ahoj prosím pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
Ran by Lubo (administrator) on LENOVO-PC (16-01-2017 09:38:37)
Running from C:\Users\Lubo\Desktop
Loaded Profiles: UpdatusUser & Lubo (Available Profiles: UpdatusUser & Lubo & Guest)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-02-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-02-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-02] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3363592213-3403915979-3187532261-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ae9afbd7-3e0d-4622-a792-68a75cec39e3}: [DhcpNameServer] 192.168.0.1 10.15.23.1 8.8.8.8
Tcpip\..\Interfaces\{c507dcc2-d73d-477d-a616-23932a065d38}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=818411
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B94E7541D-0A92-41C8-AF92-F8E9E48A736C%7D&gp=811041
SearchScopes: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B94E7541D-0A92-41C8-AF92-F8E9E48A736C%7D&gp=811041
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Ďîčńę@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Lubo\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2017-01-15] (Mail.Ru)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
FireFox:
========
FF ProfilePath: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default [2017-01-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\5ozr15b4.default -> Поиск@Mail.Ru
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\5ozr15b4.default -> Поиск@Mail.Ru
FF Homepage: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=818410
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B6B5F2A73-8C5C-4932-9FBC-6E75D92875DA%7D&gp=811037
FF Extension: (Exif Viewer) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-04-27]
FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\homepage@mail.ru [2017-01-15]
FF Extension: (Поиск@Mail.Ru) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\search@mail.ru [2017-01-15]
FF Extension: (Google Translator for Firefox) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (Video AdBlock for Firefox) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2016-01-15] [not signed]
FF Extension: (Визуальные закладки @Mail.Ru) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2017-01-15]
FF Extension: (Seznam lištička) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn [2017-01-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-20] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3363592213-3403915979-3187532261-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\Lubo\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-02] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-10-07] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-02] (AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-26] (Disc Soft Ltd)
R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-16 09:38 - 2017-01-16 09:38 - 00112640 _____ (forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
2017-01-16 08:58 - 2017-01-16 09:40 - 00030806 _____ C:\Users\Lubo\Desktop\FRST.txt
2017-01-16 08:58 - 2017-01-16 08:58 - 00000000 ____D C:\FRST
2017-01-16 08:53 - 2017-01-16 08:58 - 02419200 _____ (Farbar) C:\Users\Lubo\Desktop\FRST64.exe
2017-01-15 19:40 - 2017-01-15 19:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Identity Safe
2017-01-15 19:20 - 2017-01-15 19:20 - 08803648 _____ (Piriform Ltd) C:\Users\Lubo\Downloads\ccsetup525.exe
2017-01-15 17:17 - 2017-01-15 17:17 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd5db2c7f3c13dc3e
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8dc155883d786d19
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign30fbc6fcc91af106
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd38439a69a40b5f8
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd340eae8f02744ee
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6d34f060ac24b7c3
2017-01-15 16:38 - 2017-01-16 09:01 - 00000000 ____D C:\Users\Lubo\Downloads\telefon
2017-01-15 16:28 - 2017-01-16 08:42 - 00000000 ____D C:\Program Files (x86)\Mail.Ru
2017-01-15 16:15 - 2017-01-15 16:17 - 01737261 _____ C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.rar
2017-01-15 16:14 - 2017-01-16 08:42 - 00000000 ____D C:\Users\Lubo\AppData\Local\Mail.Ru
2017-01-15 16:14 - 2017-01-15 17:30 - 00000000 ____D C:\ProgramData\Mail.Ru
2017-01-15 16:14 - 2017-01-15 16:17 - 00000190 _____ C:\Users\Lubo\Desktop\Искать в Интернете.url
2017-01-15 16:14 - 2017-01-15 16:16 - 00003692 _____ C:\WINDOWS\System32\Tasks\winkruton
2017-01-15 16:13 - 2017-01-15 16:13 - 03841624 _____ () C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.exe
2017-01-15 10:11 - 2017-01-15 10:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5a88102ce211698a
2017-01-15 10:01 - 2017-01-15 10:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign442127a37d6e9899
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne82f9e21fad021fe
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigncc38adfc32389c2c
2017-01-13 11:20 - 2017-01-13 11:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfacf0547f563c099
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce55a6af6243d033
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8ee6450ad0f6cc0c
2017-01-12 09:25 - 2017-01-12 09:25 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign814d60f0797d7e58
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc5ed5af0bed1c5ba
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7af5f39d75193dec
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6491f1051b0133ef
2017-01-11 17:13 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:13 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:13 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:13 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:13 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:13 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:13 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:13 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:12 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:12 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:12 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:12 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:12 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:12 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:12 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:12 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:12 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:12 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:12 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:12 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:12 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:12 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:12 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:12 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:12 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:12 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:12 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:12 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:12 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:12 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:12 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:12 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:12 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:12 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:12 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:12 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:12 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 17:11 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:11 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:11 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:11 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:11 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:11 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:11 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:11 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:11 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:11 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:11 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:11 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:11 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:11 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:11 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:11 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:11 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:11 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:11 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:11 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:11 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:11 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:11 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:11 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:11 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:11 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:11 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:11 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:10 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:10 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:10 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:10 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:10 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:10 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:10 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:10 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:10 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:10 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:10 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:10 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:10 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:10 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:10 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:10 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:10 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:10 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:10 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:10 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:10 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:10 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:10 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:10 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:10 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:10 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:10 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:10 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:10 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:10 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:10 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:10 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:10 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:10 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:10 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:10 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2af6388b18783352
2017-01-11 11:22 - 2017-01-11 11:22 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignee9c5ae883b3742e
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigneb63f3a2a5c151b7
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5ca347aa0964c582
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf0c5b923fef9043c
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndd8e9eb8428ce57f
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf4541816832c621
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76d5cf89aab431c8
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8941723d87b7a3ae
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23fcb9b0fa0ae0eb
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfa25d2bd771444c0
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd86eaac259b0831f
2017-01-09 16:40 - 2017-01-02 13:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-09 16:34 - 2017-01-09 16:34 - 00000000 ____D C:\WINDOWS\Panther
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned6f3bf19f7d5b8a
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cc7e21a916d535f
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8559e7522ae76786
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0a81108918152e34
2017-01-09 11:01 - 2017-01-09 11:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign938cac96d5b30b9c
2017-01-09 11:00 - 2017-01-09 11:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd0dd950c4597d0f9
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf23450dbd7dac5d
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4a4bbe4fa643ec2a
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0b8d25ee25d37502
2017-01-06 17:38 - 2017-01-06 17:38 - 00889820 _____ C:\Users\Lubo\Documents\občanka řidičák_0001.pdf
2017-01-06 17:35 - 2017-01-06 17:35 - 00443952 _____ C:\Users\Lubo\Documents\občanka řidičák.pdf
2017-01-06 17:06 - 2017-01-06 17:31 - 01355460 _____ C:\Users\Lubo\Documents\IMG_20170106_0001.pdf
2017-01-06 17:04 - 2017-01-06 17:04 - 00146126 _____ C:\Users\Lubo\Documents\výpis 12_2016.PDF
2017-01-03 10:24 - 2017-01-03 10:24 - 00326242 _____ C:\Users\Lubo\Desktop\dron splátky.pdf
2017-01-02 13:33 - 2017-01-02 13:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce2d4fec2093d19a
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbd38999140074f41
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign942748e203a8a89d
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign3dd191be902ba757
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0930cc09bd2af32f
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7ce8d04f49d80fbf
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign479ed227d3244768
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb083e3a62ad6553e
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign89ca55e4a503458d
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf9362bd16967a521
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8aad138bf92edefe
2016-12-29 19:16 - 2016-12-30 15:26 - 00000000 ____D C:\Users\Lubo\Documents\videa
2016-12-27 11:36 - 2016-12-27 11:36 - 00094312 _____ C:\Users\Lubo\Downloads\58586fd912a4a7ff59120200.jpg
2016-12-25 16:42 - 2016-12-25 16:42 - 00001162 _____ C:\Users\Lubo\Desktop\Adobe Premiere Pro CC 2015.lnk
2016-12-25 16:32 - 2016-12-25 16:32 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-12-25 16:27 - 2016-12-25 16:27 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-12-25 15:24 - 2016-12-25 15:24 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-24 20:33 - 2016-12-24 20:33 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd292be634e0128f0
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf5b2428f152b757c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2afc623c4c78e12c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign02f71b0b0489fcd5
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign78a6786298de4067
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign60f554f62830e54e
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign410c7247d69c778f
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23d7c2bf7f4cf071
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4cb725185b5d6ee9
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2d20f288c7d7e5ad
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned26544ed95e84c0
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign317450567704a752
2016-12-22 18:02 - 2016-12-22 18:02 - 01074384 _____ C:\Users\Lubo\Desktop\pf.pdf
2016-12-22 15:56 - 2016-12-22 15:56 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign99d69bc037f0bfe3
2016-12-22 15:55 - 2016-12-22 15:55 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign288b9d37ab8934e7
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndbd09596bbe80b08
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign638e1ab89a9c6e7f
2016-12-22 08:19 - 2016-12-22 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-21 18:28 - 2016-12-21 18:28 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbebf0c70aefd925a
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna58f2585e1b81c62
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna34c78df52e1c48e
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4db336673671740b
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb592a4924d4c9200
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cb0f358f176e621
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8f012790eadd8339
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2aa8445ba3f538b6
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign9cba8eec9a2f161d
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8d8afdeebf21d0da
2016-12-19 00:26 - 2016-12-19 00:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbe4b1638e82af612
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne00b32f7f7e69656
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc9e080811cc877b9
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76e26ef6e4dde271
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4d1a871ff5b03c45
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd41bc8d6e0a65f42
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc27edaaf9c0b9b5b
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignaf9c377f91ebb728
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign65413da67c693c06
2016-12-17 18:22 - 2016-12-17 18:22 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne689ea2a3431ac6b
2016-12-17 18:22 - 2016-12-17 18:22 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc3eee51be289708f
2016-12-17 18:21 - 2016-12-17 18:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignea58b9685d9c33f4
2016-12-17 18:21 - 2016-12-17 18:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0f40edef733b91fe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-16 09:32 - 2016-11-19 12:25 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Mozilla
2017-01-16 09:32 - 2016-05-10 13:05 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Seznam.cz
2017-01-16 09:31 - 2016-08-22 12:27 - 00000000 ___RD C:\Users\Lubo\Creative Cloud Files
2017-01-16 09:31 - 2016-08-22 12:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-16 09:31 - 2014-09-26 08:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Adobe
2017-01-16 09:29 - 2015-09-26 06:19 - 00000000 __SHD C:\Users\Lubo\IntelGraphicsProfiles
2017-01-16 09:24 - 2016-09-20 04:13 - 00000000 ____D C:\Users\Lubo
2017-01-16 09:23 - 2016-09-20 04:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-16 09:23 - 2016-09-20 04:13 - 00000000 ____D C:\Users\UpdatusUser
2017-01-16 09:23 - 2016-09-20 04:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-16 09:23 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\Local\Unity
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-01-16 08:42 - 2014-02-19 02:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-16 08:39 - 2016-01-15 09:22 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\DVDVideoSoft
2017-01-16 08:39 - 2014-10-07 12:30 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-16 08:39 - 2014-09-24 13:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Packages
2017-01-15 19:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-15 19:28 - 2014-09-29 08:48 - 00000000 ____D C:\Users\Lubo\AppData\Local\CrashDumps
2017-01-15 19:22 - 2015-10-08 10:12 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-15 19:20 - 2016-05-13 13:44 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-15 16:29 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Unity
2017-01-15 16:15 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-15 16:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-15 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 15:50 - 2015-09-10 06:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 15:44 - 2016-11-24 13:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-14 15:44 - 2016-11-24 13:47 - 00000000 ____D C:\Program Files\TrueKey
2017-01-14 15:44 - 2016-09-20 04:02 - 05263432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-14 15:43 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-14 15:39 - 2016-11-24 14:00 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-01-14 10:33 - 2015-04-20 13:14 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 08:40 - 2015-11-15 12:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-13 08:38 - 2016-09-20 04:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 20:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 19:48 - 2014-09-26 09:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:42 - 2014-09-26 09:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 16:44 - 2016-09-20 04:58 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458729928
2017-01-10 16:44 - 2016-03-23 11:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-09 16:43 - 2015-12-05 09:40 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-09 16:43 - 2015-10-08 10:16 - 00001978 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-09 16:42 - 2016-09-20 04:58 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-09 16:33 - 2014-09-28 22:44 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-09 16:33 - 2014-09-24 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-06 17:39 - 2015-08-07 11:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-01-06 07:19 - 2014-09-26 09:13 - 00000000 ____D C:\Users\Lubo\Documents\fotky
2017-01-04 08:44 - 2015-01-13 15:14 - 00000000 ____D C:\Users\Lubo\Documents\beautyfoto
2017-01-02 13:34 - 2015-10-08 10:12 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-01-02 13:33 - 2016-03-23 11:42 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148336047709307
2017-01-02 13:33 - 2015-10-08 10:12 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148336047879610
2017-01-02 13:33 - 2015-10-08 10:12 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148336047982812
2017-01-02 13:33 - 2015-10-08 10:12 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-01 17:15 - 2015-03-31 09:37 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-12-29 13:54 - 2015-01-13 23:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\vlc
2016-12-25 18:19 - 2015-08-27 08:05 - 00031232 _____ C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-25 16:44 - 2014-09-24 13:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Adobe
2016-12-25 16:42 - 2014-09-30 08:04 - 00000000 ____D C:\Users\Lubo\Documents\Adobe
2016-12-25 16:39 - 2016-07-25 17:47 - 00000000 ____D C:\Users\Lubo\Downloads\Adobe Premiere Pro CC 2015 (9.2.0)
2016-12-25 16:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-25 16:32 - 2014-09-26 08:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-25 16:28 - 2014-09-26 09:30 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-25 16:26 - 2014-09-26 08:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-25 16:22 - 2016-08-22 14:35 - 00000000 ___HD C:\adobeTemp
2016-12-24 15:42 - 2016-11-24 14:02 - 00000000 ____D C:\Users\Lubo\AppData\Local\tkdata
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 08:20 - 2016-04-26 14:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-21 08:36 - 2016-09-22 06:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-20 02:40 - 2016-09-20 04:58 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 02:40 - 2016-09-20 04:58 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 02:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-17 11:35 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
==================== Files in the root of some directories =======
2015-01-15 10:11 - 2016-09-02 15:16 - 0003072 _____ () C:\Users\Lubo\AppData\Roaming\24FotoPrint Prefsv3
2015-02-27 22:10 - 2016-07-29 12:32 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-10-01 08:40 - 2014-10-01 08:42 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2014-11-18 11:32 - 2016-05-17 11:41 - 0001480 _____ () C:\Users\Lubo\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-08-27 08:05 - 2016-12-25 18:19 - 0031232 _____ () C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-03 11:29 - 2015-12-03 11:29 - 0000901 _____ () C:\Users\Lubo\AppData\Local\recently-used.xbel
2015-12-30 13:36 - 2015-12-30 13:36 - 0000017 _____ () C:\Users\Lubo\AppData\Local\resmon.resmoncfg
2014-02-19 02:22 - 2014-02-19 02:22 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
2015-07-31 14:25 - 2015-08-19 10:52 - 0001327 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lubo\Desktop" je 2166 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu logu, vyskakující okna, firefox
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím kontrolu logu, vyskakující okna, firefox
- Přílohy
-
- Addition.rar
- (13.08 KiB) Staženo 98 x
Re: Prosím kontrolu logu, vyskakující okna, firefox
nevím jesli to proběhlo normálně tak jetě log z
Logfile of random's system information tool 1.14 (written by random/random)
Run by Lubo at 2017-01-16 10:53:23
Microsoft Windows 10 Home
System drive C: has 57 GB (6%) free of 912 GB
Total RAM: 8082 MB (68% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:30, on 16. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Lubo_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=818411
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\Lubo\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3363592213-3403915979-3187532261-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3363592213-3403915979-3187532261-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 14768 bytes
======Enumerating Processes======
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-94ee7a81-b94c-4805-991a-3c8eb8b142e9 -SystemEventPortName:HostProcess-84a67775-455c-4a08-b6b7-f8855966a0e0 -IoCancelEventPortName:HostProcess-ca02c858-73e7-4356-b297-0d1a1db1b3e5 -NonStateChangingEventPortName:HostProcess-0d7697cc-96e9-4622-a9a4-b62651db76d8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:710343c6-4532-46cf-b234-57beb72cf913 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\diMaster.dll" /prefetch:1
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /c /a /s UserSession
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\sihost.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\WINDOWS\system32\igfxTray.exe
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Users\Lubo\Desktop\FRST64.exe"
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Lubo\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.1.335" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="6112.0.1234854491\1500469326" /prefetch:673131151
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x138c_0x1a78_0x6118d5a9"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x338
C:\WINDOWS\SysWOW64\ctfmon.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 640 648 8192 644
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Lubo\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Lenovo-PC-Lubo - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\PDVDServ Task - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1458729928 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{71A7CB2C-D040-44E0-8ADB-E30F74B6017C} - C:\windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\winkruton - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://2kruton.ru/agazonsm
C:\WINDOWS\system32\tasks\{E6A3A716-4EB2-478C-946F-7C3DB4DD58C2} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lubo\Downloads\vag\VAG-COM-USB-Driver\Install.exe -d C:\Users\Lubo\Downloads\vag\VAG-COM-USB-Driver
C:\WINDOWS\system32\tasks\Norton Identity Safe\Norton Error Processor - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe /submit
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions RebootCount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions CanUpdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=818410"
prefs.js - "keyword.URL" - "http://go.mail.ru/distib/ep/?product_id ... &gp=811037"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\
homepage@mail.ru
search@mail.ru
{a00bef25-f21a-4539-adbb-b179b29e2b92}
{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\addons.json
Google Translator for Firefox - extension - translator@zoli.bod
Exif Viewer - extension - exif_viewer@mozilla.doslash.org
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions.json
Video AdBlock for Firefox - extension - {a00bef25-f21a-4539-adbb-b179b29e2b92} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92}
Exif Viewer - extension - exif_viewer@mozilla.doslash.org - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\exif_viewer@mozilla.doslash.org.xpi
Google Translator for Firefox - extension - translator@zoli.bod - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\translator@zoli.bod.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Поиск@Mail.Ru - extension - search@mail.ru - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\search@mail.ru
Домашняя страница Mail.Ru - extension - homepage@mail.ru - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\homepage@mail.ru
Визуальные закладки @Mail.Ru - extension - {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
Norton Identity Safe Toolbar - extension - {F04D2D30-776C-4d02-8627-8E4385ECA58D} - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.30514.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U73 - 11.73.2.2 - C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.730.2 - 11.73.2.2 - C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - CANON iMAGE GATEWAY Album Plugin Utility for IJ - 5.0.0.0 - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
Plugin - Unity Player - 5.3.5.3775 - C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
Plugin - Shockwave Flash - 24.0.0.186 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob]
"Path"=C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={B0B6717E-B303-4358-9622-30EFAA9AB568}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0B6717E-B303-4358-9622-30EFAA9AB568}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={B0B6717E-B303-4358-9622-30EFAA9AB568}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{B0B6717E-B303-4358-9622-30EFAA9AB568}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26 932152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10 1052384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}]
Ďîčńę@Mail.Ru - C:\Users\Lubo\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2017-01-15 2551000]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 6141528]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26 932152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10 1052384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"=TiltWheelMouse.exe []
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-02-19 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-02-19 193008]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-11 1703424]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2016-11-18 3135752]
"AdobeBridge"= []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-06-12 561672]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-02 9080768]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2014-01-15 438888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-12-21 25779624]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-25 2383040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-16 10:53:23 ----D---- C:\rsit
2017-01-16 10:53:23 ----D---- C:\Program Files\trend micro
2017-01-16 08:58:43 ----D---- C:\FRST
2017-01-15 16:28:52 ----D---- C:\Program Files (x86)\Mail.Ru
2017-01-15 16:14:55 ----D---- C:\ProgramData\Mail.Ru
2017-01-11 17:13:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:13:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:13:05 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:13:04 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:13:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:13:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 17:13:00 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:12:57 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:12:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:12:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:12:55 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:12:55 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:12:54 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:12:53 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:12:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:12:52 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:12:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:12:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:12:48 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 17:12:48 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:12:46 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 17:12:45 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 17:12:41 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 17:12:37 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 17:12:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 17:12:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:12:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 17:12:32 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:12:30 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 17:12:29 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 17:12:28 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 17:12:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:12:26 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 17:12:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 17:12:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 17:11:53 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 17:11:53 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11:52 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:11:51 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 17:11:47 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:11:46 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 17:11:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:11:44 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:11:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 17:11:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:11:41 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 17:11:41 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:11:40 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:11:40 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:11:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:11:36 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 17:11:36 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 17:11:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:11:32 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:11:27 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:11:20 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:11:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11:14 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 17:11:13 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:11:13 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:11:12 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 17:11:11 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:11:10 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 17:11:10 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 17:11:10 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:11:07 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 17:11:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 17:11:05 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 17:11:05 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 17:11:03 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 17:11:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:11:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 17:11:02 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 17:11:01 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:11:01 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 17:11:00 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:10:56 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 17:10:56 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:10:55 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 17:10:55 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 17:10:53 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 17:10:53 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:10:53 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:10:50 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:10:43 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:10:43 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 17:10:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:10:31 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:10:29 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:10:24 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:10:24 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:10:23 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 17:10:22 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 17:10:22 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 17:10:19 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:10:19 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:10:18 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 17:10:18 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-09 16:40:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-09 16:34:00 ----D---- C:\WINDOWS\Panther
2017-01-02 13:33:32 ----A---- C:\WINDOWS\avastSS.scr
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\DbxSvc.exe
======List of files/folders modified in the last 1 month======
2017-01-16 10:53:23 ----RD---- C:\Program Files
2017-01-16 10:43:06 ----D---- C:\WINDOWS\Prefetch
2017-01-16 10:40:44 ----D---- C:\WINDOWS\Temp
2017-01-16 10:38:50 ----D---- C:\Users\Lubo\AppData\Roaming\Seznam.cz
2017-01-16 10:38:15 ----D---- C:\ProgramData\boost_interprocess
2017-01-16 10:31:06 ----D---- C:\WINDOWS\system32\sru
2017-01-16 10:00:04 ----D---- C:\Windows
2017-01-16 09:23:43 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-16 09:23:41 ----HD---- C:\Config.Msi
2017-01-16 08:42:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-01-16 08:42:50 ----D---- C:\WINDOWS\system32\Tasks
2017-01-16 08:42:46 ----D---- C:\Program Files (x86)\CyberLink
2017-01-16 08:42:32 ----D---- C:\ProgramData\CyberLink
2017-01-16 08:42:30 ----SHD---- C:\WINDOWS\Installer
2017-01-16 08:42:30 ----SHD---- C:\System Volume Information
2017-01-16 08:39:40 ----D---- C:\WINDOWS\AppReadiness
2017-01-16 08:39:33 ----HD---- C:\Program Files\WindowsApps
2017-01-16 08:39:09 ----D---- C:\WINDOWS\SysWOW64
2017-01-16 08:39:09 ----D---- C:\WINDOWS\System32
2017-01-16 08:39:09 ----D---- C:\Program Files (x86)\Bonjour
2017-01-16 08:39:06 ----D---- C:\Users\Lubo\AppData\Roaming\DVDVideoSoft
2017-01-16 08:39:06 ----D---- C:\Program Files (x86)\Common Files
2017-01-16 08:39:04 ----RD---- C:\Program Files (x86)
2017-01-16 08:38:42 ----D---- C:\WINDOWS\system32\catroot2
2017-01-15 19:52:00 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-15 19:29:09 ----D---- C:\WINDOWS\INF
2017-01-15 19:28:50 ----D---- C:\WINDOWS\debug
2017-01-15 19:22:30 ----D---- C:\Program Files (x86)\Google
2017-01-15 18:00:17 ----D---- C:\WINDOWS\system32\drivers
2017-01-15 16:15:09 ----HD---- C:\WINDOWS\system32\GroupPolicy
2017-01-15 16:14:57 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2017-01-15 16:14:55 ----HD---- C:\ProgramData
2017-01-15 15:47:08 ----D---- C:\WINDOWS\system32\config
2017-01-15 15:23:18 ----D---- C:\WINDOWS\rescache
2017-01-15 14:54:24 ----D---- C:\WINDOWS\WinSxS
2017-01-15 14:33:01 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-14 15:45:06 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-14 15:44:52 ----D---- C:\Program Files (x86)\McAfee
2017-01-14 15:44:00 ----D---- C:\Program Files\TrueKey
2017-01-14 15:41:18 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 15:41:16 ----D---- C:\WINDOWS\system32\wbem
2017-01-14 15:41:14 ----D---- C:\WINDOWS\system32\oobe
2017-01-14 15:40:48 ----D---- C:\WINDOWS\ShellExperiences
2017-01-14 15:40:41 ----D---- C:\WINDOWS\Provisioning
2017-01-14 15:40:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-14 15:40:33 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-14 15:40:32 ----D---- C:\Program Files\Internet Explorer
2017-01-14 10:33:37 ----D---- C:\ProgramData\Skype
2017-01-11 20:06:18 ----D---- C:\WINDOWS\CbsTemp
2017-01-11 19:48:05 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 19:42:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-11 16:30:26 ----D---- C:\WINDOWS\Logs
2017-01-09 16:33:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-09 11:25:09 ----RSD---- C:\WINDOWS\Fonts
2017-01-06 17:39:05 ----D---- C:\ProgramData\CanonIJPLM
2017-01-04 14:09:47 ----D---- C:\WINDOWS\system32\LogFiles
2016-12-29 13:54:27 ----D---- C:\Users\Lubo\AppData\Roaming\vlc
2016-12-25 16:44:12 ----D---- C:\Users\Lubo\AppData\Roaming\Adobe
2016-12-25 16:37:24 ----D---- C:\WINDOWS\system32\NDF
2016-12-25 16:32:21 ----D---- C:\Program Files\Adobe
2016-12-25 16:28:10 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-12-25 16:26:03 ----D---- C:\Program Files\Common Files\Adobe
2016-12-25 16:22:55 ----HD---- C:\adobeTemp
2016-12-23 00:13:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-12-22 08:20:36 ----D---- C:\Program Files (x86)\Dropbox
2016-12-21 08:36:24 ----D---- C:\WINDOWS\Minidump
2016-12-20 02:40:32 ----D---- C:\WINDOWS\Tasks
2016-12-20 01:09:18 ----D---- C:\WINDOWS\system32\Macromed
2016-12-20 01:09:12 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-12-17 11:35:06 ----RSD---- C:\WINDOWS\assembly
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-02 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-02 293352]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2014-02-19 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-02 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-01-02 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-02 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-02 513632]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2013-09-27 162392]
R1 dtsoftbus01;@oem44.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-09-26 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-02 108816]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 ACPIVPC;@oem4.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-02-19 35600]
R3 AmUStor;@oem13.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 BTATH_BUS;@oem24.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-20 84992]
R3 ElcMouLFlt;ELECOM USB Mouse Lower Filter Driver; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [2015-09-11 28648]
R3 ElcMouUFlt;ELECOM USB Mouse Upper Filter Driver; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [2015-09-11 27624]
R3 iwdbus;@oem37.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem42.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem6.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [2016-09-12 13754936]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-03 42696]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-08-11 551936]
R3 SynTP;@oem16.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-06-03 613576]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-01-02 163416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-02 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem2.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2013-06-04 21928]
S3 dot4usb;@oem2.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2016-03-16 108352]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2016-03-16 95168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-20 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-25 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-12-13 2218712]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-02 197128]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CDPUserSvc_3ed01;CDPUserSvc_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-12-21 42096]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-16 1914656]
R2 OneSyncSvc_3ed01;Sync Host_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-11 338944]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-03 249032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26 143144]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-07 654848]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
S3 MessagingService_3ed01;MessagingService_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-16 172488]
S3 PimIndexMaintenanceSvc_3ed01;Contact Data_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Logfile of random's system information tool 1.14 (written by random/random)
Run by Lubo at 2017-01-16 10:53:23
Microsoft Windows 10 Home
System drive C: has 57 GB (6%) free of 912 GB
Total RAM: 8082 MB (68% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:30, on 16. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Lubo_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=818411
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\Lubo\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3363592213-3403915979-3187532261-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3363592213-3403915979-3187532261-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 14768 bytes
======Enumerating Processes======
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-94ee7a81-b94c-4805-991a-3c8eb8b142e9 -SystemEventPortName:HostProcess-84a67775-455c-4a08-b6b7-f8855966a0e0 -IoCancelEventPortName:HostProcess-ca02c858-73e7-4356-b297-0d1a1db1b3e5 -NonStateChangingEventPortName:HostProcess-0d7697cc-96e9-4622-a9a4-b62651db76d8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:710343c6-4532-46cf-b234-57beb72cf913 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\diMaster.dll" /prefetch:1
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /c /a /s UserSession
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\sihost.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\WINDOWS\system32\igfxTray.exe
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Users\Lubo\Desktop\FRST64.exe"
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Lubo\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.1.335" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="6112.0.1234854491\1500469326" /prefetch:673131151
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x138c_0x1a78_0x6118d5a9"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x338
C:\WINDOWS\SysWOW64\ctfmon.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 640 648 8192 644
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Lubo\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Lenovo-PC-Lubo - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\PDVDServ Task - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1458729928 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{71A7CB2C-D040-44E0-8ADB-E30F74B6017C} - C:\windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\winkruton - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://2kruton.ru/agazonsm
C:\WINDOWS\system32\tasks\{E6A3A716-4EB2-478C-946F-7C3DB4DD58C2} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lubo\Downloads\vag\VAG-COM-USB-Driver\Install.exe -d C:\Users\Lubo\Downloads\vag\VAG-COM-USB-Driver
C:\WINDOWS\system32\tasks\Norton Identity Safe\Norton Error Processor - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe /submit
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions RebootCount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions CanUpdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=818410"
prefs.js - "keyword.URL" - "http://go.mail.ru/distib/ep/?product_id ... &gp=811037"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\
homepage@mail.ru
search@mail.ru
{a00bef25-f21a-4539-adbb-b179b29e2b92}
{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\addons.json
Google Translator for Firefox - extension - translator@zoli.bod
Exif Viewer - extension - exif_viewer@mozilla.doslash.org
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions.json
Video AdBlock for Firefox - extension - {a00bef25-f21a-4539-adbb-b179b29e2b92} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92}
Exif Viewer - extension - exif_viewer@mozilla.doslash.org - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\exif_viewer@mozilla.doslash.org.xpi
Google Translator for Firefox - extension - translator@zoli.bod - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\translator@zoli.bod.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Поиск@Mail.Ru - extension - search@mail.ru - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\search@mail.ru
Домашняя страница Mail.Ru - extension - homepage@mail.ru - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\homepage@mail.ru
Визуальные закладки @Mail.Ru - extension - {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
Norton Identity Safe Toolbar - extension - {F04D2D30-776C-4d02-8627-8E4385ECA58D} - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.30514.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U73 - 11.73.2.2 - C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.730.2 - 11.73.2.2 - C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - CANON iMAGE GATEWAY Album Plugin Utility for IJ - 5.0.0.0 - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
Plugin - Unity Player - 5.3.5.3775 - C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
Plugin - Shockwave Flash - 24.0.0.186 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob]
"Path"=C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={B0B6717E-B303-4358-9622-30EFAA9AB568}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0B6717E-B303-4358-9622-30EFAA9AB568}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={B0B6717E-B303-4358-9622-30EFAA9AB568}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{B0B6717E-B303-4358-9622-30EFAA9AB568}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26 932152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10 1052384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}]
Ďîčńę@Mail.Ru - C:\Users\Lubo\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2017-01-15 2551000]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 6141528]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26 932152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10 1052384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"=TiltWheelMouse.exe []
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-02-19 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-02-19 193008]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-11 1703424]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2016-11-18 3135752]
"AdobeBridge"= []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-06-12 561672]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-02 9080768]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2014-01-15 438888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-12-21 25779624]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-25 2383040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-16 10:53:23 ----D---- C:\rsit
2017-01-16 10:53:23 ----D---- C:\Program Files\trend micro
2017-01-16 08:58:43 ----D---- C:\FRST
2017-01-15 16:28:52 ----D---- C:\Program Files (x86)\Mail.Ru
2017-01-15 16:14:55 ----D---- C:\ProgramData\Mail.Ru
2017-01-11 17:13:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:13:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:13:05 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:13:04 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:13:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:13:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 17:13:00 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 17:13:00 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:12:59 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:12:57 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:12:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:12:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:12:55 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:12:55 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:12:54 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:12:53 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:12:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:12:52 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:12:51 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:12:50 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:12:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:12:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:12:48 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 17:12:48 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:12:46 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 17:12:45 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 17:12:41 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 17:12:37 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 17:12:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 17:12:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:12:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:12:35 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:12:34 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:12:33 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 17:12:32 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:12:30 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 17:12:29 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 17:12:28 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 17:12:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:12:26 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 17:12:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 17:12:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 17:11:53 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 17:11:53 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11:52 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:11:51 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 17:11:47 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:11:46 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 17:11:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:11:44 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:11:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 17:11:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:11:41 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 17:11:41 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:11:40 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:11:40 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:11:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:11:36 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 17:11:36 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 17:11:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:11:32 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:11:27 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:11:20 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:11:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11:14 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 17:11:13 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:11:13 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:11:12 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:11:11 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 17:11:11 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:11:10 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 17:11:10 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 17:11:10 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:11:08 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:11:07 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 17:11:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 17:11:05 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 17:11:05 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:11:04 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 17:11:03 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 17:11:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:11:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 17:11:02 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 17:11:01 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:11:01 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 17:11:00 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:10:59 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:10:58 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:10:57 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:10:56 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 17:10:56 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:10:55 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 17:10:55 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:10:54 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 17:10:53 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 17:10:53 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:10:53 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:10:52 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:10:51 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:10:50 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:10:43 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:10:43 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 17:10:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:10:31 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:10:29 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 17:10:27 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:10:24 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:10:24 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:10:23 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 17:10:22 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 17:10:22 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 17:10:21 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 17:10:19 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:10:19 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:10:18 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 17:10:18 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-09 16:40:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-09 16:34:00 ----D---- C:\WINDOWS\Panther
2017-01-02 13:33:32 ----A---- C:\WINDOWS\avastSS.scr
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2016-12-21 19:15:36 ----A---- C:\WINDOWS\system32\DbxSvc.exe
======List of files/folders modified in the last 1 month======
2017-01-16 10:53:23 ----RD---- C:\Program Files
2017-01-16 10:43:06 ----D---- C:\WINDOWS\Prefetch
2017-01-16 10:40:44 ----D---- C:\WINDOWS\Temp
2017-01-16 10:38:50 ----D---- C:\Users\Lubo\AppData\Roaming\Seznam.cz
2017-01-16 10:38:15 ----D---- C:\ProgramData\boost_interprocess
2017-01-16 10:31:06 ----D---- C:\WINDOWS\system32\sru
2017-01-16 10:00:04 ----D---- C:\Windows
2017-01-16 09:23:43 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-16 09:23:41 ----HD---- C:\Config.Msi
2017-01-16 08:42:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-01-16 08:42:50 ----D---- C:\WINDOWS\system32\Tasks
2017-01-16 08:42:46 ----D---- C:\Program Files (x86)\CyberLink
2017-01-16 08:42:32 ----D---- C:\ProgramData\CyberLink
2017-01-16 08:42:30 ----SHD---- C:\WINDOWS\Installer
2017-01-16 08:42:30 ----SHD---- C:\System Volume Information
2017-01-16 08:39:40 ----D---- C:\WINDOWS\AppReadiness
2017-01-16 08:39:33 ----HD---- C:\Program Files\WindowsApps
2017-01-16 08:39:09 ----D---- C:\WINDOWS\SysWOW64
2017-01-16 08:39:09 ----D---- C:\WINDOWS\System32
2017-01-16 08:39:09 ----D---- C:\Program Files (x86)\Bonjour
2017-01-16 08:39:06 ----D---- C:\Users\Lubo\AppData\Roaming\DVDVideoSoft
2017-01-16 08:39:06 ----D---- C:\Program Files (x86)\Common Files
2017-01-16 08:39:04 ----RD---- C:\Program Files (x86)
2017-01-16 08:38:42 ----D---- C:\WINDOWS\system32\catroot2
2017-01-15 19:52:00 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-15 19:29:09 ----D---- C:\WINDOWS\INF
2017-01-15 19:28:50 ----D---- C:\WINDOWS\debug
2017-01-15 19:22:30 ----D---- C:\Program Files (x86)\Google
2017-01-15 18:00:17 ----D---- C:\WINDOWS\system32\drivers
2017-01-15 16:15:09 ----HD---- C:\WINDOWS\system32\GroupPolicy
2017-01-15 16:14:57 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2017-01-15 16:14:55 ----HD---- C:\ProgramData
2017-01-15 15:47:08 ----D---- C:\WINDOWS\system32\config
2017-01-15 15:23:18 ----D---- C:\WINDOWS\rescache
2017-01-15 14:54:24 ----D---- C:\WINDOWS\WinSxS
2017-01-15 14:33:01 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-14 15:45:06 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-14 15:44:52 ----D---- C:\Program Files (x86)\McAfee
2017-01-14 15:44:00 ----D---- C:\Program Files\TrueKey
2017-01-14 15:41:18 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 15:41:16 ----D---- C:\WINDOWS\system32\wbem
2017-01-14 15:41:14 ----D---- C:\WINDOWS\system32\oobe
2017-01-14 15:40:48 ----D---- C:\WINDOWS\ShellExperiences
2017-01-14 15:40:41 ----D---- C:\WINDOWS\Provisioning
2017-01-14 15:40:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-14 15:40:33 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-14 15:40:32 ----D---- C:\Program Files\Internet Explorer
2017-01-14 10:33:37 ----D---- C:\ProgramData\Skype
2017-01-11 20:06:18 ----D---- C:\WINDOWS\CbsTemp
2017-01-11 19:48:05 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 19:42:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-11 16:30:26 ----D---- C:\WINDOWS\Logs
2017-01-09 16:33:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-09 11:25:09 ----RSD---- C:\WINDOWS\Fonts
2017-01-06 17:39:05 ----D---- C:\ProgramData\CanonIJPLM
2017-01-04 14:09:47 ----D---- C:\WINDOWS\system32\LogFiles
2016-12-29 13:54:27 ----D---- C:\Users\Lubo\AppData\Roaming\vlc
2016-12-25 16:44:12 ----D---- C:\Users\Lubo\AppData\Roaming\Adobe
2016-12-25 16:37:24 ----D---- C:\WINDOWS\system32\NDF
2016-12-25 16:32:21 ----D---- C:\Program Files\Adobe
2016-12-25 16:28:10 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-12-25 16:26:03 ----D---- C:\Program Files\Common Files\Adobe
2016-12-25 16:22:55 ----HD---- C:\adobeTemp
2016-12-23 00:13:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-12-22 08:20:36 ----D---- C:\Program Files (x86)\Dropbox
2016-12-21 08:36:24 ----D---- C:\WINDOWS\Minidump
2016-12-20 02:40:32 ----D---- C:\WINDOWS\Tasks
2016-12-20 01:09:18 ----D---- C:\WINDOWS\system32\Macromed
2016-12-20 01:09:12 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-12-17 11:35:06 ----RSD---- C:\WINDOWS\assembly
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-02 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-02 293352]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2014-02-19 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-02 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-01-02 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-02 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-02 513632]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2013-09-27 162392]
R1 dtsoftbus01;@oem44.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-09-26 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-02 108816]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 ACPIVPC;@oem4.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-02-19 35600]
R3 AmUStor;@oem13.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 BTATH_BUS;@oem24.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-20 84992]
R3 ElcMouLFlt;ELECOM USB Mouse Lower Filter Driver; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [2015-09-11 28648]
R3 ElcMouUFlt;ELECOM USB Mouse Upper Filter Driver; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [2015-09-11 27624]
R3 iwdbus;@oem37.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem42.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem6.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [2016-09-12 13754936]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-03 42696]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-08-11 551936]
R3 SynTP;@oem16.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-06-03 613576]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-01-02 163416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-02 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem2.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2013-06-04 21928]
S3 dot4usb;@oem2.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2016-03-16 108352]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2016-03-16 95168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-20 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-25 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-12-13 2218712]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-02 197128]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CDPUserSvc_3ed01;CDPUserSvc_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-12-21 42096]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-16 1914656]
R2 OneSyncSvc_3ed01;Sync Host_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-11 338944]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-03 249032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26 143144]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-07 654848]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
S3 MessagingService_3ed01;MessagingService_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-16 172488]
S3 PimIndexMaintenanceSvc_3ed01;Contact Data_3ed01; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, vyskakující okna, firefox
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, vyskakující okna, firefox
díky
log:
# AdwCleaner v6.042 - Logfile created 16/01/2017 at 19:43:40
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-15.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Lubo - LENOVO-PC
# Running from : C:\Users\Lubo\Desktop\adwcleaner_6.042.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Lubo\AppData\Local\Mail.Ru
[-] Folder deleted: C:\ProgramData\Mail.Ru
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Mail.Ru
[-] Folder deleted: C:\Program Files (x86)\Mail.Ru
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\Public\Pokki
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\search@mail.ru
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\homepage@mail.ru
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92}
***** [ Files ] *****
[-] File deleted: C:\Users\Lubo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
[-] File deleted: C:\Users\Lubo\Favorites\Mail.Ru.url
[-] File deleted: C:\Users\Lubo\Favorites\Mail.Ru Агент - используй для общения!.url
[-] File deleted: C:\Users\Lubo\Desktop\Искать в Интернете.url
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
[!] Shortcut not deleted: C:\Users\Lubo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\SweetLabs App Platform
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Mail.Ru
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\AppDataLow\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\SweetLabs App Platform
[#] Key deleted on reboot: HKCU\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Key deleted: HKLM\SOFTWARE\Mail.Ru
[#] Key deleted on reboot: [x64] HKCU\Software\SweetLabs App Platform
[#] Key deleted on reboot: [x64] HKCU\Software\Mail.Ru
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Data restored: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] Value deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Web browsers ] *****
[-] Chrome preferences cleaned: "browser.search.defaultenginename" - "Поиск@Mail.Ru"
[-] Chrome preferences cleaned: "browser.search.selectedEngine" - "Поиск@Mail.Ru"
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4632 Bytes] - [16/01/2017 19:43:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [4798 Bytes] - [16/01/2017 19:41:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4778 Bytes] ##########
log:
# AdwCleaner v6.042 - Logfile created 16/01/2017 at 19:43:40
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-15.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Lubo - LENOVO-PC
# Running from : C:\Users\Lubo\Desktop\adwcleaner_6.042.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Lubo\AppData\Local\Mail.Ru
[-] Folder deleted: C:\ProgramData\Mail.Ru
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Mail.Ru
[-] Folder deleted: C:\Program Files (x86)\Mail.Ru
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\Public\Pokki
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\search@mail.ru
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\homepage@mail.ru
[-] Folder deleted: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92}
***** [ Files ] *****
[-] File deleted: C:\Users\Lubo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
[-] File deleted: C:\Users\Lubo\Favorites\Mail.Ru.url
[-] File deleted: C:\Users\Lubo\Favorites\Mail.Ru Агент - используй для общения!.url
[-] File deleted: C:\Users\Lubo\Desktop\Искать в Интернете.url
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
[!] Shortcut not deleted: C:\Users\Lubo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\SweetLabs App Platform
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Mail.Ru
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\AppDataLow\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\SweetLabs App Platform
[#] Key deleted on reboot: HKCU\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Key deleted: HKLM\SOFTWARE\Mail.Ru
[#] Key deleted on reboot: [x64] HKCU\Software\SweetLabs App Platform
[#] Key deleted on reboot: [x64] HKCU\Software\Mail.Ru
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Data restored: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] Value deleted: HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Web browsers ] *****
[-] Chrome preferences cleaned: "browser.search.defaultenginename" - "Поиск@Mail.Ru"
[-] Chrome preferences cleaned: "browser.search.selectedEngine" - "Поиск@Mail.Ru"
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4632 Bytes] - [16/01/2017 19:43:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [4798 Bytes] - [16/01/2017 19:41:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4778 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, vyskakující okna, firefox
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, vyskakující okna, firefox
děkuji
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
Ran by Lubo (administrator) on LENOVO-PC (17-01-2017 10:31:39)
Running from C:\Users\Lubo\Desktop
Loaded Profiles: UpdatusUser & Lubo (Available Profiles: UpdatusUser & Lubo & Guest)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-02-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-02-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-02] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3363592213-3403915979-3187532261-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ae9afbd7-3e0d-4622-a792-68a75cec39e3}: [DhcpNameServer] 192.168.0.1 10.15.23.1 8.8.8.8
Tcpip\..\Interfaces\{c507dcc2-d73d-477d-a616-23932a065d38}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
FireFox:
========
FF ProfilePath: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default [2017-01-17]
FF Homepage: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B6B5F2A73-8C5C-4932-9FBC-6E75D92875DA%7D&gp=811037
FF Extension: (Exif Viewer) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-04-27]
FF Extension: (Google Translator for Firefox) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (Seznam lištička) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn [2017-01-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-20] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3363592213-3403915979-3187532261-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\Lubo\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-02] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-10-07] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-02] (AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-26] (Disc Soft Ltd)
R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-17 10:12 - 2017-01-17 10:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign44f8811270cab4d2
2017-01-17 10:10 - 2017-01-17 10:10 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna31c4735b139efc5
2017-01-17 10:10 - 2017-01-17 10:10 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign22a413e5f87bb93b
2017-01-17 10:00 - 2017-01-17 10:01 - 00112640 _____ (forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
2017-01-17 08:31 - 2017-01-17 08:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Identity Safe
2017-01-16 19:38 - 2017-01-16 19:43 - 00000000 ____D C:\AdwCleaner
2017-01-16 19:37 - 2017-01-16 19:38 - 03988944 _____ C:\Users\Lubo\Desktop\adwcleaner_6.042.exe
2017-01-16 18:49 - 2017-01-16 18:52 - 00000000 ____D C:\Users\Lubo\Downloads\dron
2017-01-16 18:01 - 2017-01-16 18:01 - 01427282 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00576088 _____ C:\WINDOWS\Packet.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00037616 _____ C:\WINDOWS\Control.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00017919 _____ C:\WINDOWS\SentOSPackets.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00000197 _____ C:\WINDOWS\NGIControl.KTL
2017-01-16 10:53 - 2017-01-16 10:53 - 01323520 _____ C:\Users\Lubo\Desktop\RSITx64.exe
2017-01-16 10:53 - 2017-01-16 10:53 - 00000000 ____D C:\rsit
2017-01-16 10:53 - 2017-01-16 10:53 - 00000000 ____D C:\Program Files\trend micro
2017-01-16 10:16 - 2017-01-16 10:16 - 00013398 _____ C:\Users\Lubo\Desktop\Addition.rar
2017-01-16 09:58 - 2017-01-17 10:31 - 00029046 _____ C:\Users\Lubo\Desktop\FRST.txt
2017-01-16 08:58 - 2017-01-17 10:31 - 00000000 ____D C:\FRST
2017-01-16 08:53 - 2017-01-16 08:58 - 02419200 _____ (Farbar) C:\Users\Lubo\Desktop\FRST64.exe
2017-01-15 19:20 - 2017-01-15 19:20 - 08803648 _____ (Piriform Ltd) C:\Users\Lubo\Downloads\ccsetup525.exe
2017-01-15 17:17 - 2017-01-15 17:17 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd5db2c7f3c13dc3e
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8dc155883d786d19
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign30fbc6fcc91af106
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd38439a69a40b5f8
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd340eae8f02744ee
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6d34f060ac24b7c3
2017-01-15 16:38 - 2017-01-16 09:01 - 00000000 ____D C:\Users\Lubo\Downloads\telefon
2017-01-15 16:15 - 2017-01-15 16:17 - 01737261 _____ C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.rar
2017-01-15 16:14 - 2017-01-15 16:16 - 00003692 _____ C:\WINDOWS\System32\Tasks\winkruton
2017-01-15 16:13 - 2017-01-15 16:13 - 03841624 _____ () C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.exe
2017-01-15 10:11 - 2017-01-15 10:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5a88102ce211698a
2017-01-15 10:01 - 2017-01-15 10:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign442127a37d6e9899
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne82f9e21fad021fe
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigncc38adfc32389c2c
2017-01-13 11:20 - 2017-01-13 11:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfacf0547f563c099
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce55a6af6243d033
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8ee6450ad0f6cc0c
2017-01-12 09:25 - 2017-01-12 09:25 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign814d60f0797d7e58
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc5ed5af0bed1c5ba
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7af5f39d75193dec
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6491f1051b0133ef
2017-01-11 17:13 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:13 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:13 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:13 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:13 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:13 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:13 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:13 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:12 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:12 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:12 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:12 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:12 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:12 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:12 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:12 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:12 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:12 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:12 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:12 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:12 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:12 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:12 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:12 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:12 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:12 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:12 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:12 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:12 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:12 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:12 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:12 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:12 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:12 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:12 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:12 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:12 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 17:11 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:11 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:11 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:11 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:11 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:11 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:11 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:11 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:11 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:11 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:11 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:11 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:11 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:11 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:11 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:11 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:11 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:11 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:11 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:11 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:11 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:11 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:11 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:11 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:11 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:11 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:11 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:11 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:10 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:10 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:10 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:10 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:10 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:10 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:10 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:10 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:10 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:10 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:10 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:10 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:10 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:10 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:10 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:10 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:10 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:10 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:10 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:10 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:10 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:10 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:10 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:10 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:10 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:10 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:10 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:10 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:10 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:10 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:10 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:10 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:10 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:10 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:10 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:10 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2af6388b18783352
2017-01-11 11:22 - 2017-01-11 11:22 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignee9c5ae883b3742e
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigneb63f3a2a5c151b7
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5ca347aa0964c582
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf0c5b923fef9043c
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndd8e9eb8428ce57f
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf4541816832c621
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76d5cf89aab431c8
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8941723d87b7a3ae
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23fcb9b0fa0ae0eb
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfa25d2bd771444c0
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd86eaac259b0831f
2017-01-09 16:40 - 2017-01-02 13:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-09 16:34 - 2017-01-09 16:34 - 00000000 ____D C:\WINDOWS\Panther
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned6f3bf19f7d5b8a
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cc7e21a916d535f
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8559e7522ae76786
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0a81108918152e34
2017-01-09 11:01 - 2017-01-09 11:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign938cac96d5b30b9c
2017-01-09 11:00 - 2017-01-09 11:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd0dd950c4597d0f9
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf23450dbd7dac5d
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4a4bbe4fa643ec2a
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0b8d25ee25d37502
2017-01-06 17:38 - 2017-01-06 17:38 - 00889820 _____ C:\Users\Lubo\Documents\občanka řidičák_0001.pdf
2017-01-06 17:35 - 2017-01-06 17:35 - 00443952 _____ C:\Users\Lubo\Documents\občanka řidičák.pdf
2017-01-06 17:06 - 2017-01-06 17:31 - 01355460 _____ C:\Users\Lubo\Documents\IMG_20170106_0001.pdf
2017-01-06 17:04 - 2017-01-06 17:04 - 00146126 _____ C:\Users\Lubo\Documents\výpis 12_2016.PDF
2017-01-03 10:24 - 2017-01-03 10:24 - 00326242 _____ C:\Users\Lubo\Desktop\dron splátky.pdf
2017-01-02 13:33 - 2017-01-02 13:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce2d4fec2093d19a
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbd38999140074f41
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign942748e203a8a89d
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign3dd191be902ba757
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0930cc09bd2af32f
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7ce8d04f49d80fbf
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign479ed227d3244768
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb083e3a62ad6553e
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign89ca55e4a503458d
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf9362bd16967a521
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8aad138bf92edefe
2016-12-29 19:16 - 2016-12-30 15:26 - 00000000 ____D C:\Users\Lubo\Documents\videa
2016-12-27 11:36 - 2016-12-27 11:36 - 00094312 _____ C:\Users\Lubo\Downloads\58586fd912a4a7ff59120200.jpg
2016-12-25 16:42 - 2016-12-25 16:42 - 00001162 _____ C:\Users\Lubo\Desktop\Adobe Premiere Pro CC 2015.lnk
2016-12-25 16:32 - 2016-12-25 16:32 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-12-25 16:27 - 2016-12-25 16:27 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-12-25 15:24 - 2016-12-25 15:24 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-24 20:33 - 2016-12-24 20:33 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd292be634e0128f0
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf5b2428f152b757c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2afc623c4c78e12c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign02f71b0b0489fcd5
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign78a6786298de4067
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign60f554f62830e54e
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign410c7247d69c778f
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23d7c2bf7f4cf071
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4cb725185b5d6ee9
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2d20f288c7d7e5ad
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned26544ed95e84c0
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign317450567704a752
2016-12-22 18:02 - 2016-12-22 18:02 - 01074384 _____ C:\Users\Lubo\Desktop\pf.pdf
2016-12-22 15:56 - 2016-12-22 15:56 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign99d69bc037f0bfe3
2016-12-22 15:55 - 2016-12-22 15:55 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign288b9d37ab8934e7
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndbd09596bbe80b08
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign638e1ab89a9c6e7f
2016-12-22 08:19 - 2016-12-22 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-21 18:28 - 2016-12-21 18:28 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbebf0c70aefd925a
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna58f2585e1b81c62
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna34c78df52e1c48e
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4db336673671740b
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb592a4924d4c9200
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cb0f358f176e621
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8f012790eadd8339
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2aa8445ba3f538b6
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign9cba8eec9a2f161d
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8d8afdeebf21d0da
2016-12-19 00:26 - 2016-12-19 00:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbe4b1638e82af612
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne00b32f7f7e69656
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc9e080811cc877b9
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76e26ef6e4dde271
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4d1a871ff5b03c45
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd41bc8d6e0a65f42
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc27edaaf9c0b9b5b
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignaf9c377f91ebb728
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign65413da67c693c06
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-17 08:40 - 2016-11-19 12:25 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Mozilla
2017-01-17 08:29 - 2014-09-26 08:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Adobe
2017-01-17 08:27 - 2016-05-10 13:05 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Seznam.cz
2017-01-17 08:25 - 2016-08-22 12:27 - 00000000 ___RD C:\Users\Lubo\Creative Cloud Files
2017-01-17 08:21 - 2015-09-26 06:19 - 00000000 __SHD C:\Users\Lubo\IntelGraphicsProfiles
2017-01-16 19:50 - 2016-08-22 12:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-16 19:44 - 2016-09-20 04:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-16 19:44 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-16 19:14 - 2014-09-28 07:11 - 00000000 ____D C:\Users\Lubo\Documents\foceni škola
2017-01-16 18:21 - 2016-09-20 04:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-16 13:33 - 2016-09-20 04:13 - 00000000 ____D C:\Users\Lubo
2017-01-16 11:11 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-16 10:04 - 2016-09-20 04:13 - 00000000 ____D C:\Users\UpdatusUser
2017-01-16 09:23 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\Local\Unity
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-01-16 08:42 - 2014-02-19 02:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-16 08:39 - 2016-01-15 09:22 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\DVDVideoSoft
2017-01-16 08:39 - 2014-10-07 12:30 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-16 08:39 - 2014-09-24 13:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Packages
2017-01-15 19:28 - 2014-09-29 08:48 - 00000000 ____D C:\Users\Lubo\AppData\Local\CrashDumps
2017-01-15 19:22 - 2015-10-08 10:12 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-15 19:20 - 2016-05-13 13:44 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-15 16:29 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Unity
2017-01-15 16:15 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-15 16:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-15 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 15:50 - 2015-09-10 06:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 15:44 - 2016-11-24 13:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-14 15:44 - 2016-11-24 13:47 - 00000000 ____D C:\Program Files\TrueKey
2017-01-14 15:44 - 2016-09-20 04:02 - 05263432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-14 15:39 - 2016-11-24 14:00 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-01-14 10:33 - 2015-04-20 13:14 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 08:40 - 2015-11-15 12:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-13 08:38 - 2016-09-20 04:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 20:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 19:48 - 2014-09-26 09:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:42 - 2014-09-26 09:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 16:44 - 2016-09-20 04:58 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458729928
2017-01-10 16:44 - 2016-03-23 11:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-09 16:43 - 2015-12-05 09:40 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-09 16:43 - 2015-10-08 10:16 - 00001978 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-09 16:42 - 2016-09-20 04:58 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-09 16:33 - 2014-09-28 22:44 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-09 16:33 - 2014-09-24 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-06 17:39 - 2015-08-07 11:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-01-06 07:19 - 2014-09-26 09:13 - 00000000 ____D C:\Users\Lubo\Documents\fotky
2017-01-04 08:44 - 2015-01-13 15:14 - 00000000 ____D C:\Users\Lubo\Documents\beautyfoto
2017-01-02 13:34 - 2015-10-08 10:12 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-01-02 13:33 - 2016-03-23 11:42 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148336047709307
2017-01-02 13:33 - 2015-10-08 10:12 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148336047879610
2017-01-02 13:33 - 2015-10-08 10:12 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148336047982812
2017-01-02 13:33 - 2015-10-08 10:12 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-01 17:15 - 2015-03-31 09:37 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-12-29 13:54 - 2015-01-13 23:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\vlc
2016-12-25 18:19 - 2015-08-27 08:05 - 00031232 _____ C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-25 16:44 - 2014-09-24 13:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Adobe
2016-12-25 16:42 - 2014-09-30 08:04 - 00000000 ____D C:\Users\Lubo\Documents\Adobe
2016-12-25 16:39 - 2016-07-25 17:47 - 00000000 ____D C:\Users\Lubo\Downloads\Adobe Premiere Pro CC 2015 (9.2.0)
2016-12-25 16:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-25 16:32 - 2014-09-26 08:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-25 16:28 - 2014-09-26 09:30 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-25 16:26 - 2014-09-26 08:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-25 16:22 - 2016-08-22 14:35 - 00000000 ___HD C:\adobeTemp
2016-12-24 15:42 - 2016-11-24 14:02 - 00000000 ____D C:\Users\Lubo\AppData\Local\tkdata
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 08:20 - 2016-04-26 14:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-21 08:36 - 2016-09-22 06:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-20 02:40 - 2016-09-20 04:58 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 02:40 - 2016-09-20 04:58 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 02:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories =======
2015-01-15 10:11 - 2016-09-02 15:16 - 0003072 _____ () C:\Users\Lubo\AppData\Roaming\24FotoPrint Prefsv3
2015-02-27 22:10 - 2016-07-29 12:32 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-10-01 08:40 - 2014-10-01 08:42 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2014-11-18 11:32 - 2016-05-17 11:41 - 0001480 _____ () C:\Users\Lubo\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-08-27 08:05 - 2016-12-25 18:19 - 0031232 _____ () C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-03 11:29 - 2015-12-03 11:29 - 0000901 _____ () C:\Users\Lubo\AppData\Local\recently-used.xbel
2015-12-30 13:36 - 2015-12-30 13:36 - 0000017 _____ () C:\Users\Lubo\AppData\Local\resmon.resmoncfg
2014-02-19 02:22 - 2014-02-19 02:22 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
2015-07-31 14:25 - 2015-08-19 10:52 - 0001327 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lubo\Desktop" je 2172 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
Ran by Lubo (administrator) on LENOVO-PC (17-01-2017 10:31:39)
Running from C:\Users\Lubo\Desktop
Loaded Profiles: UpdatusUser & Lubo (Available Profiles: UpdatusUser & Lubo & Guest)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-02-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-02-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-02] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3363592213-3403915979-3187532261-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lubo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ae9afbd7-3e0d-4622-a792-68a75cec39e3}: [DhcpNameServer] 192.168.0.1 10.15.23.1 8.8.8.8
Tcpip\..\Interfaces\{c507dcc2-d73d-477d-a616-23932a065d38}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
FireFox:
========
FF ProfilePath: C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default [2017-01-17]
FF Homepage: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B6B5F2A73-8C5C-4932-9FBC-6E75D92875DA%7D&gp=811037
FF Extension: (Exif Viewer) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-04-27]
FF Extension: (Google Translator for Firefox) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (Seznam lištička) - C:\Users\Lubo\AppData\Roaming\Mozilla\Firefox\Profiles\5ozr15b4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn [2017-01-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-20] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3363592213-3403915979-3187532261-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2016-01-04]
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\Lubo\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-02] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-10-07] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-02] (AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-26] (Disc Soft Ltd)
R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-17 10:12 - 2017-01-17 10:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign44f8811270cab4d2
2017-01-17 10:10 - 2017-01-17 10:10 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna31c4735b139efc5
2017-01-17 10:10 - 2017-01-17 10:10 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign22a413e5f87bb93b
2017-01-17 10:00 - 2017-01-17 10:01 - 00112640 _____ (forum.viry.cz) C:\Users\Lubo\Desktop\FRSTLauncher.exe
2017-01-17 08:31 - 2017-01-17 08:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Identity Safe
2017-01-16 19:38 - 2017-01-16 19:43 - 00000000 ____D C:\AdwCleaner
2017-01-16 19:37 - 2017-01-16 19:38 - 03988944 _____ C:\Users\Lubo\Desktop\adwcleaner_6.042.exe
2017-01-16 18:49 - 2017-01-16 18:52 - 00000000 ____D C:\Users\Lubo\Downloads\dron
2017-01-16 18:01 - 2017-01-16 18:01 - 01427282 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00576088 _____ C:\WINDOWS\Packet.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00037616 _____ C:\WINDOWS\Control.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00017919 _____ C:\WINDOWS\SentOSPackets.KTL
2017-01-16 18:01 - 2017-01-16 18:01 - 00000197 _____ C:\WINDOWS\NGIControl.KTL
2017-01-16 10:53 - 2017-01-16 10:53 - 01323520 _____ C:\Users\Lubo\Desktop\RSITx64.exe
2017-01-16 10:53 - 2017-01-16 10:53 - 00000000 ____D C:\rsit
2017-01-16 10:53 - 2017-01-16 10:53 - 00000000 ____D C:\Program Files\trend micro
2017-01-16 10:16 - 2017-01-16 10:16 - 00013398 _____ C:\Users\Lubo\Desktop\Addition.rar
2017-01-16 09:58 - 2017-01-17 10:31 - 00029046 _____ C:\Users\Lubo\Desktop\FRST.txt
2017-01-16 08:58 - 2017-01-17 10:31 - 00000000 ____D C:\FRST
2017-01-16 08:53 - 2017-01-16 08:58 - 02419200 _____ (Farbar) C:\Users\Lubo\Desktop\FRST64.exe
2017-01-15 19:20 - 2017-01-15 19:20 - 08803648 _____ (Piriform Ltd) C:\Users\Lubo\Downloads\ccsetup525.exe
2017-01-15 17:17 - 2017-01-15 17:17 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd5db2c7f3c13dc3e
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8dc155883d786d19
2017-01-15 17:12 - 2017-01-15 17:12 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign30fbc6fcc91af106
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd38439a69a40b5f8
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd340eae8f02744ee
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6d34f060ac24b7c3
2017-01-15 16:38 - 2017-01-16 09:01 - 00000000 ____D C:\Users\Lubo\Downloads\telefon
2017-01-15 16:15 - 2017-01-15 16:17 - 01737261 _____ C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.rar
2017-01-15 16:14 - 2017-01-15 16:16 - 00003692 _____ C:\WINDOWS\System32\Tasks\winkruton
2017-01-15 16:13 - 2017-01-15 16:13 - 03841624 _____ () C:\Users\Lubo\Downloads\GigabyteGSmartClassicPro_android_update_manual.exe.exe
2017-01-15 10:11 - 2017-01-15 10:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5a88102ce211698a
2017-01-15 10:01 - 2017-01-15 10:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign442127a37d6e9899
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne82f9e21fad021fe
2017-01-15 10:00 - 2017-01-15 10:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigncc38adfc32389c2c
2017-01-13 11:20 - 2017-01-13 11:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfacf0547f563c099
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce55a6af6243d033
2017-01-13 11:19 - 2017-01-13 11:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8ee6450ad0f6cc0c
2017-01-12 09:25 - 2017-01-12 09:25 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign814d60f0797d7e58
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc5ed5af0bed1c5ba
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7af5f39d75193dec
2017-01-12 09:20 - 2017-01-12 09:20 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign6491f1051b0133ef
2017-01-11 17:13 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:13 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:13 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:13 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:13 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:13 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:13 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:13 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:13 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:12 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:12 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:12 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:12 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:12 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:12 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:12 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:12 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:12 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:12 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:12 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:12 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:12 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:12 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:12 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:12 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:12 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:12 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:12 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:12 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:12 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:12 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:12 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:12 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:12 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:12 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:12 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:12 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:12 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:12 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:12 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:12 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:12 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:12 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:12 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:12 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 17:11 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:11 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:11 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:11 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:11 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:11 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:11 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:11 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:11 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:11 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:11 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:11 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:11 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:11 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:11 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:11 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:11 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:11 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:11 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:11 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:11 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:11 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:11 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:11 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:11 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:11 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:11 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:11 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:11 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:11 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:11 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:11 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:11 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:11 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:11 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:11 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:11 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:10 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:10 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:10 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:10 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:10 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:10 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:10 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:10 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:10 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:10 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:10 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:10 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:10 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:10 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:10 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:10 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:10 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:10 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:10 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:10 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:10 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:10 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:10 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:10 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:10 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:10 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:10 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:10 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:10 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:10 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:10 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:10 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:10 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:10 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:10 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:10 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:10 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:10 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:10 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:10 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:10 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:10 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:10 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:10 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2af6388b18783352
2017-01-11 11:22 - 2017-01-11 11:22 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignee9c5ae883b3742e
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigneb63f3a2a5c151b7
2017-01-11 11:21 - 2017-01-11 11:21 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5ca347aa0964c582
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf0c5b923fef9043c
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndd8e9eb8428ce57f
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf4541816832c621
2017-01-10 16:26 - 2017-01-10 16:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76d5cf89aab431c8
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8941723d87b7a3ae
2017-01-09 20:40 - 2017-01-09 20:40 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23fcb9b0fa0ae0eb
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignfa25d2bd771444c0
2017-01-09 20:19 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd86eaac259b0831f
2017-01-09 16:40 - 2017-01-02 13:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-09 16:34 - 2017-01-09 16:34 - 00000000 ____D C:\WINDOWS\Panther
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned6f3bf19f7d5b8a
2017-01-09 14:46 - 2017-01-09 14:46 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cc7e21a916d535f
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8559e7522ae76786
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0a81108918152e34
2017-01-09 11:01 - 2017-01-09 11:01 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign938cac96d5b30b9c
2017-01-09 11:00 - 2017-01-09 11:00 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd0dd950c4597d0f9
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbf23450dbd7dac5d
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4a4bbe4fa643ec2a
2017-01-09 10:59 - 2017-01-09 10:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0b8d25ee25d37502
2017-01-06 17:38 - 2017-01-06 17:38 - 00889820 _____ C:\Users\Lubo\Documents\občanka řidičák_0001.pdf
2017-01-06 17:35 - 2017-01-06 17:35 - 00443952 _____ C:\Users\Lubo\Documents\občanka řidičák.pdf
2017-01-06 17:06 - 2017-01-06 17:31 - 01355460 _____ C:\Users\Lubo\Documents\IMG_20170106_0001.pdf
2017-01-06 17:04 - 2017-01-06 17:04 - 00146126 _____ C:\Users\Lubo\Documents\výpis 12_2016.PDF
2017-01-03 10:24 - 2017-01-03 10:24 - 00326242 _____ C:\Users\Lubo\Desktop\dron splátky.pdf
2017-01-02 13:33 - 2017-01-02 13:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignce2d4fec2093d19a
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbd38999140074f41
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign942748e203a8a89d
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign3dd191be902ba757
2017-01-01 17:29 - 2017-01-01 17:29 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign0930cc09bd2af32f
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign7ce8d04f49d80fbf
2017-01-01 17:11 - 2017-01-01 17:11 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign479ed227d3244768
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb083e3a62ad6553e
2017-01-01 17:04 - 2017-01-01 17:04 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign89ca55e4a503458d
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf9362bd16967a521
2017-01-01 17:03 - 2017-01-01 17:03 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8aad138bf92edefe
2016-12-29 19:16 - 2016-12-30 15:26 - 00000000 ____D C:\Users\Lubo\Documents\videa
2016-12-27 11:36 - 2016-12-27 11:36 - 00094312 _____ C:\Users\Lubo\Downloads\58586fd912a4a7ff59120200.jpg
2016-12-25 16:42 - 2016-12-25 16:42 - 00001162 _____ C:\Users\Lubo\Desktop\Adobe Premiere Pro CC 2015.lnk
2016-12-25 16:32 - 2016-12-25 16:32 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-12-25 16:27 - 2016-12-25 16:27 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-12-25 15:24 - 2016-12-25 15:24 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-24 20:33 - 2016-12-24 20:33 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd292be634e0128f0
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignf5b2428f152b757c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2afc623c4c78e12c
2016-12-24 12:30 - 2016-12-24 12:30 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign02f71b0b0489fcd5
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign78a6786298de4067
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign60f554f62830e54e
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign410c7247d69c778f
2016-12-23 19:53 - 2016-12-23 19:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign23d7c2bf7f4cf071
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4cb725185b5d6ee9
2016-12-23 15:52 - 2016-12-23 15:52 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2d20f288c7d7e5ad
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigned26544ed95e84c0
2016-12-23 15:51 - 2016-12-23 15:51 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign317450567704a752
2016-12-22 18:02 - 2016-12-22 18:02 - 01074384 _____ C:\Users\Lubo\Desktop\pf.pdf
2016-12-22 15:56 - 2016-12-22 15:56 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign99d69bc037f0bfe3
2016-12-22 15:55 - 2016-12-22 15:55 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign288b9d37ab8934e7
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigndbd09596bbe80b08
2016-12-22 15:54 - 2016-12-22 15:54 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign638e1ab89a9c6e7f
2016-12-22 08:19 - 2016-12-22 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-21 18:28 - 2016-12-21 18:28 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbebf0c70aefd925a
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna58f2585e1b81c62
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigna34c78df52e1c48e
2016-12-21 18:26 - 2016-12-21 18:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4db336673671740b
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignb592a4924d4c9200
2016-12-19 17:15 - 2016-12-19 17:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign5cb0f358f176e621
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8f012790eadd8339
2016-12-19 17:14 - 2016-12-19 17:14 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign2aa8445ba3f538b6
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign9cba8eec9a2f161d
2016-12-19 00:27 - 2016-12-19 00:27 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign8d8afdeebf21d0da
2016-12-19 00:26 - 2016-12-19 00:26 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignbe4b1638e82af612
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsigne00b32f7f7e69656
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc9e080811cc877b9
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign76e26ef6e4dde271
2016-12-18 22:53 - 2016-12-18 22:53 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign4d1a871ff5b03c45
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignd41bc8d6e0a65f42
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignc27edaaf9c0b9b5b
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsignaf9c377f91ebb728
2016-12-18 15:05 - 2016-12-18 15:05 - 00000000 ____D C:\Users\Lubo\AppData\Local\Tempzxpsign65413da67c693c06
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-17 08:40 - 2016-11-19 12:25 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Mozilla
2017-01-17 08:29 - 2014-09-26 08:59 - 00000000 ____D C:\Users\Lubo\AppData\Local\Adobe
2017-01-17 08:27 - 2016-05-10 13:05 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Seznam.cz
2017-01-17 08:25 - 2016-08-22 12:27 - 00000000 ___RD C:\Users\Lubo\Creative Cloud Files
2017-01-17 08:21 - 2015-09-26 06:19 - 00000000 __SHD C:\Users\Lubo\IntelGraphicsProfiles
2017-01-16 19:50 - 2016-08-22 12:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-16 19:44 - 2016-09-20 04:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-16 19:44 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-16 19:14 - 2014-09-28 07:11 - 00000000 ____D C:\Users\Lubo\Documents\foceni škola
2017-01-16 18:21 - 2016-09-20 04:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-16 13:33 - 2016-09-20 04:13 - 00000000 ____D C:\Users\Lubo
2017-01-16 11:11 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-16 10:04 - 2016-09-20 04:13 - 00000000 ____D C:\Users\UpdatusUser
2017-01-16 09:23 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\Local\Unity
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-16 08:42 - 2014-02-19 02:35 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-01-16 08:42 - 2014-02-19 02:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-16 08:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-16 08:39 - 2016-01-15 09:22 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\DVDVideoSoft
2017-01-16 08:39 - 2014-10-07 12:30 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-16 08:39 - 2014-09-24 13:15 - 00000000 ____D C:\Users\Lubo\AppData\Local\Packages
2017-01-15 19:28 - 2014-09-29 08:48 - 00000000 ____D C:\Users\Lubo\AppData\Local\CrashDumps
2017-01-15 19:22 - 2015-10-08 10:12 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-15 19:20 - 2016-05-13 13:44 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-15 16:29 - 2015-12-28 18:36 - 00000000 ____D C:\Users\Lubo\AppData\LocalLow\Unity
2017-01-15 16:15 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-15 16:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-15 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 15:50 - 2015-09-10 06:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 15:44 - 2016-11-24 13:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-14 15:44 - 2016-11-24 13:47 - 00000000 ____D C:\Program Files\TrueKey
2017-01-14 15:44 - 2016-09-20 04:02 - 05263432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 15:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-14 15:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-14 15:39 - 2016-11-24 14:00 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-01-14 10:33 - 2015-04-20 13:14 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 08:40 - 2015-11-15 12:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-13 08:38 - 2016-09-20 04:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 20:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 19:48 - 2014-09-26 09:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:42 - 2014-09-26 09:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 16:44 - 2016-09-20 04:58 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458729928
2017-01-10 16:44 - 2016-03-23 11:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-09 16:43 - 2015-12-05 09:40 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-09 16:43 - 2015-10-08 10:16 - 00001978 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-09 16:42 - 2016-09-20 04:58 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-09 16:33 - 2014-09-28 22:44 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-09 16:33 - 2014-09-24 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-06 17:39 - 2015-08-07 11:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-01-06 07:19 - 2014-09-26 09:13 - 00000000 ____D C:\Users\Lubo\Documents\fotky
2017-01-04 08:44 - 2015-01-13 15:14 - 00000000 ____D C:\Users\Lubo\Documents\beautyfoto
2017-01-02 13:34 - 2015-10-08 10:12 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-01-02 13:34 - 2015-10-08 10:12 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-01-02 13:33 - 2016-03-23 11:42 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148336047709307
2017-01-02 13:33 - 2015-10-08 10:12 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148336047879610
2017-01-02 13:33 - 2015-10-08 10:12 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148336047982812
2017-01-02 13:33 - 2015-10-08 10:12 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-02 13:33 - 2015-10-08 10:12 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-01 17:15 - 2015-03-31 09:37 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-12-29 13:54 - 2015-01-13 23:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\vlc
2016-12-25 18:19 - 2015-08-27 08:05 - 00031232 _____ C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-25 16:44 - 2014-09-24 13:16 - 00000000 ____D C:\Users\Lubo\AppData\Roaming\Adobe
2016-12-25 16:42 - 2014-09-30 08:04 - 00000000 ____D C:\Users\Lubo\Documents\Adobe
2016-12-25 16:39 - 2016-07-25 17:47 - 00000000 ____D C:\Users\Lubo\Downloads\Adobe Premiere Pro CC 2015 (9.2.0)
2016-12-25 16:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-25 16:32 - 2014-09-26 08:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-25 16:28 - 2014-09-26 09:30 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-25 16:26 - 2014-09-26 08:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-25 16:22 - 2016-08-22 14:35 - 00000000 ___HD C:\adobeTemp
2016-12-24 15:42 - 2016-11-24 14:02 - 00000000 ____D C:\Users\Lubo\AppData\Local\tkdata
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 08:20 - 2016-04-26 14:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-21 08:36 - 2016-09-22 06:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-20 02:40 - 2016-09-20 04:58 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 02:40 - 2016-09-20 04:58 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 02:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-20 01:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories =======
2015-01-15 10:11 - 2016-09-02 15:16 - 0003072 _____ () C:\Users\Lubo\AppData\Roaming\24FotoPrint Prefsv3
2015-02-27 22:10 - 2016-07-29 12:32 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-10-01 08:40 - 2014-10-01 08:42 - 0000132 _____ () C:\Users\Lubo\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2014-11-18 11:32 - 2016-05-17 11:41 - 0001480 _____ () C:\Users\Lubo\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-08-27 08:05 - 2016-12-25 18:19 - 0031232 _____ () C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-03 11:29 - 2015-12-03 11:29 - 0000901 _____ () C:\Users\Lubo\AppData\Local\recently-used.xbel
2015-12-30 13:36 - 2015-12-30 13:36 - 0000017 _____ () C:\Users\Lubo\AppData\Local\resmon.resmoncfg
2014-02-19 02:22 - 2014-02-19 02:22 - 0000000 ____N () C:\ProgramData\DP45977C.lfl
2015-07-31 14:25 - 2015-08-19 10:52 - 0001327 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lubo\Desktop" je 2172 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, vyskakující okna, firefox
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id ... &gp=811037
C:\WINDOWS\System32\Tasks\winkruton
C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Lubo novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\Lubo\Desktop" je 2172 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, vyskakující okna, firefox
Děkuji, s plochu promažu:)
log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by Lubo (17-01-2017 18:37:30) Run:1
Running from C:\Users\Lubo\Desktop
Loaded Profiles: UpdatusUser & Lubo (Available Profiles: UpdatusUser & Lubo & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id ... &gp=811037
C:\WINDOWS\System32\Tasks\winkruton
C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"C:\windows\system32\nvinitx.dll" => Value data removed successfully.
",C:\WINDOWS\system32\nvinitx.dll" => Value data not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Firefox "Keyword.URL" removed successfully
C:\WINDOWS\System32\Tasks\winkruton => moved successfully
C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 5555028 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185402027 B
Java, Flash, Steam htmlcache => 1085 B
Windows/system/drivers => 12788042 B
Edge => 17488 B
Chrome => 0 B
Firefox => 373263479 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14762 B
NetworkService => 0 B
UpdatusUser => 0 B
Lubo => 656961449 B
Guest => 0 B
RecycleBin => 271968 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-01-2017 18:40:16)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 18:40:16 ====
log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by Lubo (17-01-2017 18:37:30) Run:1
Running from C:\Users\Lubo\Desktop
Loaded Profiles: UpdatusUser & Lubo (Available Profiles: UpdatusUser & Lubo & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => No File
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
FF Keyword.URL: Mozilla\Firefox\Profiles\5ozr15b4.default -> hxxp://go.mail.ru/distib/ep/?product_id ... &gp=811037
C:\WINDOWS\System32\Tasks\winkruton
C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"C:\windows\system32\nvinitx.dll" => Value data removed successfully.
",C:\WINDOWS\system32\nvinitx.dll" => Value data not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-3363592213-3403915979-3187532261-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Firefox "Keyword.URL" removed successfully
C:\WINDOWS\System32\Tasks\winkruton => moved successfully
C:\Users\Lubo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 5555028 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185402027 B
Java, Flash, Steam htmlcache => 1085 B
Windows/system/drivers => 12788042 B
Edge => 17488 B
Chrome => 0 B
Firefox => 373263479 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14762 B
NetworkService => 0 B
UpdatusUser => 0 B
Lubo => 656961449 B
Guest => 0 B
RecycleBin => 271968 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-01-2017 18:40:16)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 18:40:16 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, vyskakující okna, firefox
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, vyskakující okna, firefox
Děkuji už je vše ok.
Luboš
Luboš
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, vyskakující okna, firefox
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?