neustale se mi otviraji nove panely v chrome

[martybx]

Dobry den preji,
muzete mi prosim poradit jak se toho nerada co nas neustale obtezuje zbavit?
log je zde:

Kód: Vybrat vše

Logfile of random's system information tool 1.14 (written by random/random) 
Run by Petr at 2017-01-06 14:40:13
Microsoft Windows 10 Home 
System drive C: has 18 GB (24%) free of 76 GB
Total RAM: 3037 MB (38% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:40:33, on 6.1.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files\Elantech\ETDCtrl.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x86__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\Kerio\Workspace Client\WorkspaceClient.exe
C:\Users\Petr\AppData\Local\Temp\ese3758.tmp.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\eset\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Petr\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Kerio Workspace Client] C:\Program Files\Kerio\Workspace Client\workspaceclient.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Kerio Updater Service (ktupdaterservice) - Kerio Technologies Inc. - C:\Program Files\Kerio\UpdaterService\ktupdaterservice.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @oem30.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe

--
End of file - 7832 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e22d6c16c082.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0f51287ebcaf6.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12ed86d010721.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d04216b5ec355.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0e22d6cc0be9f.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Chrome Cleanup Tool logs upload retry - c:\users\petr\downloads\chrome_cleanup_tool.exe --upload-log-file --elevated
C:\WINDOWS\system32\tasks\ESET Windows 10 upgrade – Perform upgrade - C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe /upgrade
C:\WINDOWS\system32\tasks\ESET Windows 10 upgrade – Refresh settings - C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0e22d6c16c082 - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0f51287ebcaf6 - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d12ed86d010721 - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d15e009e99f71c - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1d04216b5ec355 - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1d0e22d6cc0be9f - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1d0f5128a812585 - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
C:\WINDOWS\system32\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon - "C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe" --automatic
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe 
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{5C339D4B-B3DC-48B9-AE77-0C8D494AF49C} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{2CCCE238-B7FF-48C1-A9A2-6D16DF601E03} - C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\K-Lite Codec Pack\unins000.exe"
C:\WINDOWS\system32\tasks\{6708A899-24A9-494F-8C28-0C098C43778B} - C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\MyFree Codec\1.0b beta\uninstall.exe"
C:\WINDOWS\system32\tasks\{9F77B165-5864-42C7-9092-2C89219DBC38} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\Škola\Programy Matematika\!Software\Math Studio\mts15full_cz.exe" -d "C:\Users\Petr\Desktop\Škola\Programy Matematika\!Software\Math Studio"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-1193033861-3128224475-3259186373-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MpIdleTask - c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam Lištička - Email 1.3.14
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.2.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.12.2
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.7.10
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5216.530.0.14
Homepage: https://www.seznam.cz/
default_search_provider.search_url: 
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 2484424]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Kerio Workspace Client"=C:\Program Files\Kerio\Workspace Client\workspaceclient.exe [2014-03-26 3451192]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 1474560]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2016-01-08 318248]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-07-16 483840]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 5078504]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-12-14 2776528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2016-11-04 255224]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-12-15 1517280]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2016-01-08 1572648]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2013-12-30 578560]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2016-01-08 1021736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-06 14:40:13 ----D---- C:\rsit
2017-01-06 14:40:13 ----D---- C:\Program Files\trend micro
2017-01-06 13:55:29 ----A---- C:\WINDOWS\system32\drivers\MBAMChameleon.sys
2017-01-06 13:55:18 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-01-06 13:55:18 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-01-06 13:55:01 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-01-06 13:54:48 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-01-06 13:54:25 ----A---- C:\WINDOWS\system32\drivers\mbae.sys
2017-01-06 13:54:07 ----D---- C:\ProgramData\Malwarebytes
2017-01-06 13:54:07 ----D---- C:\Program Files\Malwarebytes
2017-01-06 12:11:06 ----HD---- C:\$SysReset
2017-01-05 17:27:50 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-05 17:24:52 ----D---- C:\ProgramData\AVAST Software
2016-12-20 13:36:12 ----ASH---- C:\pagefile.sys
2016-12-16 15:42:33 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-12-16 15:42:32 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-12-16 15:42:32 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-12-16 15:42:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-12-16 15:42:28 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-12-16 15:42:27 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-12-16 15:42:26 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-12-16 15:42:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-12-16 15:42:19 ----A---- C:\WINDOWS\system32\msi.dll
2016-12-16 15:42:17 ----A---- C:\WINDOWS\system32\InputService.dll
2016-12-16 15:42:17 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-12-16 15:42:16 ----A---- C:\WINDOWS\system32\winresume.exe
2016-12-16 15:42:16 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-12-16 15:42:16 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-12-16 15:42:16 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-12-16 15:42:16 ----A---- C:\WINDOWS\system32\bcrypt.dll
2016-12-16 15:42:15 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-16 15:42:15 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-16 15:42:15 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-16 15:42:14 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2016-12-16 15:42:13 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-16 15:42:11 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-12-16 15:42:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-16 15:42:10 ----A---- C:\WINDOWS\system32\ShareHost.dll
2016-12-16 15:42:10 ----A---- C:\WINDOWS\system32\cdp.dll
2016-12-16 15:42:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-16 15:42:07 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-12-16 15:42:07 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-12-16 15:42:02 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-12-16 15:42:02 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-12-16 15:42:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-12-16 15:41:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-12-16 15:41:59 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-12-16 15:41:57 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-16 15:41:56 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-12-16 15:41:56 ----A---- C:\WINDOWS\system32\win32k.sys
2016-12-16 15:41:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-12-16 15:41:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-12-16 15:41:56 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-12-16 15:41:55 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-12-16 15:41:55 ----A---- C:\WINDOWS\system32\cdd.dll
2016-12-16 15:41:52 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-16 15:41:51 ----A---- C:\WINDOWS\system32\user32.dll
2016-12-16 15:41:51 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-12-16 15:41:51 ----A---- C:\WINDOWS\system32\aadtb.dll
2016-12-16 15:41:51 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2016-12-16 15:41:50 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-12-16 15:41:50 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-12-16 15:41:50 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-16 15:41:47 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-16 15:41:45 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-16 15:41:45 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-16 15:41:43 ----A---- C:\WINDOWS\system32\msdtctm.dll
2016-12-16 15:41:43 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-09 22:49:30 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-12-09 22:49:30 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-12-09 22:49:30 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 22:49:29 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-12-09 22:49:29 ----A---- C:\WINDOWS\system32\ole32.dll
2016-12-09 22:49:29 ----A---- C:\WINDOWS\system32\msctf.dll
2016-12-09 22:49:29 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 22:49:28 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 22:49:28 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 22:49:28 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 22:49:28 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-12-09 22:49:27 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 22:49:27 ----A---- C:\WINDOWS\system32\umpoext.dll
2016-12-09 22:49:27 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 22:49:27 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 22:49:26 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-12-09 22:49:26 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2016-12-09 22:49:26 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-12-09 22:49:25 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-09 22:49:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-12-09 22:49:24 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-12-09 22:49:24 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 22:49:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-12-09 22:49:22 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 22:49:22 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 22:49:21 ----A---- C:\WINDOWS\system32\wininet.dll
2016-12-09 22:49:21 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 22:49:20 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-12-09 22:49:20 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-12-09 22:49:20 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 22:49:20 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-12-09 22:49:19 ----A---- C:\WINDOWS\system32\mos.dll
2016-12-09 22:49:18 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 22:49:17 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 22:49:17 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 22:49:17 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-12-09 22:49:15 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-12-09 22:49:15 ----A---- C:\WINDOWS\system32\rasmans.dll
2016-12-09 22:49:15 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-12-09 22:49:15 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-12-09 22:49:15 ----A---- C:\WINDOWS\system32\efswrt.dll
2016-12-09 22:49:14 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 22:49:14 ----A---- C:\WINDOWS\system32\rascustom.dll
2016-12-09 22:49:14 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 22:49:14 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\MapRouter.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-12-09 22:49:13 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 22:49:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-12-09 22:49:12 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\moshost.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 22:49:11 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 22:49:10 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\sppnp.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 22:49:09 ----A---- C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 22:49:08 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-12-09 22:49:06 ----A---- C:\WINDOWS\system32\shell32.dll
2016-12-09 22:49:04 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-12-09 22:49:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-12-09 22:49:03 ----A---- C:\WINDOWS\system32\wkssvc.dll
2016-12-09 22:49:03 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-12-09 22:49:03 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 22:49:01 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-12-09 22:48:57 ----A---- C:\WINDOWS\system32\combase.dll
2016-12-09 22:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 22:48:55 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-12-09 22:48:54 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 22:48:47 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 22:48:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 22:48:38 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 22:48:36 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-12-09 22:48:36 ----A---- C:\WINDOWS\system32\setupugc.exe
2016-12-09 22:48:36 ----A---- C:\WINDOWS\system32\lsm.dll
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\wsecedit.dll
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\wscapi.dll
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\services.exe
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 22:48:35 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-12-09 22:48:34 ----A---- C:\WINDOWS\system32\wincorlib.dll
2016-12-09 22:48:34 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-12-09 22:48:34 ----A---- C:\WINDOWS\system32\mtxclu.dll
2016-12-09 22:48:34 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 22:48:34 ----A---- C:\WINDOWS\system32\dialserver.dll
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\wscinterop.dll
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-12-09 22:48:33 ----A---- C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 22:48:32 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 22:48:30 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 22:48:30 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-12-09 22:48:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-09 22:48:29 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 22:48:29 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 22:48:29 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-12-09 22:48:28 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 22:48:28 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-12-09 22:48:28 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-12-09 22:48:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-09 22:48:27 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 22:48:27 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-12-09 22:48:27 ----A---- C:\WINDOWS\system32\gameux.dll
2016-12-09 22:48:26 ----A---- C:\WINDOWS\explorer.exe
2016-12-09 22:48:25 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 22:48:24 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 22:48:24 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-09 22:48:23 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 22:48:22 ----A---- C:\WINDOWS\system32\twinui.dll
2016-12-09 22:48:21 ----A---- C:\WINDOWS\system32\netshell.dll
2016-12-09 22:48:21 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 22:48:19 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-12-09 22:48:19 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-12-09 22:48:19 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2016-12-09 22:48:19 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-12-09 22:48:18 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 22:48:18 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-12-09 22:48:18 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 22:48:18 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-12-09 22:48:13 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 22:48:13 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 22:48:12 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 22:48:12 ----A---- C:\WINDOWS\system32\migisol.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\sendmail.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\lpremove.exe
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\drivers\modem.sys
2016-12-09 22:48:09 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 22:48:06 ----A---- C:\WINDOWS\system32\apprepapi.dll
2016-12-09 22:48:05 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 22:48:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-12-09 22:48:05 ----A---- C:\WINDOWS\system32\apprepsync.dll
2016-12-09 22:48:04 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-12-09 22:48:02 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 22:48:02 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 22:48:02 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-12-09 22:48:02 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll

======List of files/folders modified in the last 1 month======

2017-01-06 14:40:20 ----D---- C:\WINDOWS\Prefetch
2017-01-06 14:40:13 ----RD---- C:\Program Files
2017-01-06 14:40:10 ----D---- C:\WINDOWS\Temp
2017-01-06 14:25:20 ----D---- C:\WINDOWS\system32\Tasks
2017-01-06 14:24:04 ----D---- C:\WINDOWS\system32\sru
2017-01-06 14:24:04 ----D---- C:\WINDOWS\system32\catroot2
2017-01-06 14:23:36 ----D---- C:\Users\Petr\AppData\Roaming\IHlpr
2017-01-06 13:55:29 ----D---- C:\WINDOWS\system32\drivers
2017-01-06 13:54:07 ----HD---- C:\ProgramData
2017-01-06 12:38:29 ----D---- C:\WINDOWS\AppReadiness
2017-01-06 11:53:54 ----D---- C:\WINDOWS\Logs
2017-01-06 11:49:56 ----SHD---- C:\WINDOWS\Installer
2017-01-06 11:49:23 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-06 11:49:23 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-06 11:49:23 ----D---- C:\WINDOWS\INF
2017-01-06 09:56:48 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-06 09:53:54 ----D---- C:\WINDOWS\System32
2017-01-05 18:37:29 ----D---- C:\Windows
2017-01-05 18:04:12 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2017-01-05 18:03:49 ----D---- C:\WINDOWS\system32\config
2017-01-05 17:48:54 ----D---- C:\WINDOWS\Tasks
2017-01-05 17:44:10 ----D---- C:\WINDOWS\system32\WDI
2017-01-05 17:27:54 ----D---- C:\WINDOWS\WinSxS
2017-01-05 14:48:28 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-05 12:18:55 ----HD---- C:\Program Files\WindowsApps
2017-01-04 13:13:11 ----RD---- C:\Users
2016-12-31 13:32:51 ----D---- C:\WINDOWS\system32\SleepStudy
2016-12-31 13:07:18 ----D---- C:\Program Files\Google
2016-12-31 13:03:50 ----D---- C:\WINDOWS\system32\NDF
2016-12-31 12:42:18 ----D---- C:\ProgramData\Google
2016-12-24 16:32:51 ----D---- C:\WINDOWS\rescache
2016-12-21 11:08:38 ----RD---- C:\WINDOWS\assembly
2016-12-20 13:34:39 ----D---- C:\WINDOWS\system32\en-US
2016-12-20 13:34:39 ----D---- C:\WINDOWS\ShellExperiences
2016-12-20 13:34:38 ----D---- C:\WINDOWS\system32\Boot
2016-12-20 13:34:38 ----D---- C:\WINDOWS\apppatch
2016-12-17 22:29:10 ----D---- C:\WINDOWS\CbsTemp
2016-12-17 22:09:34 ----D---- C:\WINDOWS\system32\MRT
2016-12-17 16:14:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-12-15 06:10:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-12 00:56:25 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-10 14:08:35 ----A---- C:\WINDOWS\system32\ssleay32.dll
2016-12-10 14:08:35 ----A---- C:\WINDOWS\system32\libeay32.dll
2016-12-10 14:07:48 ----A---- C:\WINDOWS\system32\ssins.exe
2016-12-10 13:55:57 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 13:55:57 ----D---- C:\WINDOWS\system32\wbem
2016-12-10 13:55:55 ----D---- C:\WINDOWS\system32\Sysprep
2016-12-10 13:55:55 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 13:55:55 ----D---- C:\WINDOWS\system32\oobe
2016-12-10 13:55:55 ----D---- C:\WINDOWS\system32\Dism
2016-12-10 13:55:54 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-12-10 13:55:54 ----D---- C:\WINDOWS\servicing
2016-12-10 13:55:54 ----D---- C:\WINDOWS\bcastdvr
2016-12-10 13:55:54 ----D---- C:\Program Files\Internet Explorer

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 42336]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-01-06 219072]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae.sys [2016-12-14 59968]
R1 MpKsl9527d3fe;MpKsl9527d3fe; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9CEB7B41-648E-48A1-829F-8D7F56997847}\MpKsl9527d3fe.sys [2017-01-06 39168]
R1 ndisrd;@oem11.inf,%ndisrfl_Desc%;Intel(R) Technology Access Filter Driver; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [2014-10-30 35544]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 58368]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-01-10 105760]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-01-06 153024]
R3 athr;@netathr.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwn.sys [2016-07-16 3228672]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 514760]
R3 L1E;@netl1e86.inf,%L1E.Service.DispName%;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1E62x86.sys [2016-07-16 55296]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-01-06 87496]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-01-06 39360]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-01-06 73152]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-10-06 130560]
R3 MTsensor;@oem33.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\drivers\ATKACPI.sys [2007-07-31 7680]
R3 NetTap60;@oem34.inf,%NetTap.Service.DispName%;Intel(R) Technology Access TAP Driver (NDIS 6.0); C:\WINDOWS\system32\DRIVERS\nettap60.sys [2014-10-30 42712]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 56672]
S2 Parvdm;Parvdm; C:\WINDOWS\System32\drivers\parvdm.sys [2016-07-16 9216]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 12800]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 12288]
S3 dg_ssudbus;@oem39.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 109184]
S3 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-02-14 171680]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2016-07-16 22016]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 25600]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2016-07-16 61936]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 30208]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 94720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 62976]
S3 ssudmdm;@oem16.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 147072]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 76800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 CDPUserSvc_473ed;CDPUserSvc_473ed; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-03-21 1341664]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 124616]
R2 Intel(R) TechnologyAccessService;Intel(R) Technology Access Service; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [2015-03-17 75488]
R2 ktupdaterservice;Kerio Updater Service; C:\Program Files\Kerio\UpdaterService\ktupdaterservice.exe [2014-03-26 949760]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-12-14 3381200]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-10-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 OneSyncSvc_473ed;Hostitel synchronizace_473ed; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2016-11-04 100088]
R3 PimIndexMaintenanceSvc_473ed;Data kontaktů_473ed; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
R3 UnistoreSvc_473ed;Úložiště uživatelských dat_473ed; C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2014-12-15 8192]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 iumsvc;Intel(R) Update Manager; C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09 174368]
S3 MessagingService_473ed;Služba zasílání zpráv_473ed; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-07-16 47280]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

dekuji

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[martybx]

log je zde:

Kód: Vybrat vše

# AdwCleaner v6.041 - Log vytvořen 06/01/2017 v 19:35:40
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2017-01-06.1 [Server]
# Operační systém : Windows 10 Home  (X86)
# Uživatelské jméno : Petr - PETR-ASUS
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Petr\AppData\Roaming\IHlpr
[-] Složka smazána: C:\Program Files\myfree codec


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: Pokki
[-] Úloha smazána: Chrome Cleanup Tool logs upload retry


***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč smazán: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\Software\Myfree Codec
[-] Klíč smazán: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\Software\Pokki
[-] Klíč smazán: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Myfree Codec
[#] Klíč smazán po restartu: HKCU\Software\Pokki
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Myfree Codec
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2371 Bajty] - [06/01/2017 19:35:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [2648 Bajty] - [06/01/2017 19:32:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2517 Bajty] ##########

[Rudy]

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[martybx]

log:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017
Ran by Petr (administrator) on PETR-ASUS (06-01-2017 20:18:37)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\eset\ESET NOD32 Antivirus\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Kerio Technologies Inc.) C:\Program Files\Kerio\UpdaterService\ktupdaterservice.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\eset\ESET NOD32 Antivirus\egui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Kerio Technologies Inc.) C:\Program Files\Kerio\Workspace Client\WorkspaceClient.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2484424 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Kerio Workspace Client] => C:\Program Files\Kerio\Workspace Client\workspaceclient.exe [3451192 2014-03-26] (Kerio Technologies Inc.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560 2009-07-13] (VIA)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-04] (TomTom)
HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-12-30] (Samsung Electronics)
HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.201.4 192.168.200.5
Tcpip\..\Interfaces\{5b4683f9-bef5-4be8-907a-953760075fb4}: [DhcpNameServer] 192.168.201.4 192.168.200.5
Tcpip\..\Interfaces\{a29020d4-42dd-4cec-aeff-12ec84500d0d}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FireFox:
========
FF DefaultProfile: p61fqksj.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default [2016-11-23]
FF Extension: (Emulator) - C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default\Extensions\Navcore.9.510.1234792@tomtom.com [2016-04-23] [not signed]
FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-11-23] [not signed]
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default [2016-12-20]
FF user.js: detected! => C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\user.js [2014-12-17]
FF Homepage: Mozilla\Firefox\Profiles\p61fqksj.default -> hxxps://www.seznam.cz/
FF Extension: (Language Manager) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\Extensions\LanguageManager@8pecxstudios.com.xpi [2015-08-17]
FF Extension: (Google Translator for Firefox) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\Extensions\translator@zoli.bod.xpi [2015-07-06]
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\searchplugins\askcom.xml [2010-02-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxps://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Profile 1 -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> seznam.cz
CHR DefaultSuggestURL: Profile 1 -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2016-08-30]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-14]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-10-30]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-26]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-06]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-22]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-22]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-22]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-12-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-11-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-22]
CHR Extension: (Minesweeper) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnleehnibepgbhkdfkfcofpbcldpngcb [2016-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-22]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2016-08-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2241992 2016-12-14] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [124616 2015-10-07] (ELAN Microelectronics Corp.)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [75488 2015-03-17] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
S2 KMService; C:\Windows\system32\srvany.exe [8192 2014-12-15] () [File not signed]
R2 ktupdaterservice; C:\Program Files\Kerio\UpdaterService\ktupdaterservice.exe [949760 2014-03-26] (Kerio Technologies Inc.) [File not signed]
R2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [234496 2016-07-16] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [241152 2016-11-11] (Microsoft Corporation) [File not signed]
R3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [30208 2016-07-16] (Microsoft Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-12-14] (Malwarebytes)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [113544 2016-12-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-12-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [140984 2016-12-13] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [62528 2016-12-13] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59968 2016-12-14] ()
R3 ETD; C:\WINDOWS\system32\DRIVERS\ETD.sys [514760 2015-10-07] (ELAN Microelectronics Corp.)
R3 L1E; C:\WINDOWS\System32\drivers\L1E62x86.sys [55296 2016-07-16] (Atheros Communications, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [153024 2017-01-06] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [87496 2017-01-06] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2017-01-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [219072 2017-01-06] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [73152 2017-01-06] (Malwarebytes)
R1 MpKsl0fff59a9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BB1DA9B-EA04-4DA4-A868-69286AF45B9C}\MpKsl0fff59a9.sys [39168 2017-01-06] (Microsoft Corporation)
R1 MpKsl1a6122c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2C1396A-5857-4DAA-9224-764CAD12E376}\MpKsl1a6122c5.sys [39168 2017-01-06] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\drivers\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [35544 2014-10-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NetTap60; C:\WINDOWS\system32\DRIVERS\nettap60.sys [42712 2014-10-30] (Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 20:18 - 2017-01-06 20:19 - 00019308 _____ C:\Users\Petr\Desktop\FRST.txt
2017-01-06 20:17 - 2017-01-06 20:18 - 00000000 ____D C:\FRST
2017-01-06 20:16 - 2017-01-06 20:16 - 01760256 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2017-01-06 20:13 - 2017-01-06 20:14 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2017-01-06 19:27 - 2017-01-06 19:35 - 00000000 ____D C:\AdwCleaner
2017-01-06 19:26 - 2017-01-06 19:27 - 03977168 _____ C:\Users\Petr\Desktop\adwcleaner_6.041.exe
2017-01-06 14:42 - 2017-01-06 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-06 14:42 - 2017-01-06 14:42 - 00000000 ____D C:\ProgramData\ESET
2017-01-06 14:40 - 2017-01-06 14:40 - 00000000 ____D C:\rsit
2017-01-06 14:40 - 2017-01-06 14:40 - 00000000 ____D C:\Program Files\trend micro
2017-01-06 14:39 - 2017-01-06 14:40 - 01201664 _____ C:\Users\Petr\Downloads\RSIT.exe
2017-01-06 14:06 - 2017-01-06 14:06 - 00004028 _____ C:\Users\Petr\Desktop\nalezene malware.txt
2017-01-06 13:55 - 2017-01-06 19:38 - 00087496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-06 13:55 - 2017-01-06 19:38 - 00073152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-06 13:55 - 2017-01-06 19:38 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-06 13:55 - 2017-01-06 13:55 - 00153024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-06 13:54 - 2017-01-06 19:38 - 00219072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-06 13:54 - 2017-01-06 13:54 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-06 13:54 - 2017-01-06 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-06 13:54 - 2017-01-06 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-06 13:54 - 2017-01-06 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-06 13:54 - 2016-12-14 12:55 - 00059968 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-01-06 13:53 - 2017-01-06 13:53 - 54199488 _____ (Malwarebytes ) C:\Users\Petr\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-06 13:51 - 2017-01-06 13:51 - 03017720 _____ (Google) C:\Users\Petr\Downloads\chrome_cleanup_tool.exe
2017-01-06 12:11 - 2017-01-06 12:11 - 00000000 ___HD C:\$SysReset
2017-01-05 17:27 - 2017-01-05 17:27 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2017-01-05 17:24 - 2017-01-05 18:37 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-05 15:26 - 2017-01-05 15:32 - 00000000 ____D C:\Users\Petr\Desktop\radio
2017-01-04 13:13 - 2017-01-04 13:13 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2017-01-04 13:13 - 2017-01-04 13:13 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-04 13:13 - 2016-10-06 14:36 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-12-31 19:44 - 2016-12-31 19:44 - 02796178 _____ C:\Users\Petr\Desktop\Joan Jett I Love Rock nRoll.mp3
2016-12-31 19:35 - 2016-12-31 19:36 - 03899455 _____ C:\Users\Petr\Desktop\Electric Light Orchestra Dont Bring Me Down.mp3
2016-12-31 18:23 - 2016-12-31 18:26 - 05070002 _____ C:\Users\Petr\Desktop\ACDC  Whole Lotta Rosie.mp3
2016-12-29 22:23 - 2016-12-29 22:23 - 03620938 _____ C:\Users\Petr\Desktop\Alexia Uh La La La.mp3
2016-12-29 12:16 - 2016-12-30 13:54 - 00000000 ____D C:\Users\Petr\Desktop\Radio Energy
2016-12-29 11:58 - 2016-12-29 11:58 - 03772949 _____ C:\Users\Petr\Desktop\New Element Sdileni.mp3
2016-12-29 00:39 - 2016-12-29 00:39 - 07178607 _____ C:\Users\Petr\Desktop\Lange feat The Morrighan Follow Me.mp3
2016-12-29 00:31 - 2016-12-29 00:31 - 05041581 _____ C:\Users\Petr\Desktop\Lange Follow me.mp3
2016-12-28 21:37 - 2016-12-28 21:37 - 02959731 _____ C:\Users\Petr\Desktop\Komodo  I love You so much Miluji te tak moc.mp3
2016-12-27 01:11 - 2016-12-27 01:35 - 423647465 _____ C:\Users\Petr\Desktop\DJ Salieri mix dance 1 2016.mp3
2016-12-27 00:23 - 2016-12-30 13:53 - 00000000 ____D C:\Users\Petr\Desktop\2016
2016-12-20 13:36 - 2017-01-06 19:37 - 3221225472 ___SH C:\pagefile.sys
2016-12-16 15:42 - 2016-12-09 11:54 - 01415520 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-16 15:42 - 2016-12-09 11:54 - 00115552 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-16 15:42 - 2016-12-09 11:16 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-16 15:42 - 2016-12-09 11:16 - 00784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-16 15:42 - 2016-12-09 11:14 - 06019936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-16 15:42 - 2016-12-09 11:12 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-16 15:42 - 2016-12-09 11:09 - 00133296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-16 15:42 - 2016-12-09 11:00 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-16 15:42 - 2016-12-09 11:00 - 00117720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-16 15:42 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-16 15:42 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-16 15:42 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-16 15:42 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-12-16 15:42 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-12-16 15:42 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-16 15:42 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-16 15:42 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-16 15:42 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-16 15:42 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-16 15:42 - 2016-12-09 10:22 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-16 15:42 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-16 15:42 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-16 15:42 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-16 15:42 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-16 15:42 - 2016-12-09 10:17 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-16 15:42 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-16 15:42 - 2016-12-09 10:16 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-16 15:42 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-16 15:42 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-16 15:42 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-16 15:42 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-16 15:42 - 2016-09-15 17:53 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-16 15:41 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-16 15:41 - 2016-12-09 11:10 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-16 15:41 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-16 15:41 - 2016-12-09 11:01 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-16 15:41 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-16 15:41 - 2016-12-09 11:01 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-16 15:41 - 2016-12-09 11:01 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-16 15:41 - 2016-12-09 10:55 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-16 15:41 - 2016-12-09 10:52 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-16 15:41 - 2016-12-09 10:52 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-16 15:41 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-16 15:41 - 2016-12-09 10:37 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-16 15:41 - 2016-12-09 10:37 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-16 15:41 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-16 15:41 - 2016-12-09 10:35 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-16 15:41 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-16 15:41 - 2016-12-09 10:28 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-16 15:41 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-16 15:41 - 2016-12-09 10:18 - 01235456 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-16 15:41 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-16 15:41 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-16 15:41 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-16 15:41 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 17:11 - 2016-12-13 17:11 - 00014976 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-12-12 13:39 - 2016-12-12 13:39 - 02192351 _____ C:\Users\Petr\Desktop\Abba  Gimme Gimme Gimme.mp3
2016-12-12 13:12 - 2016-12-12 13:12 - 03218023 _____ C:\Users\Petr\Desktop\Goldfish  Deep Of The Night Feat. Diamond Thug.mp3
2016-12-11 00:03 - 2016-12-11 00:03 - 00000000 ____D C:\Users\Petr\Desktop\Xindl-X---Kvadratura-Záchranného-Kruhu-(2016)-[FLAC+Mp3@320kbps].HQ_Discotheque.)
2016-12-09 22:49 - 2016-11-11 09:07 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 22:49 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 22:49 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 22:49 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 22:49 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 22:49 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 22:49 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 22:49 - 2016-11-11 08:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-09 22:49 - 2016-11-11 08:45 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 22:49 - 2016-11-11 08:45 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 22:49 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 22:49 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 22:49 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 22:49 - 2016-11-11 08:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-09 22:49 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 22:49 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 22:49 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 22:49 - 2016-11-11 08:27 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 22:49 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 22:49 - 2016-11-11 08:26 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 22:49 - 2016-11-11 08:25 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 22:49 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 22:49 - 2016-11-11 08:25 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 22:49 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 22:49 - 2016-11-11 08:24 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 22:49 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 22:49 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 22:49 - 2016-11-11 08:24 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 22:49 - 2016-11-11 08:24 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 22:49 - 2016-11-11 08:23 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 22:49 - 2016-11-11 08:23 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 22:49 - 2016-11-11 08:22 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 22:49 - 2016-11-11 08:22 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 22:49 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 22:49 - 2016-11-11 08:21 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 22:49 - 2016-11-11 08:21 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 22:49 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 22:49 - 2016-11-11 08:20 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 22:49 - 2016-11-11 08:19 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 22:49 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 22:49 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 22:49 - 2016-11-11 08:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-09 22:49 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 22:49 - 2016-11-11 08:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 22:49 - 2016-11-11 08:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 22:49 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 22:49 - 2016-11-11 08:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 01722368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 22:49 - 2016-11-11 08:15 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 22:49 - 2016-11-11 08:14 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 22:49 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 22:49 - 2016-11-11 08:13 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 22:49 - 2016-11-11 08:13 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-09 22:49 - 2016-11-11 08:12 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 22:49 - 2016-11-11 08:12 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 22:49 - 2016-11-11 08:12 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 22:49 - 2016-11-11 08:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-09 22:49 - 2016-11-11 08:11 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 22:49 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 22:49 - 2016-11-11 08:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 22:49 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 22:49 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 22:49 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 22:49 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 22:49 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 22:49 - 2016-11-11 08:04 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 22:49 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 22:49 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 22:49 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 22:48 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 22:48 - 2016-11-11 09:07 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 22:48 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 22:48 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 22:48 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 22:48 - 2016-11-11 09:00 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 22:48 - 2016-11-11 08:59 - 01586736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 22:48 - 2016-11-11 08:59 - 00292192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 22:48 - 2016-11-11 08:59 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 22:48 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 22:48 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 22:48 - 2016-11-11 08:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-09 22:48 - 2016-11-11 08:46 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 22:48 - 2016-11-11 08:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-09 22:48 - 2016-11-11 08:45 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 22:48 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 22:48 - 2016-11-11 08:42 - 00313088 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-12-09 22:48 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 22:48 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 22:48 - 2016-11-11 08:41 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 22:48 - 2016-11-11 08:41 - 00802608 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 22:48 - 2016-11-11 08:41 - 00675568 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 22:48 - 2016-11-11 08:37 - 00381720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 22:48 - 2016-11-11 08:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 22:48 - 2016-11-11 08:29 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 22:48 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 22:48 - 2016-11-11 08:27 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 22:48 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 22:48 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 22:48 - 2016-11-11 08:25 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 22:48 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 22:48 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 22:48 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 22:48 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 22:48 - 2016-11-11 08:22 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 22:48 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 22:48 - 2016-11-11 08:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 22:48 - 2016-11-11 08:22 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 22:48 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 22:48 - 2016-11-11 08:21 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 22:48 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 22:48 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 22:48 - 2016-11-11 08:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-09 22:48 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 22:48 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 22:48 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 22:48 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 22:48 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 22:48 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 22:48 - 2016-11-11 08:18 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-09 22:48 - 2016-11-11 08:18 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 22:48 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 22:48 - 2016-11-11 08:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 22:48 - 2016-11-11 08:17 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-12-09 22:48 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 22:48 - 2016-11-11 08:16 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-09 22:48 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 22:48 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 22:48 - 2016-11-11 08:14 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 22:48 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 22:48 - 2016-11-11 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 22:48 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 22:48 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 22:48 - 2016-11-11 08:09 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 22:48 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2016-12-09 22:48 - 2016-11-11 08:07 - 01948160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-09 22:48 - 2016-11-11 08:07 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 22:48 - 2016-11-11 08:07 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 22:48 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 22:48 - 2016-11-11 08:06 - 01602048 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 22:48 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 22:48 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2016-12-09 22:48 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 22:48 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 22:48 - 2016-11-11 08:05 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 22:48 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 22:48 - 2016-11-11 08:04 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 22:48 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 22:48 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 22:48 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 22:48 - 2016-11-11 08:02 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 20:01 - 2014-12-15 14:41 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2017-01-06 20:01 - 2014-12-15 14:41 - 00000986 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2017-01-06 20:01 - 2014-12-15 14:41 - 00000000 ____D C:\Program Files\TeamViewer
2017-01-06 19:37 - 2016-10-06 14:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-06 19:36 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-06 14:44 - 2016-07-16 09:29 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-06 14:44 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-01-06 12:56 - 2014-12-15 14:32 - 00000000 ____D C:\Users\Petr\Desktop\Asus
2017-01-06 12:38 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-06 09:56 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-05 18:04 - 2015-06-11 10:10 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Seznam.cz
2017-01-05 12:18 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-04 10:41 - 2016-11-20 20:53 - 00000000 ____D C:\Users\Petr\Desktop\Večírek
2016-12-31 18:30 - 2016-12-02 10:40 - 00000000 ____D C:\Users\Petr\Desktop\Nove ceske
2016-12-31 13:32 - 2016-10-06 14:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-31 13:07 - 2014-12-15 19:54 - 00000000 ____D C:\Program Files\Google
2016-12-31 13:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-31 12:42 - 2015-01-16 00:05 - 00000000 ____D C:\ProgramData\Google
2016-12-31 12:42 - 2014-12-15 19:54 - 00000000 ____D C:\Users\Petr\AppData\Local\Google
2016-12-31 12:41 - 2016-05-15 14:39 - 00000000 ____D C:\Users\Petr\AppData\Local\Packages
2016-12-28 21:37 - 2016-09-30 22:14 - 00000000 ____D C:\Users\Petr\Desktop\Zavody pozadi
2016-12-28 20:44 - 2016-10-06 14:27 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f2f6b305-4b76-11e6-80e3-e41d2d18c9f0}.TMContainer00000000000000000002.regtrans-ms
2016-12-24 16:32 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2016-12-21 11:08 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-20 13:37 - 2016-07-16 03:22 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-20 13:36 - 2016-10-06 14:21 - 00349424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-20 13:35 - 2016-10-06 14:21 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f2f6b30b-4b76-11e6-80e3-e41d2d18c9f0}.TMContainer00000000000000000001.regtrans-ms
2016-12-20 13:35 - 2016-10-06 14:21 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f2f6b30b-4b76-11e6-80e3-e41d2d18c9f0}.TM.blf
2016-12-20 13:34 - 2016-07-16 09:30 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-20 13:34 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-20 13:34 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-20 13:34 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-20 13:34 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\apppatch
2016-12-17 23:22 - 2016-11-20 13:11 - 00000000 ____D C:\Users\Petr\Desktop\Přetřídit
2016-12-17 22:29 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-17 22:09 - 2014-12-23 11:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 16:14 - 2014-12-23 11:27 - 133430776 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 06:21 - 2016-05-15 14:46 - 00002427 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-15 06:21 - 2016-05-15 14:46 - 00000000 ___RD C:\Users\Petr\OneDrive
2016-12-15 06:10 - 2016-10-06 14:28 - 02084524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 06:10 - 2016-07-16 18:01 - 00740260 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-15 06:10 - 2016-07-16 18:01 - 00180290 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-15 06:10 - 2016-07-16 09:31 - 00902690 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-15 06:10 - 2016-07-16 09:31 - 00251950 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-13 17:11 - 2013-02-14 13:21 - 00113544 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-12-13 17:11 - 2013-01-10 10:25 - 00140984 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-12-13 17:11 - 2013-01-10 10:25 - 00062528 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2016-12-12 19:54 - 2016-10-06 14:29 - 00000000 ____D C:\Users\Petr
2016-12-12 13:59 - 2016-10-06 16:22 - 00000000 ____D C:\Users\Petr\Desktop\Aauuttoo
2016-12-12 13:50 - 2016-10-01 20:48 - 00000000 ____D C:\Users\Petr\Desktop\TOP
2016-12-12 00:56 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-12-11 23:03 - 2016-12-02 12:16 - 00000000 ____D C:\Users\Petr\Desktop\Metal
2016-12-11 22:25 - 2014-12-15 13:38 - 00000000 ___SD C:\Users\Petr\AppData\LocalLow\Microsoft
2016-12-10 15:26 - 2016-10-06 14:29 - 00524288 ___SH C:\Users\Petr\NTUSER.DAT{1a786945-8bd0-11e6-bce4-bb264348329a}.TMContainer00000000000000000002.regtrans-ms
2016-12-10 15:26 - 2016-10-06 14:29 - 00065536 ___SH C:\Users\Petr\NTUSER.DAT{1a786945-8bd0-11e6-bce4-bb264348329a}.TM.blf
2016-12-10 14:09 - 2016-10-06 15:05 - 00000174 ___SH C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 14:09 - 2016-02-13 13:10 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 14:09 - 2014-12-15 12:32 - 00000458 ___SH C:\Users\Petr\Desktop\desktop.ini
2016-12-10 14:09 - 2014-12-15 12:32 - 00000402 ___SH C:\Users\Petr\Documents\desktop.ini
2016-12-10 14:09 - 2014-12-15 12:32 - 00000282 ___SH C:\Users\Petr\Downloads\desktop.ini
2016-12-10 14:09 - 2014-12-15 12:32 - 00000174 ___SH C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Videos
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Searches
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Saved Games
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Pictures
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Music
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Links
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Favorites
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Documents
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\Contacts
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-10 14:09 - 2014-12-15 12:32 - 00000000 ___RD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-10 14:08 - 2016-11-20 20:19 - 01363456 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2016-12-10 14:08 - 2016-11-20 20:19 - 00359936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2016-12-10 14:07 - 2016-01-30 10:48 - 04696960 _____ (PS Media s.r.o.) C:\WINDOWS\system32\ssins.exe
2016-12-10 13:56 - 2016-07-16 09:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 13:55 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-10 13:55 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 13:55 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 13:55 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 11:49 - 2014-12-15 14:39 - 00000000 ____D C:\Users\Petr\Desktop\Petr

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\libeay32.dll
C:\Users\Petr\AppData\Local\Temp\msvcr120.dll
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
C:\Users\Petr\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e22d6c16c082.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0f51287ebcaf6.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12ed86d010721.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04216b5ec355.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e22d6cc0be9f.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus 10.0.386.1 (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.386.1 (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 16091 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

 
==================== End Of Log ==============================

a rad bych opet zaslal financni podekovani, ale nenasel jsem zde na foru tema kde toto resite (cislo uctu atd)
mohu pozadat o napovedu kde hledat?
diki

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Petr\Desktop" je 16091 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Petr novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[martybx]

log je zde:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x86) Version: 01-01-2017
Ran by Petr (07-01-2017 09:57:17) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-1193033861-3128224475-3259186373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
HKU\S-1-5-21-1193033861-3128224475-3259186373-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
HKLM\System\CurrentControlSet\Services\aswVmm => key removed successfully.
aswVmm => service removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully.
idsvc => service removed successfully.

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 4990688 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145510677 B
Java, Flash, Steam htmlcache => 825 B
Windows/system/drivers => 10644949 B
Edge => 39737345 B
Chrome => 268214875 B
Firefox => 9598787 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 76582 B
NetworkService => 8412 B
Petr => 698092878 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-01-2017 10:04:22)

"C:\Users\Petr\AppData\Local\Temp" => Could not move

==== End of Fixlog 10:04:29 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[martybx]

ano, zmena tu je
Ty samovolne otviraci panely sou fuc... diky.
ted prave resim uklid plochy..
co s temi programky ktere jsem stahl?
PS: jinak jsem si vsiml tveho podpisu a uz vim i to co jsem potreboval

[Rudy]

ADW odinstalujte (odinstalašní tlačíko najdete po spuštění ADW v prvním menu zleva). Ostatní smažte.

[martybx]

hotovo dekuji
zacatkem tydne poslu male podekovani
jste super

[Rudy]

Za příspěvek děkujeme a vy nemáte zač!

[martybx]

zdravim, dekuji za znovuodemceni fora.
Bohuzel i nadale se otviraji nove panely viz: https://ctrlv.cz/alsv
Muzeme prosim zkusit dalsi pokusy o vycisteni?
marty

[Rudy]

Zkusíme ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[martybx]

log prvni:

Kód: Vybrat vše

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Petr on st 11.01.2017 at  9:54:53,89.
Microsoft Windows 10 Home 10.0.14393  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petr\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

11.1.2017 9:57:42 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Petr\AppData\Local\ActiveSync deleted successfully
C:\Users\Petr\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Petr\AppData\Local\EmieSiteList deleted successfully
C:\Users\Petr\AppData\Local\EmieUserList deleted successfully
C:\Users\Petr\AppData\Local\GHISLER deleted successfully
C:\Users\Petr\AppData\Local\NetworkTiles deleted successfully
C:\Users\Petr\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");

Added to C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default\prefs.js:

Added to C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default

---- Lines ask.com removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"LanguageManager@8pecxstudios.com\":{\"d\":\"C:\\\\Users\\\\Petr\\\\AppData\\\\Roaming\\\\Mozilla
---- FireFox user.js and prefs.js backups ---- 

user_11.01.2017_1027_.backup
prefs_11.01.2017_1027_.backup

ProfilePath: C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_11.01.2017_1027_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Package Cache deleted
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\searchplugins\askcom.xml deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default
- Language Manager - %ProfilePath%\extensions\LanguageManager@8pecxstudios.com.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

ProfilePath: C:\Users\Petr\AppData\Roaming\TomTom\HOME\Profiles\kru4rhoq.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Seznam Lištička - Email - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam Lištička - Rychlá volba - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Seznam Lištička - Email - Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Minesweeper - Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnleehnibepgbhkdfkfcofpbcldpngcb
Seznam Lištička - Rychlá volba - Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=40 folders=17 29972319 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Petr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 11.01.2017 at 10:49:59,40 ======================

a log druhy:

Kód: Vybrat vše

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x86 
Ran by Petr (Administrator) on st 11.01.2017 at 10:51:56,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder) 
Successfully deleted: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder) 
Successfully deleted: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder) 
Successfully deleted: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\p61fqksj.default\user.js (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 11.01.2017 at 11:01:41,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~