Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Orcus » 24 říj 2015 19:34

Orcus píše:Co od Acronis nemáš legálně pořízené?
"127.0.0.1 activation.acronis.com "


+ dodej log z Combofixu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

Reklama
smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 08:04

Měl jsem Acronis True Image a Combofix mi nejde spustit na Win. 10
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 25 říj 2015 08:54

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 10:07

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015
Ran by Stana (administrator) on PC1 (25-10-2015 09:55:15)
Running from C:\Users\Stana\Desktop
Loaded Profiles: Stana (Available Profiles: Stana)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-25] (AVAST Software)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [614400 2009-08-15] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [583680 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.112.162.34 217.112.160.1
Tcpip\..\Interfaces\{63a85cca-4316-4b29-95ef-7671cc8ed4ef}: [DhcpNameServer] 217.112.162.34 217.112.160.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-13] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-19] (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-13] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-19] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-19] (Google Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 775708128F

FireFox:
========
FF ProfilePath: C:\Users\Stana\AppData\Roaming\Mozilla\Firefox\Profiles\wvp8yc2k.default-1445287102687
FF NewTab: about:newtab
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Stana\AppData\Roaming\Mozilla\Firefox\Profiles\wvp8yc2k.default-1445287102687\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-25] [not signed]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-25] (AVAST Software)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-19] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-19] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-25] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454528 2015-09-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-25] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S2 DgiVecp; C:\WINDOWS\SysWOW64\Drivers\DgiVecp.sys [38400 2009-06-09] (Samsung Electronics Co., Ltd.) [File not signed]
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-10-16] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-10-16] (Windows (R) Win 7 DDK provider)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-13] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-09-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-19] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 10:08

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-25 09:55 - 2015-10-25 09:55 - 00013010 _____ C:\Users\Stana\Desktop\FRST.txt
2015-10-25 09:54 - 2015-10-25 09:55 - 00000000 ____D C:\FRST
2015-10-25 09:53 - 2015-10-25 09:54 - 02196992 _____ (Farbar) C:\Users\Stana\Desktop\FRST64.exe
2015-10-25 09:53 - 2015-10-25 09:53 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-25 09:51 - 2015-10-25 09:51 - 00016148 _____ C:\WINDOWS\system32\PC1_Stana_HistoryPrediction.bin
2015-10-24 18:45 - 2015-10-25 09:51 - 00000000 ____D C:\Users\Stana\AppData\Local\CrashDumps
2015-10-24 17:28 - 2015-10-24 17:07 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-10-24 17:25 - 2015-10-24 17:25 - 00000000 ____D C:\Users\Stana\AppData\Local\PeerDistRepub
2015-10-24 17:08 - 2015-10-24 17:29 - 00007360 _____ C:\zoek-results.log
2015-10-24 17:07 - 2015-10-24 17:25 - 00000000 ____D C:\zoek_backup
2015-10-24 14:21 - 2015-10-24 16:57 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-10-24 14:21 - 2015-10-24 14:30 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-23 21:29 - 2015-10-24 09:27 - 00000000 ____D C:\AdwCleaner
2015-10-23 18:00 - 2007-06-28 13:36 - 00401720 _____ (Trend Micro Inc.) C:\Users\Stana\Desktop\HijackThis.exe
2015-10-20 21:37 - 2015-10-25 09:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-20 21:36 - 2015-10-22 18:15 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-20 21:36 - 2015-10-20 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-20 21:36 - 2015-10-20 21:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-20 21:36 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-20 21:36 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-20 21:36 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-20 19:40 - 2015-10-20 19:40 - 25816362 _____ C:\Users\Stana\Desktop\DEF LEPPARD - Dangerous (Official Audio) - PRE-ORDER NEW ALBUM NOW!.mp4
2015-10-20 16:31 - 2015-10-20 21:25 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Malwarebytes
2015-10-20 15:58 - 2015-10-20 16:09 - 00000000 ____D C:\Users\Stana\Desktop\Moje naskenované obrázky č.3
2015-10-20 15:54 - 2015-10-20 15:54 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-10-20 15:53 - 2015-10-22 18:15 - 00001426 _____ C:\Users\Public\Desktop\Centrum řešení HP.lnk
2015-10-20 15:53 - 2015-10-22 18:15 - 00001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace I.R.I.S. OCR.lnk
2015-10-20 15:53 - 2015-10-22 18:14 - 00001438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2015-10-20 15:53 - 2015-10-20 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-20 15:53 - 2015-10-20 15:53 - 00000000 ____D C:\ProgramData\HP Product Assistant
2015-10-20 15:51 - 2015-10-16 15:58 - 00218030 ____N C:\WINDOWS\hpoins19.dat.temp
2015-10-20 15:23 - 2015-10-20 15:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\HPActiveHealth
2015-10-20 15:23 - 2015-10-20 15:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\HPActiveHealth
2015-10-20 15:19 - 2015-10-22 18:14 - 00000080 _____ C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-10-19 21:55 - 2015-10-20 21:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 21:36 - 2015-10-19 21:40 - 00001569 _____ C:\Users\Stana\Desktop\firefox – zástupce.lnk
2015-10-19 21:24 - 2015-10-19 21:24 - 00000000 _____ C:\WINDOWS\system32\SBRC.dat
2015-10-19 21:07 - 2015-10-19 21:43 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-10-19 21:07 - 2015-10-19 21:07 - 00000000 ____D C:\Program Files (x86)\iS3
2015-10-19 17:15 - 2015-10-19 20:54 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2015-10-19 17:14 - 2015-10-19 17:14 - 00000376 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-19 16:28 - 2015-10-19 16:36 - 00000000 ____D C:\Users\Stana\Desktop\Moje naskenované obrázky 2 část
2015-10-16 21:13 - 2015-10-19 20:58 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-16 16:20 - 2015-10-19 16:36 - 00000000 ____D C:\Users\Stana\Desktop\Moje naskenované obrázky
2015-10-16 15:59 - 2015-10-16 15:59 - 00000000 ____D C:\Users\Stana\AppData\Local\HP
2015-10-16 15:58 - 2012-10-14 13:03 - 00015561 ____N C:\WINDOWS\hpomdl19.dat.temp
2015-10-16 15:56 - 2015-10-16 15:56 - 00000000 ____D C:\ProgramData\WEBREG
2015-10-16 15:54 - 2015-10-19 20:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 15:54 - 2015-10-16 15:54 - 00000000 ____D C:\Users\Stana\AppData\Roaming\HpUpdate
2015-10-16 15:53 - 2015-10-20 15:54 - 00000000 ____D C:\Program Files (x86)\HP
2015-10-16 15:52 - 2015-10-20 15:55 - 00218028 _____ C:\WINDOWS\hpoins19.dat
2015-10-16 15:52 - 2015-10-20 15:53 - 00000000 ____D C:\ProgramData\HP
2015-10-16 15:52 - 2012-10-14 13:03 - 00015561 ____N C:\WINDOWS\hpomdl19.dat
2015-10-16 15:38 - 2015-10-19 20:53 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForStana.job
2015-10-16 15:38 - 2015-10-17 19:15 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForStana
2015-10-16 15:35 - 2015-10-16 15:49 - 00000000 ____D C:\Users\Stana\AppData\Local\Hewlett-Packard
2015-10-16 15:35 - 2015-10-16 15:35 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Hewlett-Packard
2015-10-16 15:34 - 2015-10-20 15:23 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-10-16 15:34 - 2015-10-16 15:34 - 00000000 ____D C:\Users\Stana\AppData\Roaming\hpqLog
2015-10-16 15:34 - 2015-10-16 15:34 - 00000000 ____D C:\System.sav
2015-10-16 15:33 - 2015-10-20 15:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-10-16 15:33 - 2015-10-20 15:23 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-10-16 15:30 - 2015-10-16 15:30 - 00003174 _____ C:\WINDOWS\System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE}
2015-10-16 15:28 - 2015-10-20 15:55 - 00008782 _____ C:\ProgramData\hpzinstall.log
2015-10-16 15:28 - 2015-10-16 15:59 - 00000000 ____D C:\Users\Stana\AppData\Roaming\HP
2015-10-16 15:28 - 2015-10-16 15:28 - 00048640 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\HPZLLLHN.DLL
2015-10-16 15:27 - 2015-10-16 15:27 - 03867040 _____ C:\WINDOWS\system32\PortChanger.exe
2015-10-16 15:27 - 2015-10-16 15:27 - 02398112 _____ (Hewlett Packard) C:\WINDOWS\system32\hppldcoi.dll
2015-10-16 15:27 - 2015-10-16 15:27 - 00861184 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiav1.dll
2015-10-16 15:27 - 2015-10-16 15:27 - 00730624 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl1.dll
2015-10-16 15:27 - 2015-10-16 15:27 - 00498176 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst01.dll
2015-10-16 15:27 - 2015-10-16 15:27 - 00151968 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2015-10-16 15:27 - 2015-10-16 15:27 - 00049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2015-10-16 15:27 - 2015-10-16 15:27 - 00027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2015-10-14 16:26 - 2015-10-14 16:26 - 00000000 ____D C:\Users\Stana\Tracing
2015-10-14 16:25 - 2015-10-22 18:15 - 00002652 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-14 16:25 - 2015-10-14 21:01 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Skype
2015-10-14 16:25 - 2015-10-14 16:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 16:25 - 2015-10-14 16:25 - 00000000 ____D C:\Users\Stana\AppData\Local\Skype
2015-10-14 16:25 - 2015-10-14 16:25 - 00000000 ____D C:\ProgramData\Skype
2015-10-14 16:25 - 2015-10-14 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-13 18:18 - 2015-10-10 07:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-13 18:18 - 2015-10-10 07:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-13 18:18 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 18:18 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 18:18 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 18:18 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 18:18 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 18:18 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 18:18 - 2015-09-25 04:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-13 18:18 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 18:18 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 18:18 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 18:18 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 18:18 - 2015-09-25 03:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-13 18:18 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 18:18 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 18:18 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 18:17 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 18:17 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 18:17 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 18:17 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 18:17 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 18:17 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 18:17 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 18:17 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 18:17 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 18:17 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 18:17 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 18:17 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 18:17 - 2015-09-25 04:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-13 18:17 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 18:17 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 18:17 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 18:17 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 18:17 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 18:17 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 18:17 - 2015-09-25 04:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-13 18:17 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 18:17 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 18:17 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 18:17 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 18:17 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 18:17 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 18:17 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 18:17 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 18:17 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 18:17 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 18:17 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 18:17 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 18:17 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 18:17 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 18:17 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 18:17 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 18:17 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 18:17 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 18:17 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 18:17 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 18:17 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 18:17 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-11 09:56 - 2015-10-11 09:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-10 15:43 - 2015-10-10 15:43 - 00000000 ____D C:\Users\Stana\AppData\Local\Macromedia
2015-10-09 20:03 - 2015-10-25 07:51 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{335BD2E2-6E01-4FEE-A908-719A8FB3118C}
2015-10-09 20:01 - 2015-10-22 18:14 - 00002220 _____ C:\Users\Stana\Desktop\JDownloader 2.lnk
2015-10-09 20:01 - 2015-10-09 20:03 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Opera Software
2015-10-09 20:01 - 2015-10-09 20:01 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-10-09 20:00 - 2015-10-17 09:42 - 00000000 ____D C:\Users\Stana\AppData\Local\JDownloader v2.0
2015-10-09 20:00 - 2015-10-09 20:03 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-09 20:00 - 2015-10-09 20:00 - 00003354 _____ C:\WINDOWS\System32\Tasks\Opera N Saturday
2015-10-09 20:00 - 2015-10-09 20:00 - 00003350 _____ C:\WINDOWS\System32\Tasks\Opera N Sunday
2015-10-09 20:00 - 2015-10-09 20:00 - 00000000 ____D C:\Users\Stana\AppData\Roaming\Shortcut
2015-10-07 15:10 - 2015-10-07 15:10 - 00061701 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071610029303.log
2015-10-07 15:09 - 2015-10-07 15:09 - 00066395 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071609171037.log
2015-10-07 15:09 - 2015-10-07 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-07 15:09 - 2015-10-07 15:09 - 00000000 ____D C:\ProgramData\ATI
2015-10-07 15:09 - 2015-10-07 15:09 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-07 15:08 - 2015-10-07 15:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-10-07 15:08 - 2015-10-07 15:08 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-10-07 15:08 - 2015-10-07 15:08 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-10-07 15:08 - 2015-10-07 15:08 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-10-07 15:07 - 2015-10-07 15:07 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-07 15:07 - 2015-10-07 15:07 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-07 15:07 - 2015-10-07 15:07 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-07 15:07 - 2015-10-07 15:07 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-07 15:07 - 2015-10-07 15:07 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-07 15:07 - 2015-10-07 15:07 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-07 15:07 - 2015-10-07 15:07 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-07 15:07 - 2015-10-07 15:07 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-07 15:07 - 2015-10-07 15:07 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-07 15:07 - 2015-10-07 15:07 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-07 15:07 - 2015-10-07 15:07 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-05 17:30 - 2015-10-05 17:30 - 00000000 ____D C:\WINDOWS\Samsung
2015-10-05 17:30 - 2015-10-05 17:30 - 00000000 ____D C:\Temp
2015-10-05 17:30 - 2015-10-05 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung ML-1640 Series
2015-10-05 17:30 - 2015-10-05 17:30 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2015-10-05 17:30 - 2015-10-05 17:30 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-10-05 17:30 - 2009-07-31 03:01 - 00074240 _____ (Samsung Electronics) C:\WINDOWS\system32\ssdevm64.dll
2015-10-05 17:30 - 2009-07-31 03:01 - 00047104 _____ (Samsung Electronics) C:\WINDOWS\system32\ssusbp64.dll
2015-10-05 17:30 - 2009-07-27 00:34 - 00479232 _____ () C:\WINDOWS\ssndii.exe
2015-10-05 17:30 - 2009-06-09 06:18 - 00057344 _____ (Samsung Electronics) C:\WINDOWS\SysWOW64\ssdevm.dll
2015-10-05 17:30 - 2009-06-09 06:18 - 00049152 _____ (Samsung Electronics) C:\WINDOWS\SysWOW64\ssusbpn.dll
2015-10-05 17:30 - 2009-06-09 03:18 - 00038400 ____N (Samsung Electronics Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\DGIVECP.SYS
2015-10-05 17:30 - 2008-01-11 06:39 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2015-10-05 17:30 - 2008-01-11 06:39 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml2.dll
2015-10-05 17:30 - 2008-01-11 06:39 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2015-10-05 17:30 - 2008-01-11 06:39 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll
2015-10-05 17:30 - 2008-01-11 06:39 - 00038160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml2r.dll
2015-10-05 17:30 - 2008-01-11 06:39 - 00021776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml2a.dll
2015-10-05 17:30 - 2008-01-11 05:19 - 00022016 _____ () C:\WINDOWS\system32\ssp2ml6.dll
2015-10-05 17:30 - 2008-01-11 05:19 - 00000357 _____ C:\WINDOWS\system32\ssp2ml6.smt
2015-10-05 17:30 - 2008-01-11 05:17 - 00151552 _____ (SS) C:\WINDOWS\system32\ssp2mci.exe
2015-10-05 17:30 - 2008-01-11 05:17 - 00089600 _____ (SS) C:\WINDOWS\system32\ssp2mci.dll
2015-10-03 14:29 - 2015-10-25 09:49 - 00000000 ____D C:\Users\Stana\AppData\Roaming\MPC-HC
2015-10-03 09:00 - 2015-10-03 09:00 - 00000000 ____D C:\Users\Stana\AppData\Local\SmartView2
2015-10-01 17:43 - 2015-10-22 18:15 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2015-10-01 17:43 - 2015-10-22 18:15 - 00001098 _____ C:\Users\Public\Desktop\foobar2000.lnk
2015-10-01 17:43 - 2015-10-02 21:53 - 00000000 ____D C:\Users\Stana\AppData\Roaming\foobar2000
2015-10-01 17:43 - 2015-10-01 17:53 - 00000000 ____D C:\Program Files (x86)\foobar2000
2015-10-01 16:32 - 2015-09-17 07:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 16:32 - 2015-09-17 07:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 16:32 - 2015-09-17 07:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 16:32 - 2015-09-17 07:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 16:32 - 2015-09-17 07:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 16:32 - 2015-09-17 07:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 16:32 - 2015-09-17 07:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 16:32 - 2015-09-17 07:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 16:32 - 2015-09-17 07:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 16:32 - 2015-09-17 07:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 16:32 - 2015-09-17 07:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 16:32 - 2015-09-17 07:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 16:32 - 2015-09-17 07:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 16:32 - 2015-09-17 07:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 16:32 - 2015-09-17 07:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 16:32 - 2015-09-17 07:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 16:32 - 2015-09-17 07:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 16:32 - 2015-09-17 07:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 16:32 - 2015-09-17 07:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 16:32 - 2015-09-17 07:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 16:32 - 2015-09-17 07:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 16:32 - 2015-09-17 07:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 16:32 - 2015-09-17 07:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 16:32 - 2015-09-17 07:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 16:32 - 2015-09-17 07:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 16:32 - 2015-09-17 07:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 16:32 - 2015-09-17 07:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 16:32 - 2015-09-17 07:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 16:32 - 2015-09-17 07:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 16:32 - 2015-09-17 07:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 16:32 - 2015-09-17 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 16:32 - 2015-09-17 07:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 16:32 - 2015-09-17 07:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 16:32 - 2015-09-17 07:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 16:32 - 2015-09-17 07:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 16:32 - 2015-09-17 06:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 16:32 - 2015-09-17 06:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 16:32 - 2015-09-17 06:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 16:32 - 2015-09-17 06:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 16:32 - 2015-09-17 06:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 16:32 - 2015-09-17 06:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 16:32 - 2015-09-17 06:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 16:32 - 2015-09-17 06:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 16:32 - 2015-09-17 06:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 16:32 - 2015-09-17 06:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 16:32 - 2015-09-17 06:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 16:32 - 2015-09-17 06:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 16:32 - 2015-09-17 06:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 16:32 - 2015-09-17 06:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 16:32 - 2015-09-17 06:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 16:32 - 2015-09-17 06:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 16:32 - 2015-09-17 06:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 16:32 - 2015-09-17 06:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 16:32 - 2015-09-17 06:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 16:32 - 2015-09-17 06:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 16:32 - 2015-09-17 06:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 16:32 - 2015-09-17 06:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 16:32 - 2015-09-17 06:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 16:32 - 2015-09-17 06:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 16:32 - 2015-09-17 06:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 16:32 - 2015-09-17 06:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 16:32 - 2015-09-17 06:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 16:32 - 2015-09-17 06:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 16:32 - 2015-09-17 06:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 16:32 - 2015-09-17 06:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 16:32 - 2015-09-17 06:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 16:32 - 2015-09-17 06:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 16:32 - 2015-09-17 06:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 16:32 - 2015-09-17 06:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 16:32 - 2015-09-17 06:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 16:32 - 2015-09-17 06:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 16:32 - 2015-09-17 06:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 16:32 - 2015-09-17 06:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 16:32 - 2015-09-17 06:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 16:32 - 2015-09-17 06:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 16:32 - 2015-09-17 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 16:32 - 2015-09-17 06:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 16:32 - 2015-09-17 06:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 16:32 - 2015-09-17 06:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 16:32 - 2015-09-17 06:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 16:32 - 2015-09-17 06:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 16:32 - 2015-09-17 06:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 16:32 - 2015-09-17 06:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 16:32 - 2015-09-17 06:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 16:32 - 2015-09-17 06:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 16:32 - 2015-09-17 06:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 16:32 - 2015-09-17 06:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 16:32 - 2015-09-17 06:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 16:32 - 2015-09-17 06:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 16:32 - 2015-09-17 06:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 16:32 - 2015-09-17 06:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 16:32 - 2015-09-17 06:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 16:31 - 2015-09-19 06:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 16:31 - 2015-09-17 07:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 16:31 - 2015-09-17 07:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 16:31 - 2015-09-17 07:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 16:31 - 2015-09-17 07:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 16:31 - 2015-09-17 07:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 16:31 - 2015-09-17 07:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 16:31 - 2015-09-17 07:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 16:31 - 2015-09-17 07:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 16:31 - 2015-09-17 07:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 16:31 - 2015-09-17 07:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 16:31 - 2015-09-17 07:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 16:31 - 2015-09-17 07:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 16:31 - 2015-09-17 07:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 16:31 - 2015-09-17 07:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 16:31 - 2015-09-17 07:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 16:31 - 2015-09-17 07:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 16:31 - 2015-09-17 07:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 16:31 - 2015-09-17 07:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 16:31 - 2015-09-17 07:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 16:31 - 2015-09-17 07:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 16:31 - 2015-09-17 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 16:31 - 2015-09-17 07:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 16:31 - 2015-09-17 07:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 16:31 - 2015-09-17 07:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 16:31 - 2015-09-17 07:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 16:31 - 2015-09-17 07:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 16:31 - 2015-09-17 07:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 16:31 - 2015-09-17 07:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 16:31 - 2015-09-17 07:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 16:31 - 2015-09-17 07:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 16:31 - 2015-09-17 07:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 16:31 - 2015-09-17 07:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 16:31 - 2015-09-17 06:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 16:31 - 2015-09-17 06:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 16:31 - 2015-09-17 06:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 16:31 - 2015-09-17 06:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 16:31 - 2015-09-17 06:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 16:31 - 2015-09-17 06:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 16:31 - 2015-09-17 06:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 16:31 - 2015-09-17 06:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 16:31 - 2015-09-17 06:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 16:31 - 2015-09-17 06:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 16:31 - 2015-09-17 06:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 16:31 - 2015-09-17 06:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 16:31 - 2015-09-17 06:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 16:31 - 2015-09-17 06:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 16:31 - 2015-09-17 06:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 16:31 - 2015-09-17 06:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 16:31 - 2015-09-17 06:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 16:31 - 2015-09-17 06:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 16:31 - 2015-09-17 06:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 16:31 - 2015-09-17 06:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 16:31 - 2015-09-17 06:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 16:31 - 2015-09-17 06:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 16:31 - 2015-09-17 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 16:31 - 2015-09-17 06:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 16:31 - 2015-09-17 06:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 16:31 - 2015-09-17 06:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 16:31 - 2015-09-17 06:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 16:31 - 2015-09-17 06:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 16:31 - 2015-09-17 06:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 16:31 - 2015-09-17 06:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 16:31 - 2015-09-17 06:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 16:31 - 2015-09-17 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 16:31 - 2015-09-17 06:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 16:31 - 2015-09-17 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 16:31 - 2015-09-17 06:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 16:31 - 2015-09-17 06:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 16:31 - 2015-09-17 06:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-27 15:57 - 2015-10-11 16:07 - 00003002 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-09-27 15:57 - 2015-09-27 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-27 09:02 - 2015-09-27 09:02 - 00000000 ____D C:\Users\Stana\AppData\Roaming\OpenOffice
2015-09-26 08:12 - 2015-09-26 08:12 - 00000000 ____D C:\Users\Stana\AppData\Local\MicrosoftEdge
2015-09-26 08:03 - 2015-09-26 08:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-25 19:22 - 2015-09-25 19:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-25 16:03 - 2015-09-25 16:03 - 00454528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-25 16:03 - 2015-09-25 16:03 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-25 16:03 - 2015-09-25 16:03 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-09-25 15:24 - 2015-09-25 15:24 - 00000571 _____ C:\Users\Stana\Desktop\Harddisk (ET7X00) (Z) – zástupce.lnk
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 10:09

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-25 09:51 - 2015-09-16 19:09 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 09:51 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-25 09:51 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-10-25 09:50 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-25 09:49 - 2015-09-13 16:15 - 00000000 ____D C:\Users\Stana\AppData\Roaming\TS3Client
2015-10-25 09:49 - 2015-09-13 10:14 - 00000000 ____D C:\Users\Stana\AppData\Roaming\uTorrent
2015-10-25 09:26 - 2015-09-15 15:06 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-25 09:19 - 2015-09-16 19:09 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-24 17:35 - 2015-09-19 19:43 - 02030468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-24 17:35 - 2015-09-10 06:05 - 00838918 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-24 17:35 - 2015-09-10 06:05 - 00191246 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-24 17:08 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\restore
2015-10-24 14:19 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-24 09:55 - 2015-09-13 16:15 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-23 21:25 - 2015-09-19 19:44 - 00000000 ____D C:\Users\Stana
2015-10-23 17:58 - 2015-09-13 09:07 - 00000000 ____D C:\Users\Stana\AppData\Local\VirtualStore
2015-10-22 18:15 - 2015-09-20 08:06 - 00001177 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-10-22 18:15 - 2015-09-19 19:46 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-22 18:15 - 2015-09-16 19:09 - 00000901 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-22 18:15 - 2015-09-13 16:15 - 00001005 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-10-22 18:15 - 2015-09-13 09:10 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-22 18:14 - 2015-09-19 19:53 - 00002362 _____ C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-22 18:14 - 2015-09-19 19:53 - 00001051 _____ C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-10-22 18:14 - 2015-09-13 09:24 - 00000462 _____ C:\Users\Stana\Desktop\Místní disk (D).lnk
2015-10-20 16:39 - 2015-07-30 22:49 - 00221256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-20 16:14 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-20 15:54 - 2009-07-14 03:34 - 00000438 _____ C:\WINDOWS\win.ini
2015-10-20 15:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\security
2015-10-19 20:53 - 2015-09-13 09:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 16:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-16 15:35 - 2015-09-13 09:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 04:10 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 19:05 - 2015-09-13 11:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 19:03 - 2015-09-13 11:15 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-09 19:42 - 2015-09-16 19:09 - 00000000 ____D C:\Program Files\CCleaner
2015-10-07 15:09 - 2015-09-19 19:43 - 00000000 ____D C:\ProgramData\AMD
2015-10-07 15:09 - 2015-09-19 19:42 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-07 15:08 - 2015-09-13 09:14 - 00000000 ____D C:\AMD
2015-10-07 15:07 - 2015-08-20 20:51 - 12088008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 08864928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-07 15:07 - 2015-08-20 20:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-07 15:07 - 2015-08-20 20:46 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-07 15:07 - 2015-08-20 20:46 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-07 15:07 - 2015-08-20 20:46 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-07 15:07 - 2015-08-20 20:46 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-07 15:07 - 2015-08-20 20:46 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-07 15:07 - 2015-08-20 20:46 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-07 15:07 - 2015-08-20 20:46 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-06 19:08 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 15:34 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-05 15:34 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-05 15:34 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 15:34 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 15:34 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 15:33 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 15:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-05 15:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-03 09:06 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-30 19:54 - 2015-09-05 10:39 - 00000000 ____D C:\Hry
2015-09-27 15:57 - 2015-09-13 12:43 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-09-26 13:50 - 2015-09-16 19:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-26 07:55 - 2015-09-13 10:13 - 01696096 _____ (BitTorrent Inc.) C:\Users\Stana\Desktop\uTorrent.exe
2015-09-25 18:08 - 2015-09-19 19:51 - 00000000 ____D C:\Users\Stana\AppData\Local\Packages
2015-09-25 16:03 - 2015-09-13 09:22 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-09-25 16:03 - 2015-09-13 09:21 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-25 16:03 - 2015-09-13 09:21 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-09-25 15:46 - 2015-09-20 07:22 - 00000000 ____D C:\Users\Stana\AppData\Local\Comms
2015-09-25 15:26 - 2015-09-15 15:06 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-09-26 13:50 - 2015-09-26 13:50 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-10-16 15:28 - 2015-10-20 15:55 - 0008782 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-21 19:03

==================== End of FRST.txt ============================
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 10:09

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015
Ran by Stana (2015-10-25 09:55:57)
Running from C:\Users\Stana\Desktop
Windows 10 Pro (X64) (2015-09-19 18:51:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2526147630-3975037375-4209682967-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2526147630-3975037375-4209682967-503 - Limited - Disabled)
Guest (S-1-5-21-2526147630-3975037375-4209682967-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2526147630-3975037375-4209682967-1003 - Limited - Enabled)
Stana (S-1-5-21-2526147630-3975037375-4209682967-1000 - Administrator - Enabled) => C:\Users\Stana

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
1400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

24-10-2015 17:08:55 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-24 17:10 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {054D4957-E987-4A7C-AC8B-EAD876124DA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {09F0A767-7A07-468B-B49B-6F7BA7B3DEAB} - System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE} => pcalua.exe -a E:\setup.exe -d E:\
Task: {0A5528E2-5023-48BE-AF01-4F7A5FAEDA4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {0AFAB19C-2258-4F76-9CD3-2127F8F7378E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0E512F5F-0078-40E1-AB86-CAFD5BC11432} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {0EF25F72-DA78-4A51-B1F6-6DF2D478B127} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {13017C29-81AA-4CC8-AFCE-D5AC6165B5CB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {16A7CFAF-4010-4007-8D71-000A8A1E2CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1BEA5F0D-0B95-4F15-94A1-E36F768981E0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {1E16AD07-0811-4A04-B701-D2B147D292D5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {201B07CB-0C0C-49B8-8DE9-28B342F78FB9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-25] (AVAST Software)
Task: {25B8FFDA-601B-402B-A104-EA5D0005F4E1} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {27E079BA-DA9C-4EBC-AFB6-14DE96E60CD1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3E536EBE-B424-4CF6-A046-A2175C223DE9} - System32\Tasks\HPCeeScheduleForStana => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {3EFAABC0-E335-4C34-93B7-951EB65DED57} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
Task: {436D148D-F277-4871-9413-8F3874CB0B43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0DF6A8-1FC0-4192-9B55-02936326381D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {4AF4943A-0E5B-4F1A-B36A-93E99E5FE282} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {4C5350BF-3256-4BF9-A480-180A19D30549} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()
Task: {4D994BFB-9D72-4197-BA04-14545EF293E7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5D15F18D-A722-43B4-84EA-929CAEA13814} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {5E62BD9B-8BA2-48AC-99CF-4CEE5CF77630} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {61A663D4-2B9B-4108-955B-2C26BEDA0AA8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64251986-580F-48AC-9A61-5D1378461945} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {6660CF01-D6A3-4538-9F26-B477A601A490} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {722D5F9D-1667-44E0-9B34-62383434DA32} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8C02B29A-BCF8-483C-80A8-D596B7807C9A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {987C7C8C-778F-4763-897A-FBB858B6BC41} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {A78A68B0-7A09-4752-B1A8-11385FEF6075} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {AB49C563-D945-427F-8419-26CA63BF572B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {AD3A1787-05DC-4376-9B35-BD4DD19A71A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B0F0FD36-7033-43F9-8242-4DEEC4D487CB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B62422A2-AB7B-4404-BA3D-464FD873F9B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B9006CD2-153F-4E08-91C5-F34898B51C8C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BC99FE45-2418-4A05-80C9-9C4FC7B4C93C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {C20F5A45-96C3-4FF0-9972-7BB51CD08CA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D0A74183-80ED-4E62-B8B4-361612664768} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D54DA441-A9AB-455B-9881-E88143F2D983} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DBFAC74D-E305-430C-8F3F-85E851E4CD24} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EA105465-287C-486C-BFD1-3DEB562B21E8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F266725F-5E8A-42C6-B086-4F81B353D51F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F53710E6-8589-4859-ADAA-C57048724A3E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FDF4D748-A1FB-411A-B4BC-5ECA54F4B6E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FE60CF4B-0BF4-4C6B-A077-570D7DD2A8D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {FF803DC8-44B4-4358-81C7-6C54C8D9EADE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForStana.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 25 říj 2015 10:10

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 06:08 - 2015-09-10 06:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-05 17:30 - 2008-01-11 05:19 - 00022016 _____ () C:\WINDOWS\System32\ssp2ml6.dll
2015-09-10 06:08 - 2015-09-10 06:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 16:32 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-09-25 16:03 - 2015-09-25 16:03 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-25 16:03 - 2015-09-25 16:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-25 08:16 - 2015-10-25 08:16 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102500\algo.dll
2015-09-25 16:03 - 2015-09-25 16:03 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\AMD:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files (x86)\AMD:Win32App
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\K-Lite Codec Pack:Win32App
AlternateDataStreams: C:\Program Files (x86)\OpenOffice 4:Win32App

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.112.162.34 - 217.112.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Samsung PanelMgr"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{C2BC5938-824E-437C-8366-4F2BF9C8C1F7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{FFFFAC42-31E4-468C-AC2D-CAC4CD563197}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E1FCB100-3AAC-4AA6-A712-1221D0E17E72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{940C45CA-FE2A-4AFA-9BF2-5CAD25A9AD48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65FEA494-4BBA-4286-9E1F-AC0A73D8F555}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{82CEDB66-A1EE-4912-9031-0CDD9949821C}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B887FCB8-F75A-4751-BAED-622D2858BA8B}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CE4A5463-261D-4B48-BC05-B2EFC356B09A}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B567BF6-4AA2-4371-AD15-C98D31A835F1}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0D94DB0A-CB20-4B2D-9B28-8195384B97EF}] => (Allow) C:\Users\Stana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E08BBA6-50B2-452E-A374-6D90A534F0B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C033C66-D333-46B4-8AE7-FC7A70FA827D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FF5CD54D-49BB-4399-8244-BFB61A4EE819}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{83238051-D5E1-4C21-98A1-07FE3CE30F4A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E0B7805B-A048-4AFC-A9F9-18F425253C80}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{28501319-512E-4B89-B854-B8232796A987}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{75D1FFE2-6B7F-4CF9-942E-89CD5B1F5DEF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FA3EDE1D-3D03-40C8-A76D-ACF696DD36BE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A041C285-CB16-4BE7-BF14-0830FA6632CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{48F05E5A-F850-4849-9E76-9B7F291AC575}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{93DFC474-C9EB-49AE-B543-1FBAF5FDA146}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{52B5421C-AC1A-4788-B039-BCC60BF53196}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{78B55229-C035-443D-B6FA-C1F45D026F1A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{87943416-970C-4948-BD75-1ACA6DEC3878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{E4C3C3A8-63D7-4727-BA31-538647B422D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{E994414E-A181-433B-9DC1-D598F7E834A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{713AAE6C-60AC-40DF-AAA2-FA30F1873E36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4BEC923C-CD28-483C-A4EC-10CB3A421B5F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{FBB2E357-21FF-4BCB-8A26-B154D0A6E9AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{887B810C-6007-400B-878C-6498E1D250FB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2015 09:55:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:55:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:55:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:55:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HxTsr.exe verze 16.0.6310.4225 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1914

Čas spuštění: 01d10f02a339a3cf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe

ID hlášení: 278be682-7af6-11e5-8d83-1c6f6586f6ec

Úplný název balíčku s chybou: microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/25/2015 09:53:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:53:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:53:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci Microsoft.WindowsStore_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147024865. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:53:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci Microsoft.WindowsStore_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147024865. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:53:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci Microsoft.WindowsStore_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/25/2015 09:53:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC1)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (10/25/2015 09:55:37 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (10/25/2015 09:55:37 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (10/25/2015 09:55:37 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (10/25/2015 09:54:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/25/2015 09:53:37 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca

Error: (10/25/2015 09:53:37 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (10/25/2015 09:53:36 AM) (Source: DCOM) (EventID: 10001) (User: PC1)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca31App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mcaNení k dispoziciNení k dispozici

Error: (10/25/2015 09:53:36 AM) (Source: DCOM) (EventID: 10001) (User: PC1)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca31App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mcaNení k dispoziciNení k dispozici

Error: (10/25/2015 09:53:36 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca

Error: (10/25/2015 09:53:35 AM) (Source: DCOM) (EventID: 10010) (User: PC1)
Description: App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 44%
Total physical RAM: 4092.53 MB
Available physical RAM: 2251.85 MB
Total Virtual: 8188.53 MB
Available Virtual: 6109.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:74.45 GB) NTFS
Drive d: () (Fixed) (Total:232.78 GB) (Free:70.6 GB) NTFS
Drive z: () (Network) (Total:1396.95 GB) (Free:766.15 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0E9D65DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1BF61BF5)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 26 říj 2015 09:15

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 775708128F
FF NewTab: about:newtab
C:\WINDOWS\System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE}
Task: {054D4957-E987-4A7C-AC8B-EAD876124DA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {09F0A767-7A07-468B-B49B-6F7BA7B3DEAB} - System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE} => pcalua.exe -a E:\setup.exe -d E:\
Task: {0A5528E2-5023-48BE-AF01-4F7A5FAEDA4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {0AFAB19C-2258-4F76-9CD3-2127F8F7378E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0E512F5F-0078-40E1-AB86-CAFD5BC11432} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {13017C29-81AA-4CC8-AFCE-D5AC6165B5CB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {16A7CFAF-4010-4007-8D71-000A8A1E2CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1E16AD07-0811-4A04-B701-D2B147D292D5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {27E079BA-DA9C-4EBC-AFB6-14DE96E60CD1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {436D148D-F277-4871-9413-8F3874CB0B43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5E62BD9B-8BA2-48AC-99CF-4CEE5CF77630} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {61A663D4-2B9B-4108-955B-2C26BEDA0AA8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64251986-580F-48AC-9A61-5D1378461945} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {722D5F9D-1667-44E0-9B34-62383434DA32} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {AD3A1787-05DC-4376-9B35-BD4DD19A71A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B62422A2-AB7B-4404-BA3D-464FD873F9B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C20F5A45-96C3-4FF0-9972-7BB51CD08CA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D0A74183-80ED-4E62-B8B4-361612664768} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D54DA441-A9AB-455B-9881-E88143F2D983} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DBFAC74D-E305-430C-8F3F-85E851E4CD24} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EA105465-287C-486C-BFD1-3DEB562B21E8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FDF4D748-A1FB-411A-B4BC-5ECA54F4B6E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\webcompanion.com -> hxxp://webcompanion.com

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 27 říj 2015 16:58

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\...\webcompanion.com -> hxxp://webcompanion.com

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
FF NewTab: about:newtab => not found
C:\WINDOWS\System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{054D4957-E987-4A7C-AC8B-EAD876124DA0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{054D4957-E987-4A7C-AC8B-EAD876124DA0}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F0A767-7A07-468B-B49B-6F7BA7B3DEAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F0A767-7A07-468B-B49B-6F7BA7B3DEAB}" => key removed successfully
C:\WINDOWS\System32\Tasks\{E0B68F51-D5CF-484C-B7EC-39900F1880EE} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0B68F51-D5CF-484C-B7EC-39900F1880EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A5528E2-5023-48BE-AF01-4F7A5FAEDA4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A5528E2-5023-48BE-AF01-4F7A5FAEDA4E}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AFAB19C-2258-4F76-9CD3-2127F8F7378E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AFAB19C-2258-4F76-9CD3-2127F8F7378E}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E512F5F-0078-40E1-AB86-CAFD5BC11432}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E512F5F-0078-40E1-AB86-CAFD5BC11432}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13017C29-81AA-4CC8-AFCE-D5AC6165B5CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13017C29-81AA-4CC8-AFCE-D5AC6165B5CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16A7CFAF-4010-4007-8D71-000A8A1E2CDD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16A7CFAF-4010-4007-8D71-000A8A1E2CDD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E16AD07-0811-4A04-B701-D2B147D292D5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E16AD07-0811-4A04-B701-D2B147D292D5}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27E079BA-DA9C-4EBC-AFB6-14DE96E60CD1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27E079BA-DA9C-4EBC-AFB6-14DE96E60CD1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{436D148D-F277-4871-9413-8F3874CB0B43}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{436D148D-F277-4871-9413-8F3874CB0B43}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E62BD9B-8BA2-48AC-99CF-4CEE5CF77630}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E62BD9B-8BA2-48AC-99CF-4CEE5CF77630}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61A663D4-2B9B-4108-955B-2C26BEDA0AA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61A663D4-2B9B-4108-955B-2C26BEDA0AA8}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64251986-580F-48AC-9A61-5D1378461945}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64251986-580F-48AC-9A61-5D1378461945}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{722D5F9D-1667-44E0-9B34-62383434DA32}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722D5F9D-1667-44E0-9B34-62383434DA32}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD3A1787-05DC-4376-9B35-BD4DD19A71A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD3A1787-05DC-4376-9B35-BD4DD19A71A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B62422A2-AB7B-4404-BA3D-464FD873F9B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B62422A2-AB7B-4404-BA3D-464FD873F9B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20F5A45-96C3-4FF0-9972-7BB51CD08CA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20F5A45-96C3-4FF0-9972-7BB51CD08CA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0A74183-80ED-4E62-B8B4-361612664768}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0A74183-80ED-4E62-B8B4-361612664768}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D54DA441-A9AB-455B-9881-E88143F2D983}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D54DA441-A9AB-455B-9881-E88143F2D983}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBFAC74D-E305-430C-8F3F-85E851E4CD24}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBFAC74D-E305-430C-8F3F-85E851E4CD24}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA105465-287C-486C-BFD1-3DEB562B21E8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA105465-287C-486C-BFD1-3DEB562B21E8}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDF4D748-A1FB-411A-B4BC-5ECA54F4B6E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDF4D748-A1FB-411A-B4BC-5ECA54F4B6E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully
"HKU\S-1-5-21-2526147630-3975037375-4209682967-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully
EmptyTemp: => 99.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:56:07 ====
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W

Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jerabina » 27 říj 2015 18:38

Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.

smarda84
Level 1.5
Level 1.5
Příspěvky: 142
Registrován: květen 15
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod smarda84 » 27 říj 2015 20:48

Problémy jsem už nepozoroval žádné




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:43:52, on 27.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.BingWeather_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Stana\AppData\Local\Temp\Rar$EXa0.302\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Stana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7863 bytes
CPU:Intel Pentium G4560 @ 3.50 GHz, GPU:NVIDIA GeForce GTX 1050 Ti, RAM: Kingston 8 Gb DDR 4, MB: MSI B250M PRO-VD,
SSD: Kingston SSDNow V300 120Gb, Hdd:1 Seagate Barracuda 250 Gb, 2 Western Digital Caviar Blue 1 TB, PSU: Fortron ATX-400PNF 400W


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Google [Bot] a 84 hostů