vytíženost HDD 100% bez zjevného duvodu

Zpráva

mlcoch · #1 Příspěvek od **mlcoch** » 29 srp 2016 09:30

Dobrý den.
Synovi jsem přivezl od bráchy výhodnou koupi - teda podle bráchy.... Zkoušel jsem to pročistit vším možným, ale zatím je problém v podstatět nevyřešen. Velmi často se stává, že se PC sekne a HDD jede bez zjevného duvodu na 100%. Test HDD ok, chkdsk ok, ovladače všechny funkční a aktuální.
Napadá vás nějaká varianta, duvod, proč to sekne? Někdy na startu, někdy během her nebo i po hodině spuštění... Někdy to jede den bez potíží....
do přílohy dávám speccy, snad z toho vyčtete vše potřebné

#2 Příspěvek od **Rudy** » 29 srp 2016 17:34

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

mlcoch · #3 Příspěvek od **mlcoch** » 30 srp 2016 11:38

uff, to je celkem jednoduché, s tím AVG - už na druhý den a pár pokusu s ruznymi web.prohlížeči..., ty desítky já prostě nemám rád
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-08-2016
Ran by Mira (30-08-2016 12:30:01)
Running from C:\Users\Mira\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-08-30 08:33:45)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2487398549-2658544685-4156905006-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2487398549-2658544685-4156905006-503 - Limited - Disabled)
fmlco (S-1-5-21-2487398549-2658544685-4156905006-1002 - Limited - Enabled)
Guest (S-1-5-21-2487398549-2658544685-4156905006-501 - Limited - Disabled)
Mira (S-1-5-21-2487398549-2658544685-4156905006-1000 - Administrator - Enabled) => C:\Users\Mira

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden
602PC SUITE (HKLM\...\{6DFC4B13-4489-4A59-AF95-12628A86FA76}) (Version: 4.0.03.1114 - Software602 a. s. (hxxp://www.602.cz/))
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak (HKLM\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Suite 4 Design Premium (HKLM\...\Adobe_9e18dc90ff20e45c0662c733e20a10d) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{3A6829EF-0791-4FDD-9382-C690DD0821B9}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4649 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.2.5.441 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.011.0000 - Corel Corporation)
CorelDRAW Graphics Suite X3 (HKLM\...\{63218538-4A69-497F-8455-904261B0E9E4}) (Version: 13.0 - Corel Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
EN (Version: 13.0 - Corel Corporation) Hidden
FMW 1 (Version: 1.122.3 - AVG Technologies) Hidden
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
FontNav (Version: 5.0 - Corel Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Heroes of Might and Magic V (HKLM\...\{9B22D57A-5338-49A5-AC08-70FE3E8B878B}) (Version: 1.6 - Ubisoft)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 3.0 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - teorex)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Mega Codec Pack 11.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LibreOffice 5.0.1.2 (HKLM\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Macrorit Disk Partition Expert Professional 2016 (HKLM\...\Macrorit_MDE) (Version: 2016 - Macrorit Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minecraft1.8.8 (HKLM\...\Minecraft1.8.8) (Version: - )
Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 47.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 47.0.1 (x86 cs)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM\...\{33ef6166-ff67-4e08-96d3-5207c946845c}) (Version: - Nero AG)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pinnacle Studio 15 (HKLM\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
S4 League (HKLM\...\S4 League) (Version: - )
Seznam Software (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SoundTrax (Version: 4.0.18.0 - Nero AG) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unity Web Player (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VBA (Version: 6.2 - Corel Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WashAndGo (HKLM\...\WashAndGo_is1) (Version: 19.3 - Abelssoft)
Win10 PrivacyFix (HKLM\...\{EFF218A1-EBF1-4EE2-8BAE-86D0E04B4F0F}_is1) (Version: 1.2 - Abelssoft)
Windows Phone app for desktop (HKLM\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Care 365 3.98 (HKLM\...\Wise Care 365_is1) (Version: 3.98 - WiseCleaner.com, Inc.)
XnView 2.13 (HKLM\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Mira\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{5B004CDE-0211-469C-B9B5-0552E7E63917}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{77D8C8C7-6B46-4429-B876-DBC006C96EB1}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{CD37ED08-860C-4B86-AD25-5587D8386587}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EF1E84-77D4-4DF7-9475-6FD99D5B1F39} - System32\Tasks\{665E3CBA-E7F6-4EDC-BB25-7DCFCEFE077E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {0D45454A-7AB7-4D36-93FE-32502669381A} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {1BDA451C-9FA0-4319-B359-60A7B4868DD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {25BB3BE2-B62A-48E9-B875-A51A9314097E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {2AFFD1CC-2C18-40DC-9E60-7EA0DB234EF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {3945D70F-84A5-4EF7-A379-C40C7AAE3570} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3C4E003B-B177-428A-AC02-7F072837B395} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {48633E02-CE5C-4179-97F4-CC54FC08A28E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {510DEC16-7E06-46D4-98EE-EA7E49C113C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {554CD5B7-34FF-4D36-820C-147D27F0CB76} - System32\Tasks\{6DBF81B7-D471-44E0-9418-6B5C50FE82A8} => Firefox.exe hxxp://ui.skype.com/ui/0/7.24.0.104/cs/abandoninstall?page=tsProgressBar
Task: {6B8EAFE7-44C4-43C0-A0A0-5F0302088FD3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6F2BD6E1-69D4-4DDC-9F58-E39B0C7798CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {869DF4F5-91E1-4AB7-BE1C-ABFDBF17ACBD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8A2D296B-3CD0-4D43-B1D7-B54BE1C617B3} - System32\Tasks\{9B615C76-02D0-497E-93B1-5FB48714DA7F} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {9788FDA8-8D55-4C32-895D-37E5F97D46AE} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI)
Task: {A9DA4677-F45B-49A7-BCE4-847A0904F729} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C28588F5-942E-4D28-BDF3-CF0CF096F84E} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2016-03-14] (WiseCleaner.com)
Task: {C7A84F44-8045-43C9-8A83-E0DF32334140} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {CA3CF3F3-CC67-47AC-991F-38AAB7A444C9} - System32\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2016-03-04] (WiseCleaner.com)
Task: {CB6E75DD-7431-4E0D-977B-1523949283D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {CFF17F86-D59E-40ED-B303-C516A3C0BAE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-24] (Google Inc.)
Task: {D6B27849-48C3-429E-9AF9-843857E210B2} - System32\Tasks\AbelssoftPreloader => C:\Program Files\WashAndGo\AbelssoftPreloader.exe [2015-11-09] (Microsoft)
Task: {DF34F020-8B6F-40A4-A8CF-F5E0834CC29A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-24] (Google Inc.)
Task: {E3A29CAF-41B0-4891-8CCF-D01CC98F79D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CE9E5A-7946-46EA-BA3B-C4D2E0E02B08} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E51242E1-1998-42D7-81CC-68D78663FA49} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E5242D20-6BFC-49B7-9A6C-A5E13E8D4EBA} - System32\Tasks\InstallShield Update Service => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11] (Macrovision Corporation)
Task: {F06A65CE-669A-45B4-B64A-CBEFFFC19DB5} - System32\Tasks\{788014A7-8459-446C-90C9-8F60CD3DECAE} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {F0820B74-10E2-4BEA-864C-486553E714E2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Mira\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00122936 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-12-19 19:16 - 2016-01-12 06:43 - 00222144 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-07-16 10:25 - 2016-07-16 10:25 - 00109056 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01741824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-29 11:03 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2016-02-21 19:21 - 2016-04-08 12:37 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-06-02 09:04 - 2013-10-21 11:00 - 00847360 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2016-06-02 09:04 - 2013-06-28 14:50 - 01411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-06-02 09:04 - 2013-06-28 14:48 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-06-02 09:04 - 2013-06-28 14:48 - 00138752 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2016-06-02 09:04 - 2013-06-28 14:48 - 00115712 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2016-08-30 12:21 - 2016-08-30 12:21 - 00679624 _____ () C:\Users\Mira\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2016-02-23 10:03 - 00002790 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 www.msftncsi.com
127.0.0.1 pre.footprintpredict.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 az361816.vo.msecnd.net
127.0.0.1 az512334.vo.msecnd.net
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 corp.sts.microsoft.com
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 diagnostics.support.microsoft.com
127.0.0.1 fe2.update.microsoft.com.akadns.net
127.0.0.1 feedback.microsoft-hohm.com
127.0.0.1 feedback.search.microsoft.com
127.0.0.1 feedback.windows.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 preview.msn.com
127.0.0.1 rad.msn.com
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com

There are 19 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mira\Desktop\Ekko-Classic-Wallpaper.jpg
DNS Servers: 212.80.66.7 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: vToolbarUpdater40.2.5 => 3
MSCONFIG\Services: WtuSystemSupport => 2
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run: => "AdobeCS4ServiceManager"
HKLM\...\StartupApproved\Run: => "Adobe_ID0ENQBO"
HKLM\...\StartupApproved\Run: => "Corel File Shell Monitor"
HKLM\...\StartupApproved\Run: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "USBToolTip"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run: => "Aeria Ignite"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{A18C8515-2CCD-4140-B614-7D9B07AB80A5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A626F7C5-9B58-4065-B41E-6D8776E926AD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{59027305-DDC3-4E42-93F8-435CFB4AB9B2}] => (Allow) LPort=1688
FirewallRules: [{A0B5FF12-640C-491C-A679-6EB9BC980783}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{A5273765-B059-46E0-8C77-4B578711059E}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{40CCD5EF-5700-4E3D-8D2D-541F718C38FE}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B68A10E4-7817-4EF3-8E02-58B0410F8912}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{C8CF7C0C-2244-4C82-BDA7-AEF50F5AAFAA}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{580FE24C-30B8-46D5-8328-28C14A0D29E6}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{52934208-DB73-4045-B4AE-3CE07F5200B9}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D1A27232-2866-405C-BB93-E97BD0E4B748}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{CF22D9B4-5B4B-4136-82BD-BDAAD6464251}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{AE0B4134-3D83-4F3C-BCE7-26E6F848D18F}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{CF131C78-E1B7-40CD-97C3-367EC8CC08DA}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A86B61CF-32EF-4CB2-AEE7-8DE3426CEEFD}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{9765E7CF-EBC9-4D48-973F-1489239965A9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{DFD41AF3-FC83-4736-A86C-5C07F7A65187}C:\users\mira\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mira\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D25809DB-D589-4C8F-9957-EAC8F330FE8D}C:\users\mira\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mira\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{F22F484C-615C-4DDC-B4C5-16466A97B86B}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{9D02115B-C3AD-49B4-97D4-6EDC9767B7D6}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{6D4B5A1F-AF35-4DF5-B6D7-5FA6560E42EF}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{B3E96103-8651-4CF2-8BE8-4EBDF1F6F72D}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{332BC202-0F7B-42F2-BDE2-5C1D0D81ABE1}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{C3BEC62B-B3F4-41A3-A0A0-E623B24867C6}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{90295D48-3E89-41D4-8FFA-CEE59FD0FE79}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9BEB81C5-C673-4FBD-B8F2-AB10EE336975}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A80A073C-BC89-4F15-B205-3A4C94F0D02C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{5B21BE89-9D71-4841-B07A-EFEC7DF48467}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5692DE70-C5E5-489A-ACA1-D76D45CB9898}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1CF6CAA7-46E6-40D4-BB0E-7215FE445E5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D7C86355-FD18-435C-8EBC-B966DF9792A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5DCD237D-66E7-4600-BEC8-BAC661C223F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{733AA5A3-4239-4E38-BA1E-51407C627920}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61C0FD7B-559F-48F8-87EF-E370CD094666}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A8BCB202-4C11-472D-B256-98D4F0111F47}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{061EA1DF-432C-4B75-A4D8-A25ECAC8B7F9}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{F470C9A1-8152-4C07-B3E2-18863068CBF8}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{11A924EB-F3A3-4FC8-A6CD-20CC902F5798}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{2FF34E3B-AA25-4BBD-BBFD-A8545B5F3D1E}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{6807DAE4-5FB7-4A5B-B96E-F53DB5D06D31}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{AA47B5C3-3D0D-4D52-BBD3-25469CE7BA40}] => (Allow) LPort=1689
FirewallRules: [{54B17101-006A-4312-84E9-A608FBD12ADD}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{30A25356-45A8-422A-99EF-6B76FAFCE389}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{804D365D-52B3-47D3-845F-307614565FAF}] => (Allow) LPort=5353
FirewallRules: [{882E8B9C-CB67-44A7-ABFB-77A7052A6BFD}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{E6AF63D4-B897-4E14-8852-930732A3E415}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{E0C8438F-0A5C-42BD-B436-D4B62DAAEE0E}] => (Allow) LPort=3703
FirewallRules: [{76F743A6-7999-4E76-832A-B38F9F8F0E80}] => (Allow) LPort=3704
FirewallRules: [{42EB4761-51F9-4463-8A2B-43684304402B}] => (Allow) LPort=51000
FirewallRules: [{416E4D8D-5364-46D5-870A-D5AE274A786F}] => (Allow) LPort=51001
FirewallRules: [{763A39AC-0ABC-419A-9E43-A16FD8EB6FAE}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{63717B8E-17D6-4E9D-9BF9-206443324D70}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{007ED154-64C6-4BB4-B2D4-1384A01BD7AD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{38EA6656-AE60-48B3-8474-F132719B14F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A993BBBF-CCF7-4BEE-A46A-D6ABAEE1E205}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2016 12:29:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mira-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/30/2016 12:24:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mira-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/30/2016 12:22:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.14393.0, časové razítko: 0x57899179
Název chybujícího modulu: MessagingNativeCore.dll, verze: 2.19.1607.1001, časové razítko: 0x5776e7d8
Kód výjimky: 0xc0000005
Posun chyby: 0x001043cf
ID chybujícího procesu: 0x1ee8
Čas spuštění chybující aplikace: 0x01d202a863f745ec
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
ID zprávy: 40d0df2f-9324-4c4a-9432-1905a38a6262
Úplný název chybujícího balíčku: Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x27e26f40ye031y48a6yb130yd1f20388991ax

Error: (08/30/2016 12:20:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mira-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/30/2016 11:57:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mira-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023673. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/30/2016 11:50:22 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (08/30/2016 11:50:22 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (08/30/2016 11:50:22 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (08/30/2016 10:49:39 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (08/30/2016 10:49:39 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

System errors:
=============
Error: (08/30/2016 12:24:13 PM) (Source: DCOM) (EventID: 10016) (User: Mira-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
a APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
uživateli Mira-PC\Mira (SID: S-1-5-21-2487398549-2658544685-4156905006-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe – SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:22:49 PM) (Source: DCOM) (EventID: 10016) (User: Mira-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli Mira-PC\Mira (SID: S-1-5-21-2487398549-2658544685-4156905006-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:22:21 PM) (Source: DCOM) (EventID: 10016) (User: Mira-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli Mira-PC\Mira (SID: S-1-5-21-2487398549-2658544685-4156905006-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:22:19 PM) (Source: DCOM) (EventID: 10016) (User: Mira-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli Mira-PC\Mira (SID: S-1-5-21-2487398549-2658544685-4156905006-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:21:23 PM) (Source: DCOM) (EventID: 10016) (User: Mira-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli Mira-PC\Mira (SID: S-1-5-21-2487398549-2658544685-4156905006-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:17:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/30/2016 12:04:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér naslouchání Net.Msmq neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/30/2016 12:03:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NetMsmqActivator bylo dosaženo časového limitu (30000 ms).

Error: (08/30/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetPipeActivator neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/30/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NetPipeActivator bylo dosaženo časového limitu (30000 ms).

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 40%
Total physical RAM: 3326.49 MB
Available physical RAM: 1973.34 MB
Total Virtual: 6654.49 MB
Available Virtual: 4897.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.07 GB) (Free:61.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E776E776)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

#4 Příspěvek od **Rudy** » 30 srp 2016 17:18

Dal jste oba logy Addition. Prosím o log FRST.

mlcoch · #5 Příspěvek od **mlcoch** » 01 zář 2016 12:15

ještě se dívám, že když se spustí správce úloh, HDD je třeba na 99% a přitom je tam 5 - 10 spuštěných věcí s celkovým aktuálním odběrem cca 4,5 MB/S - že by HHD s chybičkou?
Pak už to hodilo jen níže ...
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-08-2016
Ran by Mira (administrator) on MIRA-PC (30-08-2016 12:28:17)
Running from C:\Users\Mira\Desktop
Loaded Profiles: Mira (Available Profiles: Mira & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Mira\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcfgex.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12336856 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-07-06]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.80.66.7 192.168.1.1
Tcpip\..\Interfaces\{3d16d2c0-5149-47da-bf9c-df145989793c}: [DhcpNameServer] 212.80.66.7 192.168.1.1
Tcpip\..\Interfaces\{709c8525-a492-4022-b045-dc624e00b995}: [DhcpNameServer] 212.80.66.7 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {04EEC9C3-9E16-4AAF-AFE7-7B230089A9E6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {2177A454-9D70-443B-90AA-30A62897BBBF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {22986DAA-3968-4995-AE87-38059BDA5E4C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {6E596E1B-066E-41AF-BB14-EE03BA67E320} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {7F6B0DC4-7C43-4A33-BA10-CDC21EDEA009} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1F69EE09-6F5D-4120-B0E7-61D37050554E}&mid=e635c2c5595147cda122d1530bb1a2ce-f3a57c4ebe43fa9c77a7acf191b882f846c2a25a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-11-04 22:01:36&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {9C40566E-E2F5-4C17-99C0-65B2F717E15D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {A29A0A13-56CA-4FC9-BC3C-74C6EE786F48} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {B54FF70F-B089-49E5-A9FA-143B423BF310} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {D4178867-FDC2-4D21-8A17-3B5855E24F56} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-14] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2487398549-2658544685-4156905006-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mira\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\searchplugins\avg-secure-search.xml [2016-02-14]
FF Extension: (QuickJava) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-08-29]
FF Extension: (Diagnostics for Adblock Plus) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\Extensions\abpwatcher@adblockplus.org.xpi [2016-05-09]
FF Extension: (Adblock Plus) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-09]
FF Extension: (Skype) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://jiblfdgfgcnpigdkdincmfamoknecagc/stubby.html", "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Dokumenty Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Disk Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-12-17]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-14]
CHR Extension: (YouTube) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Tabulky Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (MSN Homepage) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2015-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (FreeRadioCast) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc [2016-08-15]
CHR Extension: (Skype) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-12-17]
CHR Extension: (Gmail) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [911120 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [929728 2016-01-12] (NVIDIA Corporation)
S3 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1897480 2016-04-05] (LogMeIn Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S4 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2016-04-05] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5178816 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-07-16] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [File not signed]
S4 vToolbarUpdater40.2.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe [1936968 2016-02-02] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)
S4 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-02] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\WINDOWS\System32\drivers\athuw8.sys [2193408 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-09-29] (Disc Soft Ltd)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [38512 2015-11-12] (LogMeIn Inc.)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [44032 2016-05-20] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [25536 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13368 2016-08-29] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo32.dll [13264 2016-04-23] (wisecleaner.com)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65768 2016-05-23] (Wellbia.com)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-30 12:28 - 2016-08-30 12:29 - 00022159 _____ C:\Users\Mira\Desktop\FRST.txt
2016-08-30 12:27 - 2016-08-30 12:28 - 00000000 ____D C:\FRST
2016-08-30 12:27 - 2016-08-30 12:27 - 00000000 ____D C:\Users\Mira\Desktop\FRST-OlderVersion
2016-08-30 11:58 - 2016-08-30 11:58 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-30 11:53 - 2016-08-30 11:53 - 00000000 ____D C:\ProgramData\USOShared
2016-08-30 11:52 - 2016-08-30 11:52 - 00000020 ___SH C:\Users\Mira\ntuser.ini
2016-08-30 11:52 - 2016-08-30 11:52 - 00000000 ____D C:\Users\Mira\AppData\Local\ConnectedDevicesPlatform
2016-08-30 10:48 - 2016-08-30 10:33 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 10:43 - 2016-08-30 10:43 - 00000000 ____D C:\Windows.old
2016-08-30 10:43 - 2016-08-30 10:43 - 00000000 ____D C:\Program Files\CMAK
2016-08-30 10:42 - 2016-08-30 10:42 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-30 10:42 - 2016-08-30 10:42 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-30 10:42 - 2016-08-30 10:42 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01898848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-30 10:42 - 2016-08-30 10:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-30 10:41 - 2016-07-15 19:45 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-30 10:41 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-30 10:41 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-30 10:40 - 2016-08-30 10:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-30 10:36 - 2016-08-30 10:36 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-30 10:36 - 2016-08-30 10:36 - 00000000 ____D C:\inetpub
2016-08-30 10:36 - 2016-08-30 10:13 - 00000000 ____D C:\Program Files\MSBuild
2016-08-30 10:36 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-30 10:36 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-30 10:36 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-30 10:30 - 2016-08-30 10:32 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-30 10:30 - 2016-08-30 10:32 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-30 10:27 - 2016-08-30 10:27 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-08-30 10:24 - 2016-08-30 12:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-30 10:12 - 2016-08-30 10:12 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-30 10:03 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-30 10:01 - 2016-08-30 10:13 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-30 09:58 - 2016-08-30 12:05 - 00000000 ____D C:\Users\Mira
2016-08-30 09:58 - 2016-08-30 10:21 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Šablony
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Soubory cookie
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Poslední
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Okolní tiskárny
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Okolní síť
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Nabídka Start
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Dokumenty
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Obrázky
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Hudba
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Filmy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\AppData\Local\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-30 09:57 - 2016-08-30 12:09 - 01511408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-30 09:53 - 2016-08-30 10:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-30 09:53 - 2016-08-30 09:53 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-08-30 09:53 - 2016-08-30 09:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-30 09:53 - 2016-01-23 02:20 - 03946432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 02589632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-30 09:53 - 2016-01-23 02:20 - 00437816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-30 09:53 - 2016-01-21 20:32 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-30 09:52 - 2016-08-30 10:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 09:52 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-30 09:50 - 2016-08-30 12:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-30 09:50 - 2016-08-30 09:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-30 09:49 - 2016-08-30 12:02 - 02402984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-29 10:30 - 2016-08-30 12:27 - 01747968 _____ (Farbar) C:\Users\Mira\Desktop\FRST.exe
2016-08-29 10:23 - 2016-08-29 10:23 - 00277424 ____T C:\Users\Mira\Desktop\pc.pdf
2016-08-29 10:23 - 2016-08-29 10:23 - 00000000 ____D C:\Users\Mira\AppData\LocalLow\Temp
2016-08-29 10:21 - 2016-08-29 10:22 - 00099581 _____ C:\Users\Mira\Desktop\MIRA-PC.txt
2016-08-29 10:04 - 2016-08-29 10:04 - 00000000 ____D C:\Program Files\Speccy
2016-08-29 10:03 - 2016-08-29 10:03 - 05111240 _____ (Piriform Ltd) C:\Users\Mira\Downloads\spsetup129.exe
2016-08-29 09:12 - 2016-08-29 09:12 - 00000528 _____ C:\WINDOWS\mde.lkeys
2016-08-29 09:11 - 2016-08-30 10:13 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Disk Partition Expert Professional
2016-08-29 09:11 - 2016-08-29 09:11 - 04077672 _____ (Macrorit Inc.) C:\Users\Mira\Downloads\partition-expert-pro_chip_full.exe
2016-08-29 09:11 - 2016-08-29 09:11 - 00000000 ____D C:\Program Files\Macrorit
2016-08-29 09:05 - 2016-08-29 09:05 - 00000000 ____D C:\Users\Mira\AppData\Local\BlueStacks
2016-08-28 12:27 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\Synaptics
2016-08-28 12:27 - 2016-08-28 12:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-28 12:24 - 2016-08-28 12:24 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-08-28 12:21 - 2016-08-29 08:55 - 00013368 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-08-28 12:21 - 2016-08-28 12:21 - 00000000 ____D C:\Users\Mira\AppData\Local\SlimWare Utilities Inc
2016-08-28 12:20 - 2016-08-28 12:20 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\Mira\Downloads\SlimDrivers-setup.exe
2016-08-28 12:20 - 2016-08-28 12:20 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-08-28 12:15 - 2016-08-28 12:15 - 00000000 ____D C:\ProgramData\XDMessagingv4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-30 12:22 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-30 12:22 - 2016-02-11 17:34 - 00002388 _____ C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-30 12:22 - 2016-02-11 17:34 - 00000000 ___RD C:\Users\Mira\OneDrive
2016-08-30 12:21 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-30 12:21 - 2016-02-11 17:25 - 00000000 ____D C:\Users\Mira\AppData\Local\Packages
2016-08-30 12:18 - 2016-04-23 09:39 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Wise Care 365
2016-08-30 12:09 - 2016-07-16 19:01 - 00436204 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-30 12:09 - 2016-07-16 19:01 - 00088614 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-30 12:03 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2016-08-30 12:01 - 2016-02-14 14:48 - 00000000 ____D C:\ProgramData\MFAData
2016-08-30 12:00 - 2016-07-16 04:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-30 11:53 - 2016-07-16 10:29 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-30 11:52 - 2016-02-11 17:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-30 10:48 - 2016-07-16 10:30 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-30 10:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-30 10:43 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-30 10:41 - 2016-07-16 19:01 - 00000000 ____D C:\WINDOWS\OCR
2016-08-30 10:37 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-30 10:37 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-30 10:36 - 2016-07-16 10:26 - 01003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-30 10:36 - 2016-07-16 10:26 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-30 10:35 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2016-08-30 10:32 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows NT
2016-08-30 10:30 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-30 10:30 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Registration
2016-08-30 10:30 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-30 10:24 - 2016-02-11 17:10 - 00021592 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-30 10:23 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Media
2016-08-30 10:22 - 2016-07-16 10:29 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-30 10:21 - 2016-07-16 10:29 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-30 10:13 - 2016-07-16 04:22 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-08-30 10:13 - 2016-06-02 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-08-30 10:13 - 2016-04-23 09:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-30 10:13 - 2016-04-23 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-08-30 10:13 - 2016-04-19 13:48 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-08-30 10:13 - 2016-04-07 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-30 10:13 - 2016-03-29 14:17 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-30 10:13 - 2016-03-29 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-30 10:13 - 2016-02-23 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-08-30 10:13 - 2016-02-21 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WashAndGo
2016-08-30 10:13 - 2016-02-14 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-30 10:13 - 2016-02-12 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-30 10:13 - 2015-12-02 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-08-30 10:13 - 2015-10-30 17:10 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-30 10:13 - 2015-09-30 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-08-30 10:13 - 2015-09-30 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS4
2016-08-30 10:13 - 2015-09-30 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X3
2016-08-30 10:13 - 2015-09-30 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Paint Shop Pro Photo X2
2016-08-30 10:13 - 2015-09-29 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-08-30 10:13 - 2015-09-29 14:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-08-30 10:13 - 2015-09-29 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-08-30 10:13 - 2015-09-29 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-08-30 10:13 - 2015-09-29 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-30 10:13 - 2015-09-29 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2016-08-30 10:13 - 2015-09-29 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-08-30 10:13 - 2015-09-29 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-30 10:13 - 2015-09-29 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\602PC SUITE
2016-08-30 10:13 - 2015-09-29 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
2016-08-30 10:13 - 2015-09-29 10:48 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-08-30 10:13 - 2015-09-29 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-30 10:13 - 2015-09-29 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-30 10:13 - 2015-09-29 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-30 10:12 - 2016-07-16 10:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-30 10:12 - 2015-10-30 07:13 - 00000000 ____D C:\Users\Default.migrated
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\schemas
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-30 10:04 - 2016-02-16 17:42 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-08-30 10:04 - 2015-09-25 07:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-30 10:03 - 2016-04-23 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-30 10:03 - 2016-03-08 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-30 10:03 - 2016-02-16 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-08-30 10:03 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-08-30 10:00 - 2016-02-16 17:57 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-08-30 09:57 - 2016-07-16 04:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-30 09:54 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-30 09:54 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-30 09:54 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-30 09:53 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Help
2016-08-30 09:07 - 2016-07-16 19:41 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-29 20:29 - 2015-09-30 19:24 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Skype
2016-08-29 10:04 - 2016-04-23 09:38 - 00000000 ____D C:\Users\Mira\Desktop\servis
2016-08-29 09:06 - 2016-04-10 15:04 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-08-29 09:00 - 2015-12-17 23:29 - 00000000 ____D C:\ProgramData\TEMP
2016-08-29 09:00 - 2015-09-29 10:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-08-28 17:06 - 2016-02-14 19:16 - 00000000 ____D C:\Users\Mira\AppData\Roaming\.minecraft
2016-08-28 12:15 - 2016-02-21 20:39 - 00000000 ____D C:\Users\Mira\AppData\Local\Abelssoft
2016-08-12 14:50 - 2015-09-25 07:34 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-10-03 21:28 - 2016-07-10 13:39 - 0000203 _____ () C:\Users\Mira\AppData\Roaming\default.rss
2015-09-25 15:34 - 2015-09-25 15:34 - 0007601 _____ () C:\Users\Mira\AppData\Local\Resmon.ResmonCfg
2016-02-14 17:17 - 2016-02-14 17:17 - 0000189 _____ () C:\ProgramData\1455463048.1816.bin
2016-02-14 17:17 - 2016-02-14 17:17 - 0086822 _____ () C:\ProgramData\1455463048.3380.bin
2016-02-14 17:17 - 2016-02-14 17:17 - 0000462 _____ () C:\ProgramData\1455463048.4528.bin
2015-09-30 11:18 - 2015-09-30 11:18 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: {0D45454A-7AB7-4D36-93FE-32502669381A} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {CA3CF3F3-CC67-47AC-991F-38AAB7A444C9} - System32\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2016-03-04] (WiseCleaner.com)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Mira\Desktop" je 6196 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 01 zář 2016 17:23

Otevřte poznámkový blok a zkopírujte do něj:

Start
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1F69EE09-6F5D-4120-B0E7-61D37050554E}&mid=e635c2c5595147cda122d1530bb1a2ce-f3a57c4ebe43fa9c77a7acf191b882f846c2a25a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-11-04 22:01:36&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
U3 idsvc; no ImagePath
Akamai NetSession Interface (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Task: {1BDA451C-9FA0-4319-B359-60A7B4868DD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AFFD1CC-2C18-40DC-9E60-7EA0DB234EF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {3945D70F-84A5-4EF7-A379-C40C7AAE3570} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3C4E003B-B177-428A-AC02-7F072837B395} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {48633E02-CE5C-4179-97F4-CC54FC08A28E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {510DEC16-7E06-46D4-98EE-EA7E49C113C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6B8EAFE7-44C4-43C0-A0A0-5F0302088FD3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6F2BD6E1-69D4-4DDC-9F58-E39B0C7798CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {869DF4F5-91E1-4AB7-BE1C-ABFDBF17ACBD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9DA4677-F45B-49A7-BCE4-847A0904F729} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3A29CAF-41B0-4891-8CCF-D01CC98F79D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CE9E5A-7946-46EA-BA3B-C4D2E0E02B08} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E51242E1-1998-42D7-81CC-68D78663FA49} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F0820B74-10E2-4BEA-864C-486553E714E2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [127]

ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

mlcoch · #7 Příspěvek od **mlcoch** » 02 zář 2016 08:05

hmm, tak nanovo - avg to smázl jako vir - takže to dělat bez AVG ...

mlcoch · #8 Příspěvek od **mlcoch** » 02 zář 2016 08:08

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Mira (02-09-2016 09:01:58) Run:3
Running from C:\Users\Mira\Desktop
Loaded Profiles: Mira (Available Profiles: Mira & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1F69EE09-6F5D-4120-B0E7-61D37050554E}&mid=e635c2c5595147cda122d1530bb1a2ce-f3a57c4ebe43fa9c77a7acf191b882f846c2a25a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-11-04 22:01:36&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
U3 idsvc; no ImagePath
Akamai NetSession Interface (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Task: {1BDA451C-9FA0-4319-B359-60A7B4868DD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AFFD1CC-2C18-40DC-9E60-7EA0DB234EF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {3945D70F-84A5-4EF7-A379-C40C7AAE3570} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3C4E003B-B177-428A-AC02-7F072837B395} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {48633E02-CE5C-4179-97F4-CC54FC08A28E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {510DEC16-7E06-46D4-98EE-EA7E49C113C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6B8EAFE7-44C4-43C0-A0A0-5F0302088FD3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6F2BD6E1-69D4-4DDC-9F58-E39B0C7798CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {869DF4F5-91E1-4AB7-BE1C-ABFDBF17ACBD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9DA4677-F45B-49A7-BCE4-847A0904F729} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3A29CAF-41B0-4891-8CCF-D01CC98F79D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CE9E5A-7946-46EA-BA3B-C4D2E0E02B08} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E51242E1-1998-42D7-81CC-68D78663FA49} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F0820B74-10E2-4BEA-864C-486553E714E2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [127]

ResetHosts:
End
*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key not found.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
"C:\Program Files\Skype\Toolbars" => not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
Chrome DefaultSearchURL => not found.
Chrome DefaultSearchKeyword => not found.
c2cautoupdatesvc => service not found.
c2cpnrsvc => service not found.
idsvc => service not found.
Akamai NetSession Interface (HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Akamai) (Version: - Akamai Technologies, Inc) => Error: No automatic fix found for this entry.
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BDA451C-9FA0-4319-B359-60A7B4868DD3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AFFD1CC-2C18-40DC-9E60-7EA0DB234EF9} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3945D70F-84A5-4EF7-A379-C40C7AAE3570} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C4E003B-B177-428A-AC02-7F072837B395} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48633E02-CE5C-4179-97F4-CC54FC08A28E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{510DEC16-7E06-46D4-98EE-EA7E49C113C5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B8EAFE7-44C4-43C0-A0A0-5F0302088FD3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F2BD6E1-69D4-4DDC-9F58-E39B0C7798CD} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869DF4F5-91E1-4AB7-BE1C-ABFDBF17ACBD} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9DA4677-F45B-49A7-BCE4-847A0904F729} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A29CAF-41B0-4891-8CCF-D01CC98F79D6} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CE9E5A-7946-46EA-BA3B-C4D2E0E02B08} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E51242E1-1998-42D7-81CC-68D78663FA49} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0820B74-10E2-4BEA-864C-486553E714E2} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.
"C:\ProgramData\TEMP" => ":39413AC3" ADS not found.
ResetHosts: => Error: No automatic fix found for this entry.

==== End of Fixlog 09:02:02 ====

#9 Příspěvek od **Rudy** » 02 zář 2016 17:25

Nějak nám to nemazalo. Zkuste to ještě jednou, ale s vypnutým antivirem.

mlcoch · #10 Příspěvek od **mlcoch** » 04 zář 2016 15:48

čistě jen FIX byl stejný- tj. not found u všech položek, takže jsem provedl od začátku scan - níže, kdyby bylo třeba vytvořit nové jiné příkazy pro FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Mira (administrator) on MIRA-PC (04-09-2016 16:35:44)
Running from C:\Users\Mira\Desktop
Loaded Profiles: Mira (Available Profiles: Mira & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Mira\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x86__kzf8qxf38zg5c\SkypeHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12336856 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5299984 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-07-06]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.80.66.7 192.168.1.1
Tcpip\..\Interfaces\{3d16d2c0-5149-47da-bf9c-df145989793c}: [DhcpNameServer] 212.80.66.7 192.168.1.1
Tcpip\..\Interfaces\{709c8525-a492-4022-b045-dc624e00b995}: [DhcpNameServer] 212.80.66.7 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {04EEC9C3-9E16-4AAF-AFE7-7B230089A9E6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {2177A454-9D70-443B-90AA-30A62897BBBF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {22986DAA-3968-4995-AE87-38059BDA5E4C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {6E596E1B-066E-41AF-BB14-EE03BA67E320} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {7F6B0DC4-7C43-4A33-BA10-CDC21EDEA009} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {9C40566E-E2F5-4C17-99C0-65B2F717E15D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {A29A0A13-56CA-4FC9-BC3C-74C6EE786F48} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {B54FF70F-B089-49E5-A9FA-143B423BF310} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-2487398549-2658544685-4156905006-1000 -> {D4178867-FDC2-4D21-8A17-3B5855E24F56} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-14] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2487398549-2658544685-4156905006-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mira\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\searchplugins\avg-secure-search.xml [2016-02-14]
FF Extension: (QuickJava) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-08-29]
FF Extension: (Diagnostics for Adblock Plus) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\Extensions\abpwatcher@adblockplus.org.xpi [2016-05-09]
FF Extension: (Firefox Hotfix) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Adblock Plus) - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\hqpns6tf.default-1452840171661\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-09]
FF Extension: (Skype) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://jiblfdgfgcnpigdkdincmfamoknecagc/stubby.html", "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Dokumenty Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Disk Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-12-17]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-14]
CHR Extension: (YouTube) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Tabulky Google) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (MSN Homepage) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2015-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (FreeRadioCast) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc [2016-08-15]
CHR Extension: (Skype) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-12-17]
CHR Extension: (Gmail) - C:\Users\Mira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2487398549-2658544685-4156905006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639832 2016-07-28] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4097280 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [911120 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [632632 2016-07-28] (AVG Technologies CZ, s.r.o.)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [929728 2016-01-12] (NVIDIA Corporation)
S3 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1897480 2016-04-05] (LogMeIn Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S4 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2016-04-05] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5178816 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-07-16] (Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [File not signed]
S4 vToolbarUpdater40.2.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe [1936968 2016-02-02] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)
S4 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-02] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\WINDOWS\System32\drivers\athuw8.sys [2193408 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [201472 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-09-29] (Disc Soft Ltd)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [38512 2015-11-12] (LogMeIn Inc.)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [44032 2016-05-20] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [25536 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13368 2016-08-29] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo32.dll [13264 2016-04-23] (wisecleaner.com)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65768 2016-05-23] (Wellbia.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 16:35 - 2016-09-04 16:36 - 00020567 _____ C:\Users\Mira\Desktop\FRST.txt
2016-09-02 09:00 - 2016-09-02 09:00 - 01747968 _____ (Farbar) C:\Users\Mira\Desktop\FRST.exe
2016-09-02 08:44 - 2016-09-04 16:23 - 02402984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-01 13:23 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 13:23 - 2016-08-20 07:32 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 13:23 - 2016-08-20 07:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 13:23 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 13:23 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 13:23 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 13:23 - 2016-08-20 07:06 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 13:23 - 2016-08-20 07:04 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 13:23 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 13:23 - 2016-08-20 07:01 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 13:23 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 13:23 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 13:23 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 13:23 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 13:23 - 2016-08-20 06:49 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 13:23 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-01 13:23 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-01 13:23 - 2016-08-06 05:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-01 13:23 - 2016-08-06 05:38 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-01 13:23 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-01 13:23 - 2016-08-06 05:25 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 13:22 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 13:22 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 13:22 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 13:22 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 13:22 - 2016-08-27 06:21 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 13:22 - 2016-08-20 08:15 - 01144080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 13:22 - 2016-08-20 07:34 - 01898848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 13:22 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 13:22 - 2016-08-20 07:34 - 00550752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 13:22 - 2016-08-20 07:34 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 13:22 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 13:22 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 13:22 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 13:22 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 13:22 - 2016-08-20 07:32 - 00588640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 13:22 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 13:22 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 13:22 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 13:22 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 13:22 - 2016-08-20 07:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 13:22 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 13:22 - 2016-08-20 07:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 13:22 - 2016-08-20 07:14 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 13:22 - 2016-08-20 07:12 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 13:22 - 2016-08-20 07:08 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 13:22 - 2016-08-20 07:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 13:22 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 13:22 - 2016-08-20 07:07 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 13:22 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 13:22 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 13:22 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 13:22 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 13:22 - 2016-08-20 07:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 13:22 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 13:22 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 13:22 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 13:22 - 2016-08-20 07:03 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 13:22 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 13:22 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 13:22 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 13:22 - 2016-08-20 06:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 13:22 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 13:22 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 13:22 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 13:22 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 13:22 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 13:22 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 13:22 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 13:22 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 13:22 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 13:22 - 2016-08-20 06:51 - 01938432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 13:22 - 2016-08-20 06:48 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 13:22 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-01 13:22 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-01 13:22 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-01 13:22 - 2016-08-06 06:07 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-01 13:22 - 2016-08-06 06:06 - 00399200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-01 13:22 - 2016-08-06 06:06 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-01 13:22 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-01 13:22 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-01 13:22 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-01 13:22 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-01 13:22 - 2016-08-06 05:48 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-01 13:22 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-01 13:22 - 2016-08-06 05:47 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-01 13:22 - 2016-08-06 05:47 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-01 13:22 - 2016-08-06 05:47 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-01 13:22 - 2016-08-06 05:47 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-01 13:22 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-01 13:22 - 2016-08-06 05:45 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-01 13:22 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-01 13:22 - 2016-08-06 05:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-01 13:22 - 2016-08-06 05:43 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-01 13:22 - 2016-08-06 05:43 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-01 13:22 - 2016-08-06 05:43 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-01 13:22 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-01 13:22 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-01 13:22 - 2016-08-06 05:40 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-01 13:22 - 2016-08-06 05:37 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-01 13:22 - 2016-08-06 05:32 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-01 13:22 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-01 13:22 - 2016-08-06 05:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-01 13:22 - 2016-08-06 05:30 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-01 13:22 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-01 13:22 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-01 13:22 - 2016-08-06 05:25 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-01 13:22 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-01 13:22 - 2016-08-06 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-01 13:22 - 2016-08-06 05:24 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-01 13:22 - 2016-08-06 05:24 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-01 13:22 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-01 13:22 - 2016-08-06 05:23 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-01 13:22 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-01 13:21 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 13:21 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 13:21 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 13:21 - 2016-08-20 07:49 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 13:21 - 2016-08-20 07:48 - 00887872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 13:21 - 2016-08-20 07:48 - 00781464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 13:21 - 2016-08-20 07:47 - 01064016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 13:21 - 2016-08-20 07:47 - 00937496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 13:21 - 2016-08-20 07:46 - 06016352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 13:21 - 2016-08-20 07:46 - 01959264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 13:21 - 2016-08-20 07:44 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-09-01 13:21 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 13:21 - 2016-08-20 07:14 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 13:21 - 2016-08-20 07:14 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 13:21 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-09-01 13:21 - 2016-08-20 07:14 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 13:21 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 13:21 - 2016-08-20 07:12 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 13:21 - 2016-08-20 07:12 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 13:21 - 2016-08-20 07:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 13:21 - 2016-08-20 07:11 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 13:21 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-09-01 13:21 - 2016-08-20 07:11 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 13:21 - 2016-08-20 07:11 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 13:21 - 2016-08-20 07:10 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 13:21 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 13:21 - 2016-08-20 07:09 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 13:21 - 2016-08-20 07:09 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 13:21 - 2016-08-20 07:09 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 13:21 - 2016-08-20 07:09 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 13:21 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 13:21 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 13:21 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 13:21 - 2016-08-20 07:04 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 13:21 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 13:21 - 2016-08-20 07:03 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 13:21 - 2016-08-20 07:01 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 13:21 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 13:21 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 13:21 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 13:21 - 2016-08-20 06:56 - 00786944 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 13:21 - 2016-08-20 06:54 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 13:21 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 13:21 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 13:21 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 13:21 - 2016-08-09 04:13 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-01 13:21 - 2016-08-06 06:30 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-01 13:21 - 2016-08-06 06:26 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-01 13:21 - 2016-08-06 06:24 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 13:21 - 2016-08-06 06:22 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-01 13:21 - 2016-08-06 06:22 - 00105824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-01 13:21 - 2016-08-06 06:16 - 00798504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-01 13:21 - 2016-08-06 06:15 - 00292184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-01 13:21 - 2016-08-06 06:14 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-01 13:21 - 2016-08-06 06:06 - 00186712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-01 13:21 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-01 13:21 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-01 13:21 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-01 13:21 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-01 13:21 - 2016-08-06 05:59 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-01 13:21 - 2016-08-06 05:58 - 01968480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 13:21 - 2016-08-06 05:58 - 01276608 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-01 13:21 - 2016-08-06 05:58 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-01 13:21 - 2016-08-06 05:58 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-01 13:21 - 2016-08-06 05:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-01 13:21 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-01 13:21 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-01 13:21 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-01 13:21 - 2016-08-06 05:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-01 13:21 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-01 13:21 - 2016-08-06 05:46 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-01 13:21 - 2016-08-06 05:45 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-01 13:21 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-01 13:21 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-01 13:21 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-01 13:21 - 2016-08-06 05:41 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-01 13:21 - 2016-08-06 05:39 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-01 13:21 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-01 13:21 - 2016-08-06 05:38 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-01 13:21 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-01 13:21 - 2016-08-06 05:37 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-01 13:21 - 2016-08-06 05:32 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-01 13:21 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-01 13:21 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-01 13:21 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-01 13:21 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-01 13:21 - 2016-08-06 05:21 - 01435136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-01 13:21 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-01 13:21 - 2016-08-05 11:06 - 04970216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-01 13:21 - 2016-08-05 10:54 - 00564488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-01 13:21 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-01 13:21 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-01 13:21 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-01 13:21 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-01 12:44 - 2016-09-01 12:44 - 00012904 ____N C:\bootsqm.dat
2016-09-01 12:44 - 2016-09-01 12:44 - 00000000 __SHD C:\found.001
2016-08-30 12:32 - 2016-08-30 12:32 - 00012758 _____ C:\Users\Mira\Desktop\Addition.zip
2016-08-30 12:27 - 2016-09-04 16:35 - 00000000 ____D C:\FRST
2016-08-30 11:58 - 2016-08-30 11:58 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-30 11:53 - 2016-08-30 11:53 - 00000000 ____D C:\ProgramData\USOShared
2016-08-30 11:52 - 2016-09-01 12:34 - 00000000 ____D C:\Users\Mira\AppData\Local\ConnectedDevicesPlatform
2016-08-30 11:52 - 2016-08-30 11:52 - 00000020 ___SH C:\Users\Mira\ntuser.ini
2016-08-30 10:48 - 2016-09-01 13:11 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 10:43 - 2016-08-30 10:43 - 00000000 ____D C:\Windows.old
2016-08-30 10:43 - 2016-08-30 10:43 - 00000000 ____D C:\Program Files\CMAK
2016-08-30 10:42 - 2016-08-30 10:42 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-30 10:42 - 2016-08-30 10:42 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 01343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-30 10:42 - 2016-08-30 10:42 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-30 10:41 - 2016-07-15 19:45 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-30 10:41 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-30 10:41 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-30 10:40 - 2016-08-30 10:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-30 10:37 - 2016-08-30 10:37 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-30 10:36 - 2016-08-30 10:36 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-30 10:36 - 2016-08-30 10:36 - 00000000 ____D C:\inetpub
2016-08-30 10:36 - 2016-08-30 10:13 - 00000000 ____D C:\Program Files\MSBuild
2016-08-30 10:36 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-30 10:36 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-30 10:36 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 10:32 - 2016-08-30 10:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-30 10:30 - 2016-08-30 10:32 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-30 10:30 - 2016-08-30 10:32 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-30 10:27 - 2016-08-30 10:27 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-08-30 10:24 - 2016-09-04 16:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-30 10:12 - 2016-08-30 10:12 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-08-30 10:12 - 2016-08-30 10:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-30 10:03 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-30 10:01 - 2016-08-30 10:13 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-30 09:58 - 2016-09-04 16:17 - 00000000 ____D C:\Users\Mira
2016-08-30 09:58 - 2016-08-30 10:21 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Šablony
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Soubory cookie
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Poslední
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Okolní tiskárny
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Okolní síť
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Nabídka Start
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Dokumenty
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Obrázky
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Hudba
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Documents\Filmy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\Mira\AppData\Local\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Šablony
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Poslední
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-30 09:58 - 2016-08-30 09:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2016-08-30 09:57 - 2016-09-04 16:28 - 01589522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-30 09:53 - 2016-08-30 10:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-30 09:53 - 2016-08-30 09:53 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-08-30 09:53 - 2016-08-30 09:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-30 09:53 - 2016-01-23 02:20 - 03946432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 02589632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-30 09:53 - 2016-01-23 02:20 - 00437816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-30 09:53 - 2016-01-23 02:20 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-30 09:53 - 2016-01-21 20:32 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-30 09:52 - 2016-08-30 10:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 09:52 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-30 09:50 - 2016-09-04 16:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-30 09:50 - 2016-08-30 09:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-29 10:23 - 2016-08-29 10:23 - 00277424 ____T C:\Users\Mira\Desktop\pc.pdf
2016-08-29 10:23 - 2016-08-29 10:23 - 00000000 ____D C:\Users\Mira\AppData\LocalLow\Temp
2016-08-29 10:21 - 2016-08-29 10:22 - 00099581 _____ C:\Users\Mira\Desktop\MIRA-PC.txt
2016-08-29 10:04 - 2016-08-29 10:04 - 00000000 ____D C:\Program Files\Speccy
2016-08-29 10:03 - 2016-08-29 10:03 - 05111240 _____ (Piriform Ltd) C:\Users\Mira\Downloads\spsetup129.exe
2016-08-29 09:12 - 2016-08-29 09:12 - 00000528 _____ C:\WINDOWS\mde.lkeys
2016-08-29 09:11 - 2016-08-30 10:13 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Disk Partition Expert Professional
2016-08-29 09:11 - 2016-08-29 09:11 - 04077672 _____ (Macrorit Inc.) C:\Users\Mira\Downloads\partition-expert-pro_chip_full.exe
2016-08-29 09:11 - 2016-08-29 09:11 - 00000000 ____D C:\Program Files\Macrorit
2016-08-29 09:05 - 2016-08-29 09:05 - 00000000 ____D C:\Users\Mira\AppData\Local\BlueStacks
2016-08-28 12:27 - 2016-08-30 10:03 - 00000000 ____D C:\Program Files\Synaptics
2016-08-28 12:27 - 2016-08-28 12:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-28 12:24 - 2016-08-28 12:24 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-08-28 12:21 - 2016-08-29 08:55 - 00013368 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-08-28 12:21 - 2016-08-28 12:21 - 00000000 ____D C:\Users\Mira\AppData\Local\SlimWare Utilities Inc
2016-08-28 12:20 - 2016-08-28 12:20 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\Mira\Downloads\SlimDrivers-setup.exe
2016-08-28 12:20 - 2016-08-28 12:20 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-08-28 12:15 - 2016-08-28 12:15 - 00000000 ____D C:\ProgramData\XDMessagingv4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 16:31 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-04 16:30 - 2016-04-23 09:39 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Wise Care 365
2016-09-04 16:30 - 2016-02-11 17:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-04 16:29 - 2016-02-14 14:48 - 00000000 ____D C:\ProgramData\MFAData
2016-09-04 16:28 - 2016-07-16 19:01 - 00476332 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-04 16:28 - 2016-07-16 19:01 - 00100656 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-04 16:23 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 16:21 - 2016-07-16 04:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-04 16:19 - 2016-07-16 19:04 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-04 16:19 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-03 20:35 - 2015-09-30 19:24 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Skype
2016-09-03 19:37 - 2016-02-14 19:16 - 00000000 ____D C:\Users\Mira\AppData\Roaming\.minecraft
2016-09-03 19:08 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-03 10:18 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 09:01 - 2016-04-23 09:38 - 00000000 ____D C:\Users\Mira\Desktop\servis
2016-09-02 08:56 - 2016-03-08 14:31 - 00000000 ___RD C:\Program Files\Skype
2016-09-01 13:11 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-09-01 13:11 - 2016-02-11 17:25 - 00000000 ____D C:\Users\Mira\AppData\Local\Packages
2016-08-31 12:29 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-30 12:33 - 2016-07-16 04:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-30 12:22 - 2016-02-11 17:34 - 00002388 _____ C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-30 12:22 - 2016-02-11 17:34 - 00000000 ___RD C:\Users\Mira\OneDrive
2016-08-30 11:53 - 2016-07-16 10:29 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-30 10:48 - 2016-07-16 10:30 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-30 10:41 - 2016-07-16 19:01 - 00000000 ____D C:\WINDOWS\OCR
2016-08-30 10:37 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-30 10:37 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-30 10:36 - 2016-07-16 10:26 - 01003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-30 10:36 - 2016-07-16 10:26 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-30 10:36 - 2016-07-16 10:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-30 10:36 - 2016-07-16 10:26 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-30 10:36 - 2016-07-16 10:26 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-30 10:35 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2016-08-30 10:32 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows NT
2016-08-30 10:30 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-30 10:30 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Registration
2016-08-30 10:30 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-30 10:24 - 2016-02-11 17:10 - 00021592 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-30 10:23 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Media
2016-08-30 10:22 - 2016-07-16 10:29 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-30 10:21 - 2016-07-16 10:29 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-30 10:13 - 2016-06-02 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-08-30 10:13 - 2016-04-23 09:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-30 10:13 - 2016-04-23 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-08-30 10:13 - 2016-04-19 13:48 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-08-30 10:13 - 2016-04-07 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-08-30 10:13 - 2016-03-29 14:17 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-30 10:13 - 2016-03-29 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-30 10:13 - 2016-02-23 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-08-30 10:13 - 2016-02-21 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WashAndGo
2016-08-30 10:13 - 2016-02-14 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-30 10:13 - 2016-02-12 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-30 10:13 - 2015-12-02 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-08-30 10:13 - 2015-10-30 17:10 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-30 10:13 - 2015-09-30 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-08-30 10:13 - 2015-09-30 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS4
2016-08-30 10:13 - 2015-09-30 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X3
2016-08-30 10:13 - 2015-09-30 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Paint Shop Pro Photo X2
2016-08-30 10:13 - 2015-09-29 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-08-30 10:13 - 2015-09-29 14:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-08-30 10:13 - 2015-09-29 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-08-30 10:13 - 2015-09-29 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-08-30 10:13 - 2015-09-29 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-30 10:13 - 2015-09-29 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2016-08-30 10:13 - 2015-09-29 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-08-30 10:13 - 2015-09-29 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-30 10:13 - 2015-09-29 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\602PC SUITE
2016-08-30 10:13 - 2015-09-29 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
2016-08-30 10:13 - 2015-09-29 10:48 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-08-30 10:13 - 2015-09-29 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-30 10:13 - 2015-09-29 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-30 10:13 - 2015-09-29 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-08-30 10:13 - 2015-09-25 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-30 10:12 - 2016-07-16 10:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-30 10:12 - 2015-10-30 07:13 - 00000000 ____D C:\Users\Default.migrated
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-30 10:04 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\schemas
2016-08-30 10:04 - 2016-02-16 17:42 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-08-30 10:04 - 2015-09-25 07:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-30 10:03 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-30 10:03 - 2016-04-23 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-30 10:03 - 2016-03-08 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-30 10:03 - 2016-02-16 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-08-30 10:03 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-08-30 10:00 - 2016-02-16 17:57 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-08-30 09:57 - 2016-07-16 04:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-30 09:54 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-30 09:54 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-30 09:53 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Help
2016-08-30 09:07 - 2016-07-16 19:41 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-29 09:06 - 2016-04-10 15:04 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-08-29 09:00 - 2015-12-17 23:29 - 00000000 ____D C:\ProgramData\TEMP
2016-08-29 09:00 - 2015-09-29 10:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-08-28 12:15 - 2016-02-21 20:39 - 00000000 ____D C:\Users\Mira\AppData\Local\Abelssoft
2016-08-12 14:50 - 2015-09-25 07:34 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-10-03 21:28 - 2016-07-10 13:39 - 0000203 _____ () C:\Users\Mira\AppData\Roaming\default.rss
2015-09-25 15:34 - 2015-09-25 15:34 - 0007601 _____ () C:\Users\Mira\AppData\Local\Resmon.ResmonCfg
2016-02-14 17:17 - 2016-02-14 17:17 - 0000189 _____ () C:\ProgramData\1455463048.1816.bin
2016-02-14 17:17 - 2016-02-14 17:17 - 0086822 _____ () C:\ProgramData\1455463048.3380.bin
2016-02-14 17:17 - 2016-02-14 17:17 - 0000462 _____ () C:\ProgramData\1455463048.4528.bin
2015-09-30 11:18 - 2015-09-30 11:18 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-30 09:49

==================== End of FRST.txt ============================

#11 Příspěvek od **Rudy** » 04 zář 2016 16:02

Disk je stále vytížen?

mlcoch · #12 Příspěvek od **mlcoch** » 04 zář 2016 16:32

Před chvilkou mi doběhl test burnintest - přiložím. Během testu byl disk na 15MB/s a nějakých 8%... 15 minut fungoval pohodově - pak zahlásilo fail.
V ten moment bylo zase nějakých 1-4 MB/s a 99% HDD dle správce úloh.

mlcoch · #13 Příspěvek od **mlcoch** » 04 zář 2016 16:34

štve mne to právě proto, že to vytížení a zamrzání nemá vlastně příčinu či podnět.. jednou syn hraje hodinu bez potíží, jednou se po minutě PC blokne na třeba 5 minut... nebo do restartu.
Nevím, jestli je to systémem (nemám rád W10) nebo HW či kombinací... Včera mu PC stahovalo hodinu aktualizace, ale přitom hrál a neměl potíže.

#14 Příspěvek od **Rudy** » 04 zář 2016 17:30

Na zkoušku vypněte aut. aktualizace, příp přeinstalujte antivir. Podle mne to dělá nějaká aplikace s přístupem na net. Já také desítky nemusím a do PC bych si je dobrovolně nedal. Alespoň zatím ne.

mlcoch · #15 Příspěvek od **mlcoch** » 04 zář 2016 17:44

ok, díky za námět - zkusím nejprve ty aktualizace.... a případně místo toho AVG PRO dát nějaký obyč fréé - on syn stejně nic tajnýho na pc nemá a když by se tam něco dostalo, tak to případně zformátuju a dám své zlaté W7

Máte nějaké doporučení na free antivir? Já měl dobré zkušenosti s AVASTem, ale prý to taky zabírá moc paměti atd....

VIRY.CZ

vytíženost HDD 100% bez zjevného duvodu

vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu

Re: vytíženost HDD 100% bez zjevného duvodu