Kontrola pc po odstranění malware

[michalpuk]

Dobrý den, dostal se mi do pc malware a začali mi vyskakovat čínské reklamy. Po projetí Malwarebytes a odinstalování nějakých divných programů vypadá pc ok.
Poprosil bych o kontrolu zda je to opravdu pryč.

log rsit:

Logfile of random's system information tool 1.10 (written by random/random)
Run by krejcir.m@gmail.com at 2016-04-25 17:52:26
Microsoft Windows 10 Pro
System drive C: has 122 GB (27%) free of 453 GB
Total RAM: 16344 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:26, on 25.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Krejc\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files\trend micro\krejcir.m@gmail.com.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://games.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oem4.inf,%Creative.CTHdaSvcDesc%;Sound Blaster Audio Service (CtHdaSvc) - Creative Technology Ltd - C:\WINDOWS\sysWow64\CtHdaSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem9.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10897 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"

C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\sysWow64\CtHdaSvc.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
dashost.exe {8bb16dab-3c26-4f4c-9aa947ee9769f32e}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
sihost.exe
taskeng.exe {EFBD41AE-583D-4C44-BCBD-EACDF3D0C3B7}
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Users\Krejc\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5876 CREDAT:75009 /prefetch:2
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1731596617-31027758-2076971259-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1731596617-31027758-2076971259-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Krejc\AppData\Local\Steam\htmlcache" -steampid=6044 -buildid=1459463254 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe" /i
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe" /i
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"J:\stazene veci\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\extensions\
abs@avira.com
safesearchplus@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-02 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-02 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-03-15 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-03-30 2396096]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-03-30 1767248]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-03-31 3077712]
"Spotify Web Helper"=C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-12-23 2346096]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01 50670720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-23 7139256]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-25 17:48:51 ----D---- C:\rsit
2016-04-25 17:48:51 ----D---- C:\Program Files\trend micro
2016-04-25 16:17:02 ----D---- C:\Program Files\7-Zip
2016-04-25 15:51:59 ----A---- C:\WINDOWS\SYSWOW64\drivers\TS888x64.sys
2016-04-25 15:43:13 ----A---- C:\WINDOWS\system32\drivers\TAOKernelEx64.sys
2016-04-25 15:43:07 ----A---- C:\WINDOWS\system32\drivers\TFsFltX64.sys
2016-04-25 15:43:05 ----D---- C:\ProgramData\Application Data
2016-04-25 15:42:51 ----D---- C:\Users\Krejc\AppData\Roaming\Tencent
2016-04-25 15:42:28 ----D---- C:\Users\Krejc\AppData\Roaming\Seznam.cz
2016-04-25 15:42:18 ----D---- C:\Program Files (x86)\KMSPico 10.0.6
2016-04-25 15:32:56 ----A---- C:\WINDOWS\system32\drivers\tapoas.sys
2016-04-25 15:32:40 ----A---- C:\WINDOWS\system32\drivers\tap0901.sys
2016-04-25 15:32:26 ----D---- C:\WINDOWS\AutoKMS
2016-04-25 15:31:07 ----D---- C:\ProgramData\Microsoft Toolkit
2016-04-25 15:15:42 ----A---- C:\WINDOWS\system32\KMSServer.exe
2016-04-25 14:22:47 ----D---- C:\WINDOWS\Minidump
2016-04-25 13:36:31 ----D---- C:\Program Files\CPUID
2016-04-21 18:57:58 ----SHD---- C:\Config.Msi
2016-04-16 19:47:19 ----D---- C:\WINDOWS\PCHEALTH
2016-04-13 04:56:27 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 04:56:27 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 04:56:26 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 04:56:26 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 04:56:26 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 04:56:26 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 04:56:26 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 04:56:26 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 04:56:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 04:56:24 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 04:56:23 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-04-13 04:56:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 04:56:23 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 04:56:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 04:56:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-04-13 04:56:19 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 04:56:18 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 04:56:17 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 04:56:16 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 04:56:15 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 04:56:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 04:56:14 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 04:56:13 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 04:56:12 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 04:56:11 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\wups.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 04:56:10 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 04:56:09 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-09 22:39:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-09 22:39:01 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-04-09 03:28:27 ----D---- C:\Users\Krejc\AppData\Roaming\dvdcss
2016-04-09 03:27:54 ----A---- C:\WINDOWS\system32\drivers\DigiartyVirtualCDBus.sys
2016-04-09 03:27:53 ----D---- C:\Users\Krejc\AppData\Roaming\BDlot
2016-04-09 03:25:33 ----D---- C:\Users\Krejc\AppData\Roaming\Jihosoft ISO Maker
2016-04-09 02:59:22 ----D---- C:\$WINDOWS.~BT
2016-04-09 02:59:21 ----HD---- C:\$Windows.~WS
2016-04-04 22:26:20 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvopencl.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvinitx.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvdispco6436472.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvcuda.dll
2016-04-04 22:25:23 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2016-04-04 19:32:10 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2016-04-04 19:32:10 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2016-04-02 05:01:17 ----ASH---- C:\swapfile.sys
2016-04-01 17:41:09 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2016-04-25 17:50:50 ----D---- C:\WINDOWS\Temp
2016-04-25 17:50:44 ----D---- C:\WINDOWS\system32\drivers
2016-04-25 17:50:42 ----D---- C:\Users\Krejc\AppData\Roaming\Skype
2016-04-25 17:50:39 ----D---- C:\Windows
2016-04-25 17:50:34 ----D---- C:\WINDOWS\Prefetch
2016-04-25 17:50:07 ----D---- C:\Program Files (x86)\Steam
2016-04-25 17:49:53 ----D---- C:\ProgramData\NVIDIA
2016-04-25 17:49:30 ----D---- C:\WINDOWS\system32\sru
2016-04-25 17:49:18 ----D---- C:\WINDOWS\system32\Tasks
2016-04-25 17:48:51 ----RD---- C:\Program Files
2016-04-25 17:31:28 ----D---- C:\WINDOWS\system32\config
2016-04-25 17:31:21 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-25 17:27:54 ----D---- C:\WINDOWS\INF
2016-04-25 17:27:54 ----AD---- C:\WINDOWS\System32
2016-04-25 17:27:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-25 17:20:47 ----RD---- C:\Program Files (x86)
2016-04-25 17:15:07 ----D---- C:\Program Files (x86)\Common Files
2016-04-25 17:13:20 ----D---- C:\Program Files\Common Files
2016-04-25 17:08:47 ----HD---- C:\ProgramData
2016-04-25 16:26:15 ----D---- C:\Users\Krejc\AppData\Roaming\vlc
2016-04-25 16:11:40 ----D---- C:\WINDOWS\TAPI
2016-04-25 16:09:24 ----D---- C:\Program Files (x86)\MSI Afterburner
2016-04-25 15:53:44 ----D---- C:\WINDOWS\Tasks
2016-04-25 15:51:59 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-04-25 15:44:25 ----D---- C:\WINDOWS\SysWOW64
2016-04-25 15:44:18 ----D---- C:\WINDOWS\system32\GroupPolicy
2016-04-25 15:43:09 ----RSD---- C:\WINDOWS\Fonts
2016-04-25 15:39:13 ----D---- C:\Program Files\utorrent
2016-04-25 15:32:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-25 15:16:18 ----D---- C:\Program Files\KMSpico
2016-04-24 22:02:04 ----SHD---- C:\System Volume Information
2016-04-23 15:42:50 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2016-04-23 03:42:03 ----D---- C:\ProgramData\Origin
2016-04-22 15:55:36 ----D---- C:\ProgramData\Package Cache
2016-04-22 15:45:50 ----D---- C:\Program Files (x86)\Origin Games
2016-04-22 15:43:23 ----AD---- C:\Program Files (x86)\Origin
2016-04-22 12:43:43 ----D---- C:\WINDOWS\AppReadiness
2016-04-21 18:58:04 ----D---- C:\ProgramData\Oracle
2016-04-21 18:57:58 ----SHD---- C:\WINDOWS\Installer
2016-04-21 18:57:58 ----D---- C:\Program Files (x86)\Java
2016-04-21 18:57:43 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-04-21 10:48:22 ----HD---- C:\Program Files\WindowsApps
2016-04-17 21:47:59 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-04-17 17:30:44 ----RD---- C:\WINDOWS\assembly
2016-04-16 19:50:22 ----D---- C:\ProgramData\Microsoft Help
2016-04-16 19:49:36 ----A---- C:\WINDOWS\win.ini
2016-04-15 13:10:46 ----D---- C:\WINDOWS\rescache
2016-04-15 13:06:51 ----D---- C:\WINDOWS\WinSxS
2016-04-14 11:40:58 ----SHD---- C:\Boot
2016-04-13 23:47:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-04-13 23:47:49 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 23:47:49 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-13 23:47:49 ----D---- C:\WINDOWS\system32\Boot
2016-04-13 23:47:49 ----D---- C:\WINDOWS\system32\appraiser
2016-04-13 23:47:49 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-13 23:47:49 ----D---- C:\WINDOWS\bcastdvr
2016-04-13 23:47:49 ----D---- C:\WINDOWS\AppPatch
2016-04-13 09:31:21 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 09:30:47 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 09:28:22 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 04:52:21 ----D---- C:\WINDOWS\system32\catroot2
2016-04-12 03:55:47 ----AD---- C:\Program Files (x86)\The Witcher 3 Wild Hunt
2016-04-12 03:24:34 ----AD---- C:\Program Files\Fallout 4
2016-04-09 22:55:14 ----SD---- C:\Users\Krejc\AppData\Roaming\Microsoft
2016-04-09 22:39:10 ----D---- C:\Users\Krejc\AppData\Roaming\Mozilla
2016-04-09 06:10:28 ----D---- C:\ProgramData\NVIDIA Corporation
2016-04-09 02:59:48 ----DC---- C:\WINDOWS\Panther
2016-04-09 02:59:21 ----D---- C:\WINDOWS\Logs
2016-04-06 23:33:47 ----D---- C:\Users\Krejc\AppData\Roaming\TS3Client
2016-04-06 20:32:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-04-04 22:26:15 ----D---- C:\Program Files (x86)\VulkanRT
2016-04-04 22:25:54 ----D---- C:\Program Files\NVIDIA Corporation
2016-03-30 15:53:58 ----D---- C:\ProgramData\Skype
2016-03-30 15:53:57 ----RD---- C:\Program Files (x86)\Skype
2016-03-30 03:06:04 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2016-03-30 03:06:04 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2016-03-30 03:05:35 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2016-03-30 03:05:35 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2016-03-30 03:05:35 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-03-02 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-03-02 287016]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-03-22 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-03-02 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-03-02 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-03-02 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-03-02 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 cthda;@oem4.inf,%Creative.CTHdaDesc%;Sound Blaster Audio Driver; C:\WINDOWS\system32\drivers\cthda.sys [2015-06-22 1074472]
R3 cthdb;@oem4.inf,%Creative.CTHDBDesc%;Sound Blaster Audio Controller Driver; C:\WINDOWS\system32\DRIVERS\cthdb.sys [2015-06-22 42792]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-30 121344]
R3 MEIx64;@oem26.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-10 193336]
R3 NVHDA;@oem8.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-01-23 205456]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-03-25 12659136]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-30 26560]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-03-21 56384]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-06-02 13536]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-09-23 1462208]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys []
S3 athrusb;@oem25.inf,%ATHR.Service.DispName%;Atheros Wireless LAN USB device driver; C:\WINDOWS\System32\drivers\athrxusb.sys [2008-07-29 1075712]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver; C:\WINDOWS\system32\drivers\DigiartyVirtualCDBus.sys [2016-04-09 276256]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-02 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2012-10-08 423424]
R2 CtHdaSvc;@oem4.inf,%Creative.CTHdaSvcDesc%;Sound Blaster Audio Service; C:\WINDOWS\sysWow64\CtHdaSvc.exe [2015-06-22 122888]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-03-30 1163200]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-02-18 26680]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-03-30 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-03-30 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-03-22 1265720]
R2 OneSyncSvc_32c35;Hostitel synchronizace_32c35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-03-30 3632576]
R3 PimIndexMaintenanceSvc_32c35;Data kontaktů_32c35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_22046;Hostitel synchronizace_22046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_270a9;Hostitel synchronizace_270a9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2bd86;Hostitel synchronizace_2bd86; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2c046;Hostitel synchronizace_2c046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2c891;Hostitel synchronizace_2c891; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2c8d6;Hostitel synchronizace_2c8d6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d0b8;Hostitel synchronizace_2d0b8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d64c;Hostitel synchronizace_2d64c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d70c;Hostitel synchronizace_2d70c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d85d;Hostitel synchronizace_2d85d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2dd1b;Hostitel synchronizace_2dd1b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ded0;Hostitel synchronizace_2ded0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e523;Hostitel synchronizace_2e523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e65e;Hostitel synchronizace_2e65e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ea43;Hostitel synchronizace_2ea43; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ec04;Hostitel synchronizace_2ec04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2edfc;Hostitel synchronizace_2edfc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ee83;Hostitel synchronizace_2ee83; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2f1a3;Hostitel synchronizace_2f1a3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2f808;Hostitel synchronizace_2f808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2f9ee;Hostitel synchronizace_2f9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2fb4f;Hostitel synchronizace_2fb4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2fb66;Hostitel synchronizace_2fb66; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_303aa;Hostitel synchronizace_303aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_30479;Hostitel synchronizace_30479; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_30645;Hostitel synchronizace_30645; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3067b;Hostitel synchronizace_3067b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3069e;Hostitel synchronizace_3069e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_306be;Hostitel synchronizace_306be; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_30765;Hostitel synchronizace_30765; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_31cda;Hostitel synchronizace_31cda; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3588af3;Hostitel synchronizace_3588af3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_53f9c;Hostitel synchronizace_53f9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-30 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_22046;Služba zasílání zpráv_22046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_270a9;Služba zasílání zpráv_270a9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2bd86;Služba zasílání zpráv_2bd86; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2c046;Služba zasílání zpráv_2c046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2c891;Služba zasílání zpráv_2c891; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2c8d6;Služba zasílání zpráv_2c8d6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d0b8;Služba zasílání zpráv_2d0b8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d64c;Služba zasílání zpráv_2d64c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d70c;Služba zasílání zpráv_2d70c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d85d;Služba zasílání zpráv_2d85d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2dd1b;Služba zasílání zpráv_2dd1b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ded0;Služba zasílání zpráv_2ded0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e523;Služba zasílání zpráv_2e523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e65e;Služba zasílání zpráv_2e65e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ea43;Služba zasílání zpráv_2ea43; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ec04;Služba zasílání zpráv_2ec04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2edfc;Služba zasílání zpráv_2edfc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ee83;Služba zasílání zpráv_2ee83; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2f1a3;Služba zasílání zpráv_2f1a3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2f808;Služba zasílání zpráv_2f808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2f9ee;Služba zasílání zpráv_2f9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2fb4f;Služba zasílání zpráv_2fb4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2fb66;Služba zasílání zpráv_2fb66; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_303aa;Služba zasílání zpráv_303aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_30479;Služba zasílání zpráv_30479; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_30645;Služba zasílání zpráv_30645; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3067b;Služba zasílání zpráv_3067b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3069e;Služba zasílání zpráv_3069e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_306be;Služba zasílání zpráv_306be; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_30765;Služba zasílání zpráv_30765; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_31cda;Služba zasílání zpráv_31cda; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32c35;Služba zasílání zpráv_32c35; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3588af3;Služba zasílání zpráv_3588af3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_53f9c;Služba zasílání zpráv_53f9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-04-22 2119688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_22046;Data kontaktů_22046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_270a9;Data kontaktů_270a9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2bd86;Data kontaktů_2bd86; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2c046;Data kontaktů_2c046; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2c891;Data kontaktů_2c891; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2c8d6;Data kontaktů_2c8d6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d0b8;Data kontaktů_2d0b8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d64c;Data kontaktů_2d64c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d70c;Data kontaktů_2d70c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d85d;Data kontaktů_2d85d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2dd1b;Data kontaktů_2dd1b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ded0;Data kontaktů_2ded0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e523;Data kontaktů_2e523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e65e;Data kontaktů_2e65e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ea43;Data kontaktů_2ea43; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ec04;Data kontaktů_2ec04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2edfc;Data kontaktů_2edfc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ee83;Data kontaktů_2ee83; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2f1a3;Data kontaktů_2f1a3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2f808;Data kontaktů_2f808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2f9ee;Data kontaktů_2f9ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2fb4f;Data kontaktů_2fb4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2fb66;Data kontaktů_2fb66; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_303aa;Data kontaktů_303aa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_30479;Data kontaktů_30479; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_30645;Data kontaktů_30645; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3067b;Data kontaktů_3067b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3069e;Data kontaktů_3069e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_306be;Data kontaktů_306be; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_30765;Data kontaktů_30765; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_31cda;Data kontaktů_31cda; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3588af3;Data kontaktů_3588af3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_53f9c;Data kontaktů_53f9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[michalpuk]

log:

# AdwCleaner v5.113 - Log soubor vytvořen 25/04/2016 o 19:01:58
# Aktualizováno 24/04/2016 by Xplode
# Databáze : 2016-04-24.3 [Server]
# Operační systém : Windows 10 Pro (X64)
# Jméno uživatele : krejcir.m@gmail.com - STOLNI-PC
# Spuštěno z : C:\Users\Krejc\Desktop\adwcleaner_5.113.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

[-] Služba smazáno : QMUdisk
[-] Služba smazáno : softaal
[-] Služba smazáno : SRepairDrv
[-] Služba smazáno : tsnethlpx64

***** [ Složky ] *****

[-] Složka smazáno : C:\Users\Krejc\AppData\Local\Temp\tencent
[-] Složka smazáno : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent
[-] Složka smazáno : C:\Users\Krejc\AppData\Local\VirtualStore\ProgramData\Application Data\tencent
[-] Složka smazáno : C:\Users\Krejc\AppData\Roaming\tencent
[-] Složka smazáno : C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazáno : C:\Users\Krejc\AppData\Local\VirtualStore\Program Files (x86)\tencent

***** [ Soubory ] *****

[-] Soubor smazáno : C:\WINDOWS\SysWOW64\drivers\TS888x64.sys
[-] Soubor smazáno : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys

***** [ DLLs ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klávesa smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Klávesa smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\s
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\metnsd
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klávesa smazáno : HKCU\Software\IM
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50A90031-7B81-4FFD-A239-D85178B5D571}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{307ED05B-3B0C-4EA9-AC24-909E448DBC53}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4E6AE3B1-7947-404E-9746-ED970B3EF309}]
[-] Hodnota smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0F60CBC0-54CE-4A15-A051-E241C404EEFE}]
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calendarspark.dl.myway.com
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\filmfanatic2.dl.myway.com

***** [ Webové prohlížeče ] *****

[-] [C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\prefs.js] smazáno : user_pref("media.gmp-eme-adobe.lastUpdate", 1460234555);
[-] [C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\prefs.js] smazáno : user_pref("media.gmp-gmpopenh264.lastUpdate", 1460234555);
[-] [C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\prefs.js] smazáno : user_pref("media.gmp-manager.lastCheck", 1460234554);

*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4322 bytes] - [25/04/2016 19:01:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [4297 bytes] - [25/04/2016 19:00:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4468 bytes] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[michalpuk]

log frst:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
Ran by krejcir.m@gmail.com (administrator) on STOLNI-PC (25-04-2016 20:25:07)
Running from C:\Users\Krejc\Desktop
Loaded Profiles: krejcir.m@gmail.com (Available Profiles: krejcir.m@gmail.com)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Krejc\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1731596617-31027758-2076971259-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1731596617-31027758-2076971259-1001\...\Run: [Spotify Web Helper] => C:\Users\Krejc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-23] (Spotify Ltd)
HKU\S-1-5-21-1731596617-31027758-2076971259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1731596617-31027758-2076971259-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-02] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{130bbe92-0346-4ea1-b43b-a8ee8953fa5f}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1731596617-31027758-2076971259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://games.tiscali.cz/
SearchScopes: HKU\S-1-5-21-1731596617-31027758-2076971259-1001 -> DefaultScope {FAB51FF6-FCFB-4D86-AB41-BD7453C4389E} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1731596617-31027758-2076971259-1001 -> {FAB51FF6-FCFB-4D86-AB41-BD7453C4389E} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-02] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1731596617-31027758-2076971259-1001: @my.com/Games -> C:\Users\Krejc\AppData\Local\MyComGames\NPMyComDetector.dll [2016-03-17] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1731596617-31027758-2076971259-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Krejc\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Extension: Greasemonkey - C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-25]
FF Extension: Avira Browser Safety - C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\Extensions\abs@avira.com [2016-04-09]
FF Extension: Avira SafeSearch Plus - C:\Users\Krejc\AppData\Roaming\Mozilla\Firefox\Profiles\MMMfXA2I.default\Extensions\safesearchplus@avira.com [2015-11-30] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://games.tiscali.cz/
CHR StartupUrls: Default -> "hxxp://games.tiscali.cz/"
CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-30]
CHR Extension: (Dokumenty Google) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-01]
CHR Extension: (Disk Google) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Tabulky Google) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Krejc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-02]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-02] (AVAST Software)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122888 2015-06-22] (Creative Technology Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-22] (Electronic Arts)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-02] (AVAST Software)
S3 athrusb; C:\Windows\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1074472 2015-06-22] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [42792 2015-06-22] (Creative Technology Ltd)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2016-04-09] (Digiarty Software, Inc.)
U5 iaStor; C:\Windows\System32\Drivers\iaStor.sys [569152 2012-05-30] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-07-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-06-02] ()
S3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-19] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 20:25 - 2016-04-25 20:25 - 00018490 _____ C:\Users\Krejc\Desktop\FRST.txt
2016-04-25 20:23 - 2016-04-25 20:25 - 00000000 ____D C:\FRST
2016-04-25 20:23 - 2016-04-25 20:23 - 00112640 _____ (forum.viry.cz) C:\Users\Krejc\Desktop\FRSTLauncher.exe
2016-04-25 20:21 - 2016-04-25 20:20 - 02376192 _____ (Farbar) C:\Users\Krejc\Desktop\FRST64.exe
2016-04-25 19:00 - 2016-04-25 18:59 - 03580480 _____ C:\Users\Krejc\Desktop\adwcleaner_5.113.exe
2016-04-25 18:59 - 2016-04-25 19:05 - 00000000 ____D C:\AdwCleaner
2016-04-25 18:35 - 2016-04-25 18:35 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-04-25 17:48 - 2016-04-25 17:52 - 00000000 ____D C:\Program Files\trend micro
2016-04-25 17:48 - 2016-04-25 17:48 - 00000000 ____D C:\rsit
2016-04-25 16:17 - 2016-04-25 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-25 16:17 - 2016-04-25 16:17 - 00000000 ____D C:\Program Files\7-Zip
2016-04-25 15:50 - 2016-04-25 15:50 - 00000270 __RSH C:\Users\Krejc\ntuser.pol
2016-04-25 15:44 - 2016-04-25 15:44 - 00000664 __RSH C:\ProgramData\ntuser.pol
2016-04-25 15:43 - 2016-04-25 15:43 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-04-25 15:42 - 2016-04-25 15:42 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Seznam.cz
2016-04-25 15:32 - 2016-04-25 19:03 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-04-25 15:32 - 2016-04-25 15:50 - 00000000 ____D C:\WINDOWS\AutoKMS
2016-04-25 15:32 - 2013-08-22 14:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-04-25 15:32 - 2012-07-15 17:48 - 00030720 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapoas.sys
2016-04-25 15:15 - 2016-04-25 15:15 - 00038454 _____ C:\WINDOWS\system32\KMSServer.exe
2016-04-25 14:22 - 2016-04-25 14:22 - 946830223 _____ C:\WINDOWS\MEMORY.DMP
2016-04-25 14:22 - 2016-04-25 14:22 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-25 13:36 - 2016-04-25 16:11 - 00000961 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-04-25 13:36 - 2016-04-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-25 13:36 - 2016-04-25 13:36 - 00000000 ____D C:\Program Files\CPUID
2016-04-22 15:56 - 2016-04-22 17:28 - 00000000 ____D C:\Users\Krejc\Documents\Mirrors Edge Catalyst Closed Beta
2016-04-22 15:55 - 2016-04-22 15:55 - 00001472 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst Closed Beta.lnk
2016-04-22 15:55 - 2016-04-22 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst Closed Beta
2016-04-20 13:23 - 2016-04-20 15:14 - 00000121 _____ C:\Users\Krejc\Desktop\cody.txt
2016-04-19 21:57 - 2016-04-19 21:57 - 00000000 ____D C:\Users\Krejc\Desktop\Misc - Skyrim Prefs
2016-04-17 22:08 - 2016-04-17 22:44 - 00000000 ____D C:\Users\Krejc\Desktop\foto prodej
2016-04-17 22:01 - 2016-04-17 22:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-04-17 21:48 - 2016-04-17 21:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-16 19:47 - 2016-04-16 19:47 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-15 17:19 - 2016-04-25 16:11 - 00002715 _____ C:\Users\Krejc\Desktop\Skyrim (SKSE).lnk
2016-04-13 09:18 - 2016-04-13 09:18 - 00000000 ____D C:\Users\Krejc\AppData\Local\NetworkTiles
2016-04-13 04:56 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 04:56 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 04:56 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 04:56 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 04:56 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 04:56 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 04:56 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 04:56 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 04:56 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 04:56 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 04:56 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 04:56 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 04:56 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 04:56 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 04:56 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 04:56 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 04:56 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 04:56 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 04:56 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 04:56 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 04:56 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 04:56 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 04:56 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 04:56 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 04:56 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 04:56 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 04:56 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 04:56 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 04:56 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 04:56 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 04:56 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 04:56 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 04:56 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 04:56 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 04:56 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 04:56 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 04:56 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 04:56 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 04:56 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 04:56 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 04:56 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 04:56 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 04:56 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 04:56 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 04:56 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 04:56 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 04:56 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 04:56 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 04:56 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 04:56 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 04:56 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 04:56 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 04:56 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 04:56 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 04:56 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 04:56 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 04:56 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 04:56 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 04:56 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 04:56 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 04:56 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 04:56 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 04:56 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 04:56 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 04:56 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 04:56 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 04:56 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 04:56 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 04:56 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 04:56 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 04:56 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 04:56 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 04:56 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 04:56 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 04:56 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 04:56 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 04:56 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 04:56 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 04:56 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 04:56 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 04:56 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 04:56 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 04:56 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 04:56 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 04:56 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 04:56 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 04:56 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 04:56 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 04:56 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 04:56 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 04:56 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 04:56 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 04:56 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 04:56 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 04:56 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 04:56 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 04:56 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 04:56 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 04:56 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 04:56 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 04:56 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 04:56 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 04:56 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 04:56 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 04:56 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 04:56 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 04:56 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 04:56 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 04:56 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 04:56 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 04:56 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 04:56 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 04:56 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 04:56 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 04:56 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 04:56 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 04:56 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 04:56 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 04:56 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 04:56 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 04:56 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 04:56 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 04:56 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 04:56 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 04:56 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 04:56 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 04:56 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 04:56 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 04:56 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 04:56 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 04:56 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 04:56 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 04:56 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 04:56 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 04:56 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 04:56 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 04:56 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 04:56 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 04:56 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 04:56 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 04:56 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 04:56 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 04:56 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 04:56 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 04:56 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 04:56 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 04:56 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 04:56 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 04:56 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 04:56 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 04:56 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 04:56 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 04:56 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 04:56 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 04:56 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 04:56 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 04:56 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 04:56 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 04:56 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 04:56 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 04:56 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 04:56 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 04:56 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 04:56 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 04:56 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 04:56 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 04:56 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 04:56 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 04:56 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 04:56 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 04:56 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 04:56 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 04:56 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 04:56 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 04:56 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 04:56 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 04:56 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 04:56 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 04:56 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 04:56 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 04:56 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 04:56 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 04:56 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 04:56 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 04:56 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 04:56 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 04:56 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 04:56 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 04:56 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 04:56 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 04:56 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 04:56 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 04:56 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 04:56 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 04:56 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 04:56 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 04:56 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 04:56 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 04:56 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 04:56 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 04:56 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 04:56 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 04:56 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 04:56 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 04:56 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 04:56 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 04:56 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 04:56 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 04:56 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 04:56 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 04:56 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 04:56 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 04:56 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 04:56 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 04:56 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 04:56 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 04:56 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 04:56 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 04:56 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 04:56 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 04:56 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 04:56 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 04:56 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 04:56 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 04:56 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 04:56 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 04:56 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 04:56 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 04:56 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 04:56 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 04:56 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 04:56 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 04:56 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 04:56 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 04:56 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 04:56 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 04:56 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 04:56 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 04:56 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 04:56 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 04:56 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 04:56 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 04:56 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 04:56 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 04:56 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 04:56 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 04:56 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 04:56 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 04:56 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 04:56 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 04:56 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 04:56 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 04:56 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 04:56 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 04:56 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 04:56 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 04:56 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 04:56 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 04:56 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 04:56 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 04:56 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 04:56 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 04:56 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 04:56 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 04:56 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 04:56 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 04:56 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 04:56 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 04:56 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 04:56 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 04:56 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 04:56 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 04:56 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-09 22:42 - 2016-04-09 22:42 - 00000000 ____D C:\Users\Krejc\AppData\Local\Macromedia
2016-04-09 22:39 - 2016-04-25 16:12 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-09 22:39 - 2016-04-25 16:11 - 00001219 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-09 22:39 - 2016-04-09 22:47 - 00000000 ____D C:\Users\Krejc\AppData\Local\Mozilla
2016-04-09 22:39 - 2016-04-09 22:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-09 22:39 - 2016-04-09 22:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-09 03:28 - 2016-04-09 03:29 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\dvdcss
2016-04-09 03:27 - 2016-04-09 03:27 - 00276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2016-04-09 03:27 - 2016-04-09 03:27 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\BDlot
2016-04-09 03:25 - 2016-04-09 03:25 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Jihosoft ISO Maker
2016-04-09 03:00 - 2016-04-25 16:11 - 00002638 _____ C:\Users\Krejc\Desktop\Windows 7 USB DVD Download Tool.lnk
2016-04-09 03:00 - 2016-04-09 03:00 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-04-09 03:00 - 2016-04-09 03:00 - 00000000 ____D C:\Users\Krejc\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2016-04-09 02:59 - 2016-04-09 02:59 - 00000000 ___HD C:\$Windows.~WS
2016-04-09 02:59 - 2016-04-09 02:59 - 00000000 ____D C:\$WINDOWS.~BT
2016-04-07 00:04 - 2016-04-07 00:04 - 00000000 ____D C:\Users\Krejc\Documents\SkidRow
2016-04-04 22:26 - 2016-04-04 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-04 22:26 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-04-04 22:25 - 2016-03-22 06:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00784824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00630776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00601936 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00546328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00129208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-04-04 22:25 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-04-04 22:25 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-04 19:32 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-04-04 19:32 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-04-02 15:26 - 2016-04-02 15:26 - 00000819 _____ C:\Users\Krejc\Desktop\Tundra 0.9.14.1 – zástupce.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 20:17 - 2015-11-30 07:02 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-25 20:11 - 2015-11-30 07:50 - 00000000 ____D C:\Program Files\utorrent
2016-04-25 20:04 - 2015-12-01 01:08 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\vlc
2016-04-25 20:03 - 2015-11-30 07:47 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Skype
2016-04-25 20:03 - 2015-11-30 02:43 - 01774890 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-25 20:03 - 2015-10-30 20:31 - 00751068 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-25 20:03 - 2015-10-30 20:31 - 00151190 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-25 20:03 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-25 20:00 - 2015-12-03 19:39 - 00000427 _____ C:\Users\Krejc\AppData\Local\FSDownloader.err
2016-04-25 20:00 - 2015-12-03 19:38 - 00001088 _____ C:\Users\Krejc\AppData\Local\FSDownloader.nast
2016-04-25 19:42 - 2015-12-22 00:48 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-25 19:25 - 2015-11-30 03:11 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9893DD28-2D55-4C04-85F9-65AAC85C0FFE}
2016-04-25 19:15 - 2015-12-01 02:21 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-25 19:03 - 2015-11-30 08:31 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-04-25 19:03 - 2015-11-30 08:31 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-04-25 19:02 - 2016-02-04 17:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-25 19:02 - 2016-02-04 16:58 - 00000000 ____D C:\Users\Krejc
2016-04-25 19:02 - 2016-02-04 16:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-25 19:02 - 2015-11-30 07:02 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-25 19:02 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-25 19:00 - 2015-12-03 07:18 - 00003138 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-04-25 16:12 - 2016-03-22 23:39 - 00001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-25 16:12 - 2016-02-04 17:00 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-25 16:12 - 2016-02-03 15:31 - 00000595 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WRC 5 FIA World Rally Championship.lnk
2016-04-25 16:12 - 2015-12-18 01:48 - 00002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-04-25 16:12 - 2015-12-11 01:28 - 00001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-04-25 16:12 - 2015-12-08 01:30 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-04-25 16:12 - 2015-12-08 00:05 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-25 16:12 - 2015-11-30 07:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-25 16:12 - 2015-11-30 07:02 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-25 16:11 - 2016-03-22 23:39 - 00001213 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-25 16:11 - 2016-03-16 00:04 - 00001319 _____ C:\Users\Krejc\Desktop\Cisco Packet Tracer.lnk
2016-04-25 16:11 - 2016-03-03 17:23 - 00001234 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-04-25 16:11 - 2016-02-19 15:44 - 00001277 _____ C:\Users\Krejc\Desktop\Uplay.lnk
2016-04-25 16:11 - 2016-02-08 22:13 - 00000949 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-25 16:11 - 2016-02-08 22:13 - 00000944 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-25 16:11 - 2016-02-03 15:31 - 00000595 _____ C:\Users\Public\Desktop\WRC 5 FIA World Rally Championship.lnk
2016-04-25 16:11 - 2016-02-03 02:14 - 00000813 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-04-25 16:11 - 2016-02-01 02:27 - 00000778 _____ C:\Users\Krejc\Desktop\Sebastien Loeb Rally EVO.lnk
2016-04-25 16:11 - 2016-01-29 12:06 - 00000951 _____ C:\Users\Public\Desktop\Black Desert Character Creator.lnk
2016-04-25 16:11 - 2016-01-29 12:06 - 00000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Character Creator.lnk
2016-04-25 16:11 - 2016-01-24 03:32 - 00000802 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-04-25 16:11 - 2016-01-11 02:04 - 00000931 _____ C:\Users\Public\Desktop\Dragons Dogma Dark Arisen.lnk
2016-04-25 16:11 - 2015-12-29 21:45 - 00002224 _____ C:\Users\Krejc\Desktop\Google Earth.lnk
2016-04-25 16:11 - 2015-12-24 03:43 - 00001551 _____ C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimCity4 Launcher.lnk
2016-04-25 16:11 - 2015-12-24 03:43 - 00001521 _____ C:\Users\Krejc\Desktop\SimCity4 Launcher.lnk
2016-04-25 16:11 - 2015-12-23 00:54 - 00001051 _____ C:\Users\Public\Desktop\Origin.lnk
2016-04-25 16:11 - 2015-12-18 00:28 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-25 16:11 - 2015-12-17 00:20 - 00001039 _____ C:\Users\Krejc\Desktop\OCCT.lnk
2016-04-25 16:11 - 2015-12-11 01:39 - 00000907 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-25 16:11 - 2015-12-11 01:28 - 00001082 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2016-04-25 16:11 - 2015-12-08 01:38 - 00001822 _____ C:\Users\Krejc\Desktop\Adobe Photoshop CC 2015.lnk
2016-04-25 16:11 - 2015-12-08 00:05 - 00002014 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-25 16:11 - 2015-12-07 22:01 - 00002061 _____ C:\Users\Krejc\Desktop\Word 2013.lnk
2016-04-25 16:11 - 2015-12-03 16:51 - 00001241 _____ C:\Users\Public\Desktop\BioShock Infinite.lnk
2016-04-25 16:11 - 2015-12-03 13:20 - 00001850 _____ C:\Users\Krejc\Desktop\Spotify.lnk
2016-04-25 16:11 - 2015-12-03 13:20 - 00001836 _____ C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-04-25 16:11 - 2015-12-01 10:32 - 00001255 _____ C:\Users\Krejc\Desktop\CrystalDiskInfo.lnk
2016-04-25 16:11 - 2015-12-01 02:21 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-25 16:11 - 2015-12-01 01:57 - 00001047 _____ C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2016-04-25 16:11 - 2015-12-01 01:08 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-25 16:11 - 2015-11-30 22:16 - 00000944 _____ C:\Users\Krejc\Desktop\Fallout 4.lnk
2016-04-25 16:11 - 2015-11-30 22:06 - 00001032 _____ C:\Users\Krejc\Desktop\TechPowerUp GPU-Z.lnk
2016-04-25 16:11 - 2015-11-30 22:01 - 00001102 _____ C:\Users\Krejc\Desktop\HD Tune Pro.lnk
2016-04-25 16:11 - 2015-11-30 08:45 - 00001298 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2016-04-25 16:11 - 2015-11-30 08:31 - 00001155 _____ C:\Users\Krejc\Desktop\MSI Afterburner.lnk
2016-04-25 16:11 - 2015-11-30 07:24 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-25 16:11 - 2015-11-30 07:02 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-25 16:11 - 2015-11-30 06:17 - 00002289 _____ C:\Users\Public\Desktop\HP Deskjet 5520 series.lnk
2016-04-25 16:11 - 2015-11-30 05:34 - 00001453 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-25 16:11 - 2015-11-30 02:49 - 00002430 _____ C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-25 16:11 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-04-25 16:05 - 2015-11-30 07:50 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-04-25 15:56 - 2015-12-22 00:48 - 00003128 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-25 15:56 - 2015-12-11 01:39 - 00002160 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-25 15:56 - 2015-11-30 07:02 - 00003492 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-25 15:56 - 2015-11-30 07:02 - 00003268 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-25 15:50 - 2016-02-04 16:57 - 00344616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-25 15:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-04-25 15:43 - 2015-11-30 02:47 - 00000000 ____D C:\Users\Krejc\AppData\Local\VirtualStore
2016-04-25 15:22 - 2015-12-07 21:51 - 00004114 _____ C:\WINDOWS\System32\Tasks\Trigger KMS Activation
2016-04-25 14:11 - 2015-12-17 01:18 - 00000000 ____D C:\Users\Krejc\Documents\OCCT
2016-04-25 01:05 - 2015-12-22 00:00 - 00000000 ____D C:\Users\Krejc\AppData\Local\CrashDumps
2016-04-24 14:25 - 2016-01-23 21:44 - 00000242 _____ C:\Users\Krejc\Desktop\Nový textový dokument.txt
2016-04-23 03:42 - 2015-12-23 00:54 - 00000000 ____D C:\ProgramData\Origin
2016-04-23 00:22 - 2016-01-24 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-04-22 15:55 - 2015-11-30 05:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-22 15:45 - 2015-12-23 00:55 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-04-22 15:43 - 2015-12-23 00:54 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-22 12:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-21 18:58 - 2015-12-31 01:02 - 00000000 ____D C:\ProgramData\Oracle
2016-04-21 18:57 - 2015-12-31 01:03 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-21 18:57 - 2015-12-31 01:03 - 00000000 ____D C:\Users\Krejc\.oracle_jre_usage
2016-04-21 18:57 - 2015-12-31 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-21 18:57 - 2015-12-31 01:03 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-21 10:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-17 20:24 - 2015-11-30 02:47 - 00000000 ____D C:\Users\Krejc\AppData\Local\Packages
2016-04-16 19:50 - 2015-12-07 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-16 19:49 - 2015-10-30 09:24 - 00000167 _____ C:\WINDOWS\win.ini
2016-04-15 15:41 - 2015-12-23 23:07 - 00000000 ____D C:\Users\Krejc\AppData\Local\Skyrim
2016-04-15 13:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 23:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 23:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 23:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 23:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 17:30 - 2015-12-24 01:22 - 00000000 ____D C:\Users\Krejc\Documents\The Witcher 3
2016-04-13 09:31 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 09:30 - 2015-12-09 16:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 09:28 - 2015-12-09 16:53 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 03:55 - 2015-12-24 00:46 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2016-04-12 03:24 - 2016-01-24 03:32 - 00000000 ____D C:\Users\Krejc\Documents\Nexus Mod Manager
2016-04-12 03:24 - 2015-11-30 22:13 - 00000000 ____D C:\Program Files\Fallout 4
2016-04-09 22:39 - 2015-11-30 05:59 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\Mozilla
2016-04-09 21:52 - 2015-12-28 20:40 - 00000080 _____ C:\Users\Krejc\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-04-09 06:10 - 2016-02-04 16:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-09 02:59 - 2016-02-04 16:57 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-06 23:33 - 2016-03-03 17:23 - 00000000 ____D C:\Users\Krejc\AppData\Roaming\TS3Client
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-04 22:26 - 2016-03-21 22:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-04 22:26 - 2015-11-30 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-04 22:25 - 2016-02-04 16:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-31 20:58 - 2016-03-22 23:39 - 00003166 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458682786
2016-03-30 15:53 - 2015-12-18 00:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-30 15:53 - 2015-11-30 07:46 - 00000000 ____D C:\ProgramData\Skype
2016-03-30 03:06 - 2015-11-30 05:34 - 01373680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-03-30 03:06 - 2015-11-30 05:34 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-30 05:34 - 01767248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-03-30 03:05 - 2015-11-30 05:34 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-03-30 03:05 - 2015-11-30 05:34 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-03-29 12:07 - 2015-10-30 10:13 - 00400302 __RSH C:\bootmgr

==================== Files in the root of some directories =======

2015-12-03 19:39 - 2016-04-25 20:00 - 0000427 _____ () C:\Users\Krejc\AppData\Local\FSDownloader.err
2015-12-03 19:38 - 2016-04-25 20:00 - 0001088 _____ () C:\Users\Krejc\AppData\Local\FSDownloader.nast
2015-12-18 01:47 - 2015-12-18 01:47 - 0007606 _____ () C:\Users\Krejc\AppData\Local\Resmon.ResmonCfg
2015-11-30 06:17 - 2015-11-30 06:17 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Krejc\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\Krejc\AppData\Local\Temp\d39f3107acadcdef16e6629dcc9a67c8.dll
C:\Users\Krejc\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Krejc\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Krejc\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Krejc\AppData\Local\Temp\Nexus Mod Manager-0.61.16.exe
C:\Users\Krejc\AppData\Local\Temp\Nexus Mod Manager-0.61.17.exe
C:\Users\Krejc\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Krejc\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Krejc\AppData\Local\Temp\nvStInst.exe
C:\Users\Krejc\AppData\Local\Temp\Setup__15200_i1914209554_il8038.exe
C:\Users\Krejc\AppData\Local\Temp\_is5E5D.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-17 17:30

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (ssd) (Fixed) (Total:442.03 GB) (Free:119.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FLASH) (Removable) (Total:3.74 GB) (Free:2.31 GB) FAT32
Drive e: (uložiště ) (Fixed) (Total:596.07 GB) (Free:7.33 GB) NTFS
Drive j: (hlavni disk) (Fixed) (Total:2794.39 GB) (Free:1561.95 GB) NTFS

Available physical RAM: 12996.08 MB
Total physical RAM: 16344.38 MB
Percentage of memory in use: 20%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 09107663)
Partition 1: (Active) - (Size=442 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
Disk: 2 (Size: 596.2 GB) (Disk ID: D08E57DF)
Partition 1: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)
Disk: 3 (Size: 3.7 GB) (Disk ID: ECA51E10)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Krejc\Desktop" je 73 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
C:\WINDOWS\AutoKMS
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Krejc\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
C:\Users\Krejc\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[michalpuk]

fix list:

Fix result of Farbar Recovery Scan Tool (x64) Version:25-04-2016
Ran by krejcir.m@gmail.com (2016-04-25 22:15:18) Run:1
Running from C:\Users\Krejc\Desktop
Loaded Profiles: krejcir.m@gmail.com (Available Profiles: krejcir.m@gmail.com)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
C:\WINDOWS\AutoKMS
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Krejc\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
C:\Users\Krejc\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\WINDOWS\AutoKMS => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Krejc\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 => moved successfully

"C:\Users\Krejc\AppData\Local\Temp" folder move:

Could not move "C:\Users\Krejc\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-04-25 22:16:26)

C:\Users\Krejc\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:16:26 ====

[Rudy]

Smazáno, log by již měl být OK.

[michalpuk]

Ok, díky moc za pomoc

[Rudy]

Rádo se stalo!