2016-01-29 10:38 - 00000222 _____ C:\Users\ondre\Desktop\BLACKHOLE.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 16:43 - 2015-12-05 12:57 - 00000000 ____D C:\Users\ondre\AppData\Local\Spotify
2016-02-28 16:43 - 2015-12-05 12:56 - 00000000 ____D C:\Users\ondre\AppData\Roaming\Spotify
2016-02-28 12:11 - 2015-12-03 18:34 - 01774890 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-28 12:11 - 2015-10-30 19:31 - 00751068 _____ C:\WINDOWS\system32\perfh005.dat
2016-02-28 12:11 - 2015-10-30 19:31 - 00151190 _____ C:\WINDOWS\system32\perfc005.dat
2016-02-28 12:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-28 12:11 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-28 12:06 - 2015-12-09 23:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-28 12:06 - 2015-12-09 22:57 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-28 03:03 - 2015-12-25 16:46 - 00003120 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-02-28 03:03 - 2015-12-03 19:26 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-27 22:11 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-27 13:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Web
2016-02-27 12:06 - 2015-12-03 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-27 12:01 - 2015-12-09 22:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-27 12:01 - 2015-12-09 22:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-27 12:00 - 2015-12-09 22:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-27 01:28 - 2015-12-17 16:00 - 00000000 ____D C:\Users\ondre\AppData\Roaming\TS3Client
2016-02-26 23:28 - 2015-12-25 16:21 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-02-26 23:28 - 2015-12-25 16:20 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-02-26 23:26 - 2015-12-03 18:40 - 00000000 ____D C:\Users\ondre\AppData\Local\NVIDIA
2016-02-26 23:11 - 2015-12-04 21:03 - 00000000 ____D C:\Users\ondre\AppData\Roaming\uTorrent
2016-02-26 17:32 - 2015-12-04 22:13 - 00000000 ____D C:\Users\ondre\AppData\Roaming\vlc
2016-02-25 17:43 - 2015-12-05 20:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-25 15:18 - 2016-01-10 11:22 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-25 15:18 - 2015-12-09 22:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-25 15:18 - 2015-12-05 21:07 - 00000000 ____D C:\Users\ondre\AppData\Roaming\TeamViewer
2016-02-25 14:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-25 14:51 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-24 19:00 - 2015-12-03 19:09 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-23 14:59 - 2015-12-03 19:09 - 00002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-22 20:06 - 2015-12-04 14:36 - 00000000 ____D C:\Users\ondre\AppData\Roaming\Skype
2016-02-21 21:08 - 2015-12-04 14:35 - 00000000 ____D C:\ProgramData\Skype
2016-02-21 10:14 - 2015-12-27 12:11 - 00000000 ____D C:\Users\ondre\AppData\Roaming\dvdcss
2016-02-19 20:17 - 2015-12-17 16:08 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-02-19 20:16 - 2015-12-03 19:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-18 14:44 - 2015-12-04 14:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 15:37 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-12 23:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 14:33 - 2015-09-10 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-11 00:15 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 15:51 - 2015-12-03 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:47 - 2015-12-03 20:41 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 15:47 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 22:56 - 2015-12-03 20:47 - 00000000 ____D C:\Users\ondre\AppData\Local\Battle.net
2016-02-09 22:53 - 2015-12-03 20:46 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-05 01:45 - 2015-12-09 22:58 - 00000000 ____D C:\Users\ondre
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-01-04 16:16 - 2016-01-04 16:16 - 1065984 _____ () C:\Users\ondre\AppData\Local\file__0.localstorage
2015-12-03 18:42 - 2015-12-05 14:49 - 0007602 _____ () C:\Users\ondre\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-19 23:26

==================== End of FRST.txt ============================
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Uživatelský avatar
Andrew98
Level 5.5
Level 5.5
Příspěvky: 2516
Registrován: duben 11
Bydliště: Rožnov pod Radhoštěm
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Andrew98 » 28 úno 2016 20:34

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Ondra (2016-02-28 20:33:54)
Running from C:\Users\ondre\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-09 22:01:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3387157438-688928810-2954947604-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3387157438-688928810-2954947604-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3387157438-688928810-2954947604-1000 - Administrator - Disabled)
Guest (S-1-5-21-3387157438-688928810-2954947604-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3387157438-688928810-2954947604-1003 - Limited - Enabled)
Ondra (S-1-5-21-3387157438-688928810-2954947604-1001 - Administrator - Enabled) => C:\Users\ondre

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
AIDA64 Extreme v5.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.50 - FinalWire Ltd.)
Aktualizace NVIDIA 2.9.1.35 (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BLACKHOLE (HKLM-x32\...\Steam App 322680) (Version: - FiolaSoft Studio)
Brother MFL-Pro Suite DCP-J140W (HKLM-x32\...\{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DesetiPrsty5 5.3 (HKLM-x32\...\DesetiPrsty5) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
EAGLE 7.5.0 (HKLM\...\EAGLE 7.5.0) (Version: 7.5.0 - CadSoft Computer GmbH)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version: - Blit Software)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need For Speed Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - )
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Python 3.2 pygame-1.9.2a0 (HKLM-x32\...\{265E2F1D-0025-45DF-B83B-8320466108A8}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 r2494 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3387157438-688928810-2954947604-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2539C1E2-B46B-4B83-BCDC-B1B4C4AD0CF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {320132CA-9F70-4122-AD79-65741B20045B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {74FF0427-5B92-4B17-AC33-FFECA85C1CC5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-11-01] (@ByELDI)
Task: {9CAFDDA5-A637-4DF2-89C8-67CE4452349D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {B30113A2-EB3F-4B52-AE17-C3F86065C5FD} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {BE45EB05-35E3-4B3D-9E01-BC97312C869D} - \{61FFFC8B-48F9-4F16-8B7C-37815EAD55E0} -> No File <==== ATTENTION
Task: {CA094AD0-3486-4AAC-A41D-3D6AFE976F26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {DFE77A9E-6136-4805-B259-4EA8D0B016E3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {E13030A3-A2EA-4A4E-AEE7-0EE05908315A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk -> C:\Users\ondre\AppData\Local\Temp\_uninst_.bat (No File)
Shortcut: C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_15361906.lnk -> C:\Users\ondre\AppData\Local\Temp\_uninst_15361906.bat (No File)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-09 22:57 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 16:08 - 2015-05-08 07:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-12-17 16:09 - 2014-04-24 07:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-02-26 23:26 - 2016-01-23 03:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-03 19:50 - 2005-04-22 05:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-12-09 22:55 - 2015-12-09 22:55 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-23 17:44 - 2015-11-23 17:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-12-09 08:59 - 2015-12-09 08:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2015-12-09 22:55 - 2015-12-09 22:55 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-02 10:19 - 2015-12-02 10:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 17:43 - 2015-11-23 17:43 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2015-11-23 17:44 - 2015-11-23 17:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-12-28 07:05 - 2015-12-28 07:05 - 00036672 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-12-28 07:05 - 2015-12-28 07:05 - 01409856 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-12-28 07:04 - 2015-12-28 07:04 - 00233472 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2015-12-28 07:04 - 2015-12-28 07:04 - 00171520 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2016-02-20 00:28 - 2016-02-18 13:15 - 02046616 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 00:28 - 2016-02-18 13:15 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2015-12-17 16:09 - 2016-02-28 12:06 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-17 16:08 - 2015-05-08 07:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-12-07 17:44 - 2015-12-07 17:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 17:44 - 2015-12-07 17:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-12-03 18:39 - 2016-01-23 03:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-30 23:42 - 2016-02-28 12:05 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3387157438-688928810-2954947604-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ondre\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3387157438-688928810-2954947604-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2E8D9AA2-E180-4AB2-89D1-F0E7078D8037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DE9EC2F3-6067-44B6-B448-4A965031D7F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{93CA127A-0FC0-4A9E-A2E8-E508359A73EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{64F8F353-B489-4E71-B73D-A8606899D31D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01AB0324-2DB1-4675-A29E-D27D1502C2CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7D96ACF8-B291-4BA9-A123-64D91D920278}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F99E25E8-5AC4-4816-AEA9-32BEA21394C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F4CE0074-B664-4719-A9C9-D92B26776A59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{3FC32D2F-BAF8-423B-B4DE-193EE964B691}C:\users\ondre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FBE04121-C49C-40F5-AAEF-6A164DA01E6A}C:\users\ondre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D11DB48C-382C-4592-B13C-15B2402FD471}C:\users\ondre\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondre\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CEA1BB7A-C210-4186-B6A1-165765FD9B88}C:\users\ondre\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondre\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{2F5AC453-84EE-4D24-AF6D-F5C6066B9B56}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{5F7AE5C6-D65D-48FC-AFD5-3C5925796F71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0434D9A3-DCCD-4208-9BD8-35A425FE31FF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2C9EE0A7-38D2-4B34-A714-74EAFFF198AA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{4A7A61CB-6368-431C-A236-BF31B39EB55B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{3E8B5877-9D4C-4300-BB66-57B04FF2E1F3}] => (Allow) LPort=54925
FirewallRules: [{4F2FBEFD-3AE3-4F5B-91E1-AB0BBE59B7A8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{36D920A3-2A32-4385-9B4B-E9982E6EF5C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC718D00-7B9B-44A7-8AA3-D1223D3FFCC6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{18388BA4-95D8-4B13-8927-451027CC43CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7B48BBD0-FAE0-4FB1-9985-8F796E1B960F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7EFA7B7-E8F2-4EB7-AE84-D5CBC00D1E91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C70C9B83-A686-4A7D-92E4-8E72F4D08422}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD5B5EF0-193D-4BE2-8543-286EE20F1C19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FBFEFD88-03A4-4D87-A150-BA071E4732EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FA6BB7FC-FA4B-45C3-9260-DC394C42BA38}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{677BC909-4B91-4AAE-8AF6-9D94D1F96986}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{CCC5DDBF-FAC9-4AEA-88D9-9ABD7257053E}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D9A88884-6FA8-41A6-AAFE-C00CCD902E3D}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{94B7806D-DC8C-43F1-BACE-5112EA685E37}C:\users\ondre\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondre\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E9BABCE9-9306-4D5D-8F15-417038BE2922}C:\users\ondre\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondre\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{1F460B91-4ED5-46AC-9296-BE0D42475459}C:\users\ondre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC8748EC-B5CB-4A6F-86DE-7372AD8EF64C}C:\users\ondre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FE5ED2E1-4548-4E7E-B10F-A3ACF9AB5773}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2588A911-304B-497F-AD6D-2E315FA7CA64}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3AD97A67-3F6E-4D8D-AD8A-93F6E6370223}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6187E371-F477-4F64-9F64-9A55F5E5C627}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{67B59151-D359-4150-A395-FDD3C0C65748}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DC31E3A4-5206-477B-B48A-0964F0EB003B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6615C514-1535-4ED3-90DC-B9ED538C4DEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AFBB73BE-B0E2-40C8-8DE1-1DE794ABCBF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A867280E-08F7-41CE-844C-5B0D190CAC31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BLACKHOLE.exe
FirewallRules: [{E523B9C9-89D3-41B5-A290-9DCA4BB4DA94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BLACKHOLE.exe
FirewallRules: [{63C7DDAF-ABE1-4FF5-B10A-E03D299CDB06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{5864B6ED-061C-452F-920F-43E70524620B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{D5E7B220-76AF-41A9-8ED8-426D64ED0B31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{B25A0622-66EF-40A3-89B1-4FE3B2B8B0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{C0AAD0AA-11D0-41EF-B2B6-3A023758921E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{FAFF538A-8C47-42AD-89D4-993A476D6C94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{52A807D2-F5E9-436A-9EC0-F5FB23327316}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-02-2016 15:22:26 End of disinfection

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2016 08:33:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:33:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:33:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.63, časové razítko: 0x568b1fdc
Název chybujícího modulu: SearchUI.exe, verze: 10.0.10586.63, časové razítko: 0x568b1fdc
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000001b04d7
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (02/28/2016 08:33:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:32:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.10586.35, časové razítko: 0x566505bc
Název chybujícího modulu: ShellExperienceHost.exe, verze: 10.0.10586.35, časové razítko: 0x566505bc
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000085831
ID chybujícího procesu: 0x5c
Čas spuštění chybující aplikace: 0xShellExperienceHost.exe0
Cesta k chybující aplikaci: ShellExperienceHost.exe1
Cesta k chybujícímu modulu: ShellExperienceHost.exe2
ID zprávy: ShellExperienceHost.exe3
Úplný název chybujícího balíčku: ShellExperienceHost.exe4
ID aplikace související s chybujícím balíčkem: ShellExperienceHost.exe5

Error: (02/28/2016 08:32:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:32:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:21:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.WindowsStore_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:11:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 08:06:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: XEON)
Description: Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (02/28/2016 08:33:49 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: CortanaUI

Error: (02/28/2016 08:33:48 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App

Error: (02/28/2016 08:33:28 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (02/28/2016 08:32:21 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca

Error: (02/28/2016 08:32:20 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca

Error: (02/28/2016 08:21:36 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca

Error: (02/28/2016 08:11:08 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca

Error: (02/28/2016 08:06:36 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca

Error: (02/28/2016 08:06:36 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca

Error: (02/28/2016 08:06:36 PM) (Source: DCOM) (EventID: 10010) (User: XEON)
Description: App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca


CodeIntegrity:
===================================
Date: 2016-02-28 12:45:08.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-27 12:47:40.058
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-27 12:25:53.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-26 08:30:47.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-24 23:22:08.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-23 23:43:28.817
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-23 07:24:10.676
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-21 10:31:32.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-19 23:38:24.163
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-16 13:39:43.111
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16321.86 MB
Available physical RAM: 14151.29 MB
Total Virtual: 17345.86 MB
Available Virtual: 15152.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:30.05 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:931.02 GB) (Free:616.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 72430023)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6F777785)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Intel Xeon E3-1231v3 + SilentiumPC Fera 2
ASUS B85-PRO GAMER
Sapphire R9 270X Toxic Boost
Kingston HyperX Savage 16GB CL9 1600Mhz
Seasonic SS-620GM2 Evo 620W
Intel 520 120 GB + Seagate Barracuda 7200.14 - 1TB
iiyama ProLite X2483HSU-B1
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 74 hostů