nevyžádané stránky-přesměrování

[rudkr63]

Prosím o kontrolu.Při spuštění libovolného prohlížeče (kromě Mozilly) se místo nastavené domovské stránky otevře jiná, převážně ruská.Při načítání stránky se postupně pokouší načíst cca. 3-5 jiných a nakonec tam zůstane nějaká ruská.Při pokusu o otevření stránky z odkazu se to děje také, ale nepravidelně.V Exploreru se mi podařilo dát tyto stránky jako zakázané weby, ale nepomáhá to.Zkoueel jsem nb priojet adwcleanerem, ccleanerem, ale situace se nezměnila. Nevím kudy tudy a tak posílám log. a prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by rudyk (administrator) on RUDA (06-07-2016 03:57:22)
Running from C:\Users\rudyk\Desktop
Loaded Profiles: rudyk (Available Profiles: rudyk)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(WebProtection) C:\Program Files (x86)\HPGuard\HPGuardSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\dkdockhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2016-06-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-16] (COMODO)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2016-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-05-26] (VIA)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2016-05-26] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2016-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [DesktopCal] => C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe [282624 2016-05-30] (DesktopCal, Inc.)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-26] (Piriform Ltd)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2016-07-02] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\MountPoints2: {d0db6895-2e2e-11e6-af45-3085a9d570cb} - "F:\Lenovo_Suite.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186144 2016-03-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164520 2016-03-22] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-2772540604-3902122079-841815421-1001] => hxxp://unstops.info/wpad.dat?219fae4625b01cea1742ddbde235f9de12350276
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b80c8a9a-ff77-478c-a2ab-851032eee707}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://unstops.info/wpad.dat?219fae4625b01cea1742ddbde235f9de12350276

Internet Explorer:
==================
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {32501F99-BCA2-4D98-B5A5-F863115A175E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {337CCC6C-DFD3-420E-8419-F506CE05AA31} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {512CFFC4-E8F9-4A21-91A2-87B62EC35BF9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {51497A49-55A9-4EF3-90BB-D3AAB5A8D920} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {5410EFA8-2DA1-4626-89FE-BB60AA35BBA1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {66C2CFC0-5D30-43F5-A0CD-46707121E697} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {6F315124-37F7-40C1-9793-B5D8D077A727} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {724A02E6-74A1-4D58-951A-6C4C30EFA60A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {9903CEA2-E523-4DF0-A0C9-FE9DEECBA241} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {B69D826B-D09E-4547-ACC1-70711F9FA799} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {FB59872C-D15C-423F-A837-EBFE933625C7} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13014
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-06-17] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-05-04] (pdfforge GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-05-04] (pdfforge GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> hxxp://www.bing.com/

FireFox:
========
FF ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
FF DefaultSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/?logged=1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-27] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: PDF Architect 4 -> C:\Program Files\PDF Architect 4\np-previewer.dll [2016-05-04] (pdfforge GmbH)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-27] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-06-25] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2772540604-3902122079-841815421-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF user.js: detected! => C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\user.js [2016-06-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Extension: Speed Dial - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-05-25]
FF Extension: LastPass - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\support@lastpass.com [2016-05-25]
FF Extension: Tab Mix Plus - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-05]
FF Extension: S3.Google Translator - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\s3google@translator.xpi [2016-06-24]
FF Extension: uBlock Origin - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\Extensions\uBlock0@raymondhill.net.xpi [2016-06-24]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-07-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-05-25] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-26]
CHR Extension: (Dokumenty Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-26]
CHR Extension: (Disk Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26]
CHR Extension: (Rapport) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-07-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-07-04]
CHR Extension: (YouTube) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-26]
CHR Extension: (Tabulky Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-26]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-07-04]
CHR Extension: (Gmail) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-26]
CHR HKU\S-1-5-21-2772540604-3902122079-841815421-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2016-06-29] (Software602 a.s.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2016-05-26] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325880 2016-05-26] (Windows (R) Win 7 DDK provider)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2305816 2016-06-10] (Broadcom Corporation.)
S4 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2307768 2016-05-26] (Comodo)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-06-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-16] (COMODO)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2016-05-26] (Seiko Epson Corporation)
R2 HPGuard Service; C:\Program Files (x86)\HPGuard\HPGuardSrv.exe [479920 2016-07-02] (WebProtection)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438368 2016-07-04] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-07-04] (pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-07-04] (pdfforge GmbH)
S4 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-07-04] (© pdfforge GmbH.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-05-30] (IBM Corp.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [33240 2016-05-26] (VIA Technologies, Inc.)
S3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-10-28] (Western Digital Technologies, Inc.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVTouch; C:\Windows\System32\drivers\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2016-06-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2016-05-26] (ASUS Corporation)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2016-06-10] (Broadcom Corporation.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [851856 2016-06-15] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45592 2016-06-15] (COMODO)
R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2016-06-10] (Cypress Semiconductor, Inc.)
S3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-10] (REALiX(tm))
S3 i8042HDR; C:\Windows\System32\drivers\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-06-10] (Intel Corporation)
R1 RapportCerberus_1609041; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609041.sys [1157864 2016-06-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-05-30] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-05-30] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-05-30] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-05-30] (IBM Corp.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-06-10] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [11304 2016-05-26] (wisecleaner.com) [File not signed]
R1 WiseTDIFw; C:\WINDOWS\WiseTDIFw64.sys [39464 2016-05-26] (WiseCleaner.com) [File not signed]
S3 ASUSProcObsrv; \??\F:\WD SmartWare.swstor\Games\eSupport\eDriver\I386\AsPrOb64.sys [X]

==================== NetSvcs (Whitelisted) ===================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by rudyk (administrator) on RUDA (06-07-2016 03:57:22)
Running from C:\Users\rudyk\Desktop
Loaded Profiles: rudyk (Available Profiles: rudyk)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(WebProtection) C:\Program Files (x86)\HPGuard\HPGuardSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\dkdockhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2016-06-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-16] (COMODO)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2016-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-05-26] (VIA)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2016-05-26] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2016-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [DesktopCal] => C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe [282624 2016-05-30] (DesktopCal, Inc.)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-26] (Piriform Ltd)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2016-07-02] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\MountPoints2: {d0db6895-2e2e-11e6-af45-3085a9d570cb} - "F:\Lenovo_Suite.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186144 2016-03-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164520 2016-03-22] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-2772540604-3902122079-841815421-1001] => hxxp://unstops.info/wpad.dat?219fae4625b01cea1742ddbde235f9de12350276
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b80c8a9a-ff77-478c-a2ab-851032eee707}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://unstops.info/wpad.dat?219fae4625b01cea1742ddbde235f9de12350276

Internet Explorer:
==================
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {32501F99-BCA2-4D98-B5A5-F863115A175E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {337CCC6C-DFD3-420E-8419-F506CE05AA31} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {512CFFC4-E8F9-4A21-91A2-87B62EC35BF9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {51497A49-55A9-4EF3-90BB-D3AAB5A8D920} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {5410EFA8-2DA1-4626-89FE-BB60AA35BBA1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {66C2CFC0-5D30-43F5-A0CD-46707121E697} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {6F315124-37F7-40C1-9793-B5D8D077A727} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {724A02E6-74A1-4D58-951A-6C4C30EFA60A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {9903CEA2-E523-4DF0-A0C9-FE9DEECBA241} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {B69D826B-D09E-4547-ACC1-70711F9FA799} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {FB59872C-D15C-423F-A837-EBFE933625C7} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13014
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-06-17] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-05-04] (pdfforge GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-05-04] (pdfforge GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> hxxp://www.bing.com/

FireFox:
========
FF ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
FF DefaultSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/?logged=1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-27] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: PDF Architect 4 -> C:\Program Files\PDF Architect 4\np-previewer.dll [2016-05-04] (pdfforge GmbH)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-27] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-06-25] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2772540604-3902122079-841815421-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF user.js: detected! => C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\user.js [2016-06-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Extension: Speed Dial - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-05-25]
FF Extension: LastPass - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\support@lastpass.com [2016-05-25]
FF Extension: Tab Mix Plus - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-05]
FF Extension: S3.Google Translator - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\s3google@translator.xpi [2016-06-24]
FF Extension: uBlock Origin - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\Extensions\uBlock0@raymondhill.net.xpi [2016-06-24]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-07-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-05-25] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-26]
CHR Extension: (Dokumenty Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-26]
CHR Extension: (Disk Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26]
CHR Extension: (Rapport) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-07-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-07-04]
CHR Extension: (YouTube) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-26]
CHR Extension: (Tabulky Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-26]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-07-04]
CHR Extension: (Gmail) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-26]
CHR HKU\S-1-5-21-2772540604-3902122079-841815421-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2016-06-29] (Software602 a.s.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2016-05-26] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325880 2016-05-26] (Windows (R) Win 7 DDK provider)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2305816 2016-06-10] (Broadcom Corporation.)
S4 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2307768 2016-05-26] (Comodo)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-06-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-16] (COMODO)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2016-05-26] (Seiko Epson Corporation)
R2 HPGuard Service; C:\Program Files (x86)\HPGuard\HPGuardSrv.exe [479920 2016-07-02] (WebProtection)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438368 2016-07-04] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-07-04] (pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-07-04] (pdfforge GmbH)
S4 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-07-04] (© pdfforge GmbH.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-05-30] (IBM Corp.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [33240 2016-05-26] (VIA Technologies, Inc.)
S3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-10-28] (Western Digital Technologies, Inc.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVTouch; C:\Windows\System32\drivers\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2016-06-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2016-05-26] (ASUS Corporation)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2016-06-10] (Broadcom Corporation.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [851856 2016-06-15] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45592 2016-06-15] (COMODO)
R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2016-06-10] (Cypress Semiconductor, Inc.)
S3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-10] (REALiX(tm))
S3 i8042HDR; C:\Windows\System32\drivers\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-06-10] (Intel Corporation)
R1 RapportCerberus_1609041; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609041.sys [1157864 2016-06-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-05-30] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-05-30] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-05-30] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-05-30] (IBM Corp.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-06-10] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [11304 2016-05-26] (wisecleaner.com) [File not signed]
R1 WiseTDIFw; C:\WINDOWS\WiseTDIFw64.sys [39464 2016-05-26] (WiseCleaner.com) [File not signed]
S3 ASUSProcObsrv; \??\F:\WD SmartWare.swstor\Games\eSupport\eDriver\I386\AsPrOb64.sys [X]

==================== NetSvcs (Whitelisted) ===================
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 03:57 - 2016-07-06 03:58 - 00023717 _____ C:\Users\rudyk\Desktop\FRST.txt
2016-07-06 03:57 - 2016-07-06 03:57 - 00000000 ____D C:\FRST
2016-07-06 03:53 - 2016-07-06 03:55 - 02390016 _____ (Farbar) C:\Users\rudyk\Desktop\FRST64.exe
2016-07-06 02:37 - 2016-07-06 02:39 - 00000000 ____D C:\Users\rudyk\Documents\eM Client
2016-07-04 12:41 - 2016-07-04 12:41 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\PDF Producer
2016-07-04 11:56 - 2016-07-04 11:56 - 00000000 ___DC C:\Users\rudyk\AppData\Local\PDFCreator
2016-07-04 11:55 - 2016-07-04 11:55 - 00000000 ____D C:\ProgramData\pdfforge
2016-07-04 11:54 - 2016-07-04 12:45 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\PDF Architect 4
2016-07-04 11:54 - 2016-07-04 11:54 - 00000843 ____C C:\Users\Public\Desktop\PDF Architect 4.lnk
2016-07-04 11:51 - 2016-07-04 12:53 - 00000000 ____D C:\Users\rudyk\Documents\PDF Architect
2016-07-04 11:51 - 2016-07-04 11:54 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-07-04 11:51 - 2016-07-04 11:54 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2016-07-04 11:51 - 2016-07-04 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-07-04 11:48 - 2016-07-04 12:45 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-07-04 11:48 - 2016-07-04 11:48 - 00120072 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2016-07-04 11:47 - 2016-07-06 01:00 - 00000000 ____D C:\Program Files\PDFCreator
2016-07-04 11:47 - 2016-07-04 11:47 - 00000879 ____C C:\Users\Public\Desktop\PDFCreator.lnk
2016-07-04 11:47 - 2016-07-04 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-07-02 23:21 - 2016-07-02 23:21 - 00000000 ___DC C:\Users\rudyk\.objectdb
2016-07-02 23:20 - 2016-07-02 23:20 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\VitySoft
2016-07-02 23:01 - 2016-07-02 23:01 - 00000000 ___DC C:\Users\rudyk\aTubeCatcher
2016-07-02 21:57 - 2016-07-02 21:58 - 51126160 _____ C:\Users\rudyk\Documents\torbrowser-install-6.0_en-US.exe
2016-07-02 13:45 - 2016-07-02 13:45 - 00001889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001877 ____C C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001875 ____C C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00000000 ____D C:\Program Files (x86)\HPGuard
2016-07-02 12:19 - 2016-07-02 12:19 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-02 02:28 - 2016-07-02 02:28 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\ABBYY
2016-07-02 02:17 - 2016-07-02 12:47 - 00000000 ____D C:\temp
2016-07-02 02:03 - 2016-07-06 03:48 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Seznam.cz
2016-07-01 22:51 - 2016-07-01 22:51 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Ashampoo Photo Commander 11
2016-07-01 12:40 - 2016-07-01 12:40 - 00190087 _____ C:\Users\rudyk\Documents\Tomáš Haas- Trapné a komické. Halík považuje demokracii za zrůdnou. Fantasmagorie našich eurohujerů se spojuje s fantasmagorií rusofobů - ParlamentniListy.cz – politika ze všech stran.pdf
2016-07-01 01:47 - 2016-07-01 01:47 - 00000000 ____D C:\inetpub
2016-07-01 01:05 - 2016-07-01 01:05 - 00000000 ___DC C:\Users\rudyk\AppData\Local\VS Revo Group
2016-07-01 01:04 - 2016-07-01 01:04 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-07-01 01:04 - 2016-07-01 01:04 - 00001124 ____C C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-29 15:01 - 2016-06-29 15:01 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Software602
2016-06-29 14:59 - 2016-06-29 14:59 - 00000000 ____D C:\Program Files\Software602
2016-06-29 14:58 - 2015-07-14 11:52 - 01754096 _____ C:\WINDOWS\system32\602convert.dll
2016-06-29 14:58 - 2014-02-05 13:51 - 00036864 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localmon.dll
2016-06-29 14:58 - 2014-02-05 13:51 - 00022528 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localui.dll
2016-06-29 14:58 - 2011-01-18 12:49 - 04940800 _____ (NiXPS NV) C:\WINDOWS\system32\NiXPS.dll
2016-06-29 14:57 - 2016-07-02 11:13 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\602XML
2016-06-29 14:57 - 2016-06-29 15:00 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\602Installer
2016-06-29 14:57 - 2016-06-29 14:57 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk
2016-06-29 14:57 - 2016-06-29 14:57 - 00001186 ____C C:\Users\Public\Desktop\Software602 Form Filler.lnk
2016-06-29 14:56 - 2016-06-29 14:56 - 00000000 ____D C:\Program Files (x86)\Software602
2016-06-28 20:30 - 2016-06-28 20:30 - 00001177 ____C C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-06-28 20:30 - 2016-06-28 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-06-28 20:28 - 2016-06-28 20:30 - 00000000 ____D C:\Program Files\LibreOffice 5
2016-06-28 11:58 - 2016-07-06 01:00 - 00000258 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2016-06-28 11:58 - 2016-06-28 11:58 - 00002954 _____ C:\WINDOWS\System32\Tasks\CCleanerClean
2016-06-28 11:31 - 2016-06-28 11:31 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Softland
2016-06-28 11:29 - 2016-06-28 11:29 - 00000000 ____D C:\ProgramData\Softland
2016-06-28 11:26 - 2016-06-28 12:27 - 00000000 ____D C:\Program Files\Softland
2016-06-28 11:26 - 2016-06-28 12:27 - 00000000 ____D C:\Program Files (x86)\Softland
2016-06-27 21:11 - 2016-07-06 03:03 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-27 00:40 - 2016-07-06 03:39 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-06-26 10:32 - 2016-06-27 00:09 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Q-Dir
2016-06-26 10:32 - 2016-06-26 10:32 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-06-26 10:32 - 2016-06-26 10:32 - 00001846 ____C C:\Users\Public\Desktop\Q-Dir.lnk
2016-06-26 10:32 - 2016-06-26 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2016-06-24 16:56 - 2016-06-24 16:56 - 00000000 ____D C:\Users\rudyk\Documents\My Cheat Tables
2016-06-24 11:27 - 2016-06-24 11:27 - 00000000 ___DC C:\Users\Public\Documents\sun
2016-06-24 11:22 - 2016-06-24 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-24 11:22 - 2016-06-24 11:21 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-06-24 11:21 - 2016-06-24 11:21 - 00000000 ____D C:\Program Files\Java
2016-06-23 12:26 - 2016-06-23 12:26 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-06-23 12:26 - 2016-06-23 12:26 - 00000000 ____D C:\WINDOWS\system32\NV
2016-06-23 11:40 - 2016-03-22 05:19 - 00034609 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-23 11:29 - 2016-06-23 11:32 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-23 11:29 - 2016-06-03 09:22 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-06-23 11:29 - 2016-06-03 09:22 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-06-23 11:29 - 2016-03-22 07:03 - 00048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-06-22 01:12 - 2016-06-22 01:12 - 00004114 _____ C:\WINDOWS\System32\Tasks\eM Client Database Backup
2016-06-22 00:46 - 2016-06-22 01:48 - 00000000 ____D C:\Users\rudyk\Documents\ipnetinfo
2016-06-21 23:26 - 2016-06-21 23:26 - 00000000 ____D C:\WINDOWS\pss
2016-06-21 17:45 - 2016-07-02 11:04 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Seznam Browser
2016-06-21 17:45 - 2016-06-21 17:45 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Crashpad
2016-06-20 16:29 - 2016-06-20 16:29 - 00000939 ____C C:\Users\Public\Desktop\Honeyview.lnk
2016-06-20 16:29 - 2016-06-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honeyview
2016-06-20 16:29 - 2016-06-20 16:29 - 00000000 ____D C:\Program Files\Honeyview
2016-06-20 10:15 - 2016-06-20 10:44 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Deployment
2016-06-19 14:35 - 2016-06-19 14:35 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-19 14:34 - 2016-06-19 14:34 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-19 14:34 - 2016-06-19 14:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-17 11:15 - 2016-07-06 03:11 - 00002474 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_rudyk
2016-06-17 11:15 - 2016-07-06 03:11 - 00000288 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_rudyk.job
2016-06-17 11:15 - 2016-06-17 11:15 - 00001429 ____C C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-06-17 11:15 - 2016-06-17 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-06-17 10:09 - 2016-06-17 10:09 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\GHISLER
2016-06-13 23:04 - 2016-06-13 23:04 - 00012546 _____ C:\Users\rudyk\Documents\Plaček Fery.odt
2016-06-13 16:13 - 2016-07-02 23:41 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\vlc
2016-06-13 16:13 - 2016-06-13 16:13 - 00001141 ____C C:\Users\Public\Desktop\VLC media player.lnk
2016-06-13 16:13 - 2016-06-13 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-06-13 16:03 - 2016-06-13 16:04 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\IObit
2016-06-13 16:02 - 2016-06-13 16:04 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\IObit
2016-06-13 14:07 - 2016-06-13 14:54 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\KeePass
2016-06-12 17:54 - 2016-06-12 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fireluke Software
2016-06-12 17:41 - 2016-06-12 18:22 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fireluke Software
2016-06-12 17:41 - 2016-06-12 17:41 - 00000000 ____D C:\Program Files (x86)\Fireluke
2016-06-11 19:03 - 2016-06-11 19:03 - 00002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-06-11 19:03 - 2016-06-11 19:03 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\Google
2016-06-10 23:41 - 2016-06-10 23:41 - 00000000 ____D C:\Users\rudyk\Documents\ASUS
2016-06-10 22:59 - 2016-06-29 10:40 - 00000000 ____D C:\Users\rudyk\Documents\Lightshot
2016-06-10 17:02 - 2016-06-20 10:15 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Apps\2.0
2016-06-10 12:38 - 2016-06-10 12:38 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-06-10 12:09 - 2016-06-10 12:09 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-06-10 12:09 - 2016-06-10 12:09 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe
2016-06-10 12:09 - 2016-06-10 12:09 - 00413912 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2016-06-10 12:07 - 2016-06-10 12:20 - 00243512 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2016-06-10 12:07 - 2016-06-10 12:08 - 00227144 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2016-06-10 12:06 - 2016-06-10 12:06 - 01077248 _____ C:\WINDOWS\system32\AmRdrIco.icl
2016-06-10 12:06 - 2016-06-10 12:06 - 00084480 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2016-06-10 12:06 - 2016-06-10 12:06 - 00019066 _____ C:\WINDOWS\system32\AmUStor.ini
2016-06-10 12:06 - 2016-06-10 12:06 - 00012800 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor2.dll
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6420.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6366.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6362.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6361.bin
2016-06-10 12:05 - 2016-06-10 12:06 - 00447720 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2016-06-10 12:05 - 2016-06-10 12:05 - 00019968 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cykbfltr.sys
2016-06-10 11:49 - 2016-06-10 11:49 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-06-10 11:46 - 2016-06-10 11:47 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\ProductData
2016-06-10 11:46 - 2016-06-10 11:46 - 00002420 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_rudyk
2016-06-10 11:46 - 2016-06-10 11:46 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-06-10 11:46 - 2016-06-10 11:46 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-06-10 11:45 - 2016-06-10 12:43 - 00000248 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_rudyk.job
2016-06-10 11:45 - 2016-06-10 11:45 - 00003296 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-06-10 11:44 - 2016-06-25 09:24 - 00000000 ____D C:\ProgramData\ProductData
2016-06-10 11:43 - 2016-06-20 10:49 - 00000000 ____D C:\ProgramData\IObit
2016-06-10 11:43 - 2016-06-17 11:14 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-10 11:43 - 2016-06-10 12:36 - 00003004 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (rudyk)
2016-06-10 11:43 - 2016-06-10 11:43 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-06-09 20:24 - 2016-06-09 20:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-06 10:52 - 2016-06-07 20:18 - 00000000 ___DC C:\Users\rudyk\AppData\Local\ElevatedDiagnostics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 03:53 - 2016-05-25 14:19 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F8346480-1A63-4517-B7D0-2F8E0B19255D}
2016-07-06 03:51 - 2016-05-25 20:55 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-07-06 03:46 - 2016-05-25 15:25 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\LastPass
2016-07-06 03:44 - 2016-06-03 17:44 - 00000000 ____D C:\AdwCleaner
2016-07-06 03:43 - 2016-05-26 08:58 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 03:42 - 2016-05-26 11:43 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-07-06 03:41 - 2016-05-25 21:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 03:41 - 2016-05-25 11:55 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-06 03:40 - 2016-05-26 01:06 - 00000000 ____D C:\Users\rudyk\AppData\Local\CrashDumps
2016-07-06 03:34 - 2016-05-25 22:11 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\eM Client
2016-07-06 03:08 - 2016-05-26 08:58 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-06 02:31 - 2016-05-25 12:23 - 00000000 ____D C:\WINDOWS\INF
2016-07-06 02:30 - 2016-05-25 12:23 - 00000000 ___DC C:\Users\rudyk
2016-07-06 02:08 - 2016-05-26 01:31 - 00000398 _____ C:\WINDOWS\Tasks\update-sys.job
2016-07-06 01:15 - 2016-05-26 01:31 - 00000398 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2772540604-3902122079-841815421-1001.job
2016-07-05 23:11 - 2016-05-25 12:34 - 00985652 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-05 23:11 - 2016-05-25 12:34 - 00235568 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-05 23:11 - 2016-05-25 12:16 - 02095148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-05 09:25 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-04 16:24 - 2016-05-25 12:25 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 16:18 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\registration
2016-07-04 00:52 - 2016-05-25 21:54 - 00908596 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-07-03 02:12 - 2016-05-30 13:50 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-02 23:17 - 2016-05-25 13:24 - 00000000 ____D C:\Users\rudyk\AppData\Local\VirtualStore
2016-07-02 14:58 - 2016-05-26 13:51 - 00000000 ___DC C:\Users\rudyk\AppData\Local\ABBYY
2016-07-02 11:34 - 2016-05-26 18:49 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Skype
2016-07-02 11:33 - 2016-05-26 18:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-02 11:33 - 2016-05-26 18:49 - 00000000 ____D C:\ProgramData\Skype
2016-07-02 11:13 - 2016-05-26 02:52 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\uTorrent
2016-07-02 11:13 - 2016-05-26 00:38 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-07-02 05:41 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\rescache
2016-07-02 02:23 - 2016-05-26 13:50 - 00000000 ____D C:\ProgramData\ABBYY
2016-07-01 15:52 - 2016-05-26 21:46 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2016-07-01 15:51 - 2016-05-26 21:46 - 00001121 _____ C:\Users\rudyk\Desktop\Recepty doma.lnk
2016-07-01 15:51 - 2016-05-26 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma
2016-07-01 01:49 - 2016-05-25 12:01 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-01 01:47 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-07-01 01:47 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-07-01 01:47 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-07-01 01:47 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-07-01 01:23 - 2016-05-25 22:02 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-06-29 21:29 - 2016-05-25 20:58 - 00258928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-28 12:27 - 2016-05-26 10:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 21:11 - 2016-06-02 20:07 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Adobe
2016-06-27 00:41 - 2016-05-25 20:51 - 00000000 ____D C:\ProgramData\Comodo
2016-06-26 23:24 - 2016-05-25 21:50 - 00000000 ____D C:\Program Files\CCleaner
2016-06-26 23:22 - 2016-05-25 21:50 - 00000865 ____C C:\Users\Public\Desktop\CCleaner.lnk
2016-06-26 10:34 - 2016-05-25 20:40 - 00012854 _____ C:\WINDOWS\Q-Dir.ini
2016-06-26 10:32 - 2016-05-25 21:54 - 00000000 ____D C:\Program Files\Q-Dir
2016-06-25 14:16 - 2016-05-30 15:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 14:16 - 2016-05-30 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-25 14:14 - 2016-05-26 11:40 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-06-25 14:06 - 2016-05-30 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-24 12:46 - 2016-06-01 23:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 11:22 - 2016-05-27 22:59 - 00000000 ___DC C:\Users\rudyk\.oracle_jre_usage
2016-06-23 12:26 - 2016-05-25 12:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-23 12:26 - 2016-05-25 12:32 - 00945600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-23 11:44 - 2016-05-25 12:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-23 11:08 - 2016-05-27 22:58 - 00000000 ____D C:\ProgramData\Oracle
2016-06-21 00:24 - 2016-05-26 02:16 - 00000000 ____D C:\Program Files\Recuva
2016-06-19 15:10 - 2016-05-25 13:25 - 00000000 _RHDC C:\Users\Public\AccountPictures
2016-06-19 15:03 - 2016-05-25 12:25 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-19 15:03 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-19 15:02 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-19 14:49 - 2016-05-25 12:27 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-19 14:49 - 2016-05-25 12:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-19 14:48 - 2016-05-25 16:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-19 14:40 - 2016-05-25 16:02 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-19 14:34 - 2016-05-25 12:13 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-17 19:04 - 2016-05-30 13:50 - 00004026 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-16 21:20 - 2016-05-25 20:55 - 00001904 ____C C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-06-16 08:42 - 2016-05-26 12:28 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-06-15 22:22 - 2016-05-25 12:44 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-06-15 08:14 - 2015-08-05 01:31 - 00138560 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2016-06-15 08:14 - 2015-08-05 01:31 - 00045592 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2016-06-15 08:13 - 2015-08-05 01:31 - 00851856 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2016-06-15 08:13 - 2015-08-05 01:31 - 00032224 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2016-06-15 08:08 - 2015-09-03 12:52 - 00793104 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2016-06-15 08:08 - 2015-09-03 12:52 - 00626288 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2016-06-15 08:08 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2016-06-15 08:04 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2016-06-15 08:02 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2016-06-15 07:58 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2016-06-15 07:56 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2016-06-13 22:30 - 2016-06-01 15:28 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\XnView
2016-06-13 19:54 - 2016-05-26 19:39 - 00000000 ____D C:\Users\rudyk\AppData\Local\Windows Live
2016-06-13 16:05 - 2016-05-25 16:11 - 00000000 ____D C:\Program Files\VideoLAN
2016-06-11 20:17 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-11 19:02 - 2016-05-26 08:58 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-11 11:40 - 2016-05-26 02:07 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000969 ____C C:\Users\Public\Desktop\FreeFileSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000955 ____C C:\Users\Public\Desktop\RealTimeSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000000 ____D C:\Program Files\FreeFileSync
2016-06-10 12:21 - 2016-05-26 09:49 - 00003102 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-06-10 12:21 - 2016-05-26 09:48 - 00003082 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2016-06-10 12:20 - 2013-09-04 18:12 - 00121616 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2016-06-10 12:13 - 2016-05-27 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2016-06-10 12:11 - 2016-05-25 15:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-10 12:11 - 2016-05-25 14:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-10 12:09 - 2015-08-23 23:06 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-06-10 12:08 - 2015-08-03 08:41 - 04323976 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys
2016-06-10 12:07 - 2016-05-25 16:28 - 02305816 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2016-06-10 12:06 - 2016-05-25 12:44 - 00000000 ____D C:\Program Files\Elantech
2016-06-09 17:58 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-06-09 10:01 - 2016-05-26 02:16 - 00001701 ____C C:\Users\Public\Desktop\Recuva.lnk
2016-06-08 10:22 - 2016-05-26 01:46 - 00001176 ____C C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2016-06-07 08:59 - 2016-05-30 14:36 - 00001038 _____ C:\Users\rudyk\Desktop\Desktop Calendar.lnk
2016-06-06 20:56 - 2016-05-25 12:31 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Files in the root of some directories =======

2016-05-26 09:52 - 2016-06-03 17:29 - 0000405 _____ () C:\Users\rudyk\AppData\Roaming\sp_data.sys
2016-05-25 20:27 - 2016-05-25 20:27 - 0003584 ____C () C:\Users\rudyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:08 - 2016-06-04 17:11 - 0007606 ____C () C:\Users\rudyk\AppData\Local\resmon.resmoncfg
2016-05-26 01:31 - 2016-05-26 01:31 - 0000003 ____C () C:\Users\rudyk\AppData\Local\updater.log
2016-05-26 01:31 - 2016-05-26 01:31 - 0000424 ____C () C:\Users\rudyk\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\rudyk\AppData\Local\Temp\libeay32.dll
C:\Users\rudyk\AppData\Local\Temp\msvcr120.dll
C:\Users\rudyk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 21:39

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[rudkr63]

# AdwCleaner v5.201 - Log vytvořen 06/07/2016 v 12:25:47
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-04.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : rudyk - RUDA
# Spuštěno z : D:\Stažené soubory II\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1972 bytů] - [03/06/2016 17:49:26]
C:\AdwCleaner\AdwCleaner[C2].txt - [1601 bytů] - [28/06/2016 18:29:02]
C:\AdwCleaner\AdwCleaner[C3].txt - [2519 bytů] - [02/07/2016 11:45:40]
C:\AdwCleaner\AdwCleaner[C4].txt - [1994 bytů] - [02/07/2016 14:38:23]
C:\AdwCleaner\AdwCleaner[C5].txt - [1686 bytů] - [04/07/2016 00:50:21]
C:\AdwCleaner\AdwCleaner[C6].txt - [2202 bytů] - [06/07/2016 03:39:58]
C:\AdwCleaner\AdwCleaner[C7].txt - [1315 bytů] - [06/07/2016 12:25:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [1766 bytů] - [03/06/2016 17:45:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [1493 bytů] - [28/06/2016 17:39:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [3255 bytů] - [02/07/2016 11:41:25]
C:\AdwCleaner\AdwCleaner[S4].txt - [1994 bytů] - [02/07/2016 14:34:22]
C:\AdwCleaner\AdwCleaner[S5].txt - [1503 bytů] - [04/07/2016 00:46:16]
C:\AdwCleaner\AdwCleaner[S6].txt - [2011 bytů] - [06/07/2016 03:34:44]
C:\AdwCleaner\AdwCleaner[S7].txt - [1795 bytů] - [06/07/2016 12:21:28]




Ještě bych doplnil, že ráno jsem použil MBAM-přikládám také
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 06.07.2016
Čas skenování: 11:14
Protokol: MBAM.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.07.06.02
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: rudyk

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 308270
Uplynulý čas: 24 min, 19 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [1899 bytů] ##########

[Rudy]

OK. Dejte nový log FRST.

[rudkr63]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by rudyk (administrator) on RUDA (06-07-2016 15:04:34)
Running from C:\Users\rudyk\Desktop
Loaded Profiles: rudyk (Available Profiles: rudyk)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(WebProtection) C:\Program Files (x86)\HPGuard\HPGuardSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(DesktopCal, Inc.) C:\Users\rudyk\AppData\Roaming\DesktopCal\dkdockhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files\ASUS\Bluetooth Software\btwdins.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2016-06-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-16] (COMODO)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2016-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-05-26] (VIA)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2016-05-26] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2016-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [DesktopCal] => C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe [282624 2016-05-30] (DesktopCal, Inc.)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-26] (Piriform Ltd)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2016-07-02] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\rudyk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\MountPoints2: {d0db6895-2e2e-11e6-af45-3085a9d570cb} - "F:\Lenovo_Suite.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186144 2016-03-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164520 2016-03-22] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b80c8a9a-ff77-478c-a2ab-851032eee707}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {32501F99-BCA2-4D98-B5A5-F863115A175E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {337CCC6C-DFD3-420E-8419-F506CE05AA31} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {512CFFC4-E8F9-4A21-91A2-87B62EC35BF9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {51497A49-55A9-4EF3-90BB-D3AAB5A8D920} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {5410EFA8-2DA1-4626-89FE-BB60AA35BBA1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {66C2CFC0-5D30-43F5-A0CD-46707121E697} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {6F315124-37F7-40C1-9793-B5D8D077A727} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {724A02E6-74A1-4D58-951A-6C4C30EFA60A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {9903CEA2-E523-4DF0-A0C9-FE9DEECBA241} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {B69D826B-D09E-4547-ACC1-70711F9FA799} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> {FB59872C-D15C-423F-A837-EBFE933625C7} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13014
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-06-17] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> hxxp://www.bing.com/

FireFox:
========
FF ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
FF DefaultSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/?logged=1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-27] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-27] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-06-25] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2772540604-3902122079-841815421-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF user.js: detected! => C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\user.js [2016-06-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-05-28] (Tracker Software Products (Canada) Ltd.)
FF Extension: Speed Dial - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-05-25]
FF Extension: LastPass - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\support@lastpass.com [2016-05-25]
FF Extension: Tab Mix Plus - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-05]
FF Extension: S3.Google Translator - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\extensions\s3google@translator.xpi [2016-06-24]
FF Extension: uBlock Origin - C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\Extensions\uBlock0@raymondhill.net.xpi [2016-06-24]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-05-25] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-26]
CHR Extension: (Dokumenty Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-26]
CHR Extension: (Disk Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26]
CHR Extension: (Rapport) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-07-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-07-04]
CHR Extension: (YouTube) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-26]
CHR Extension: (Tabulky Google) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-26]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-07-04]
CHR Extension: (Gmail) - C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-26]
CHR HKU\S-1-5-21-2772540604-3902122079-841815421-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2016-06-29] (Software602 a.s.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2016-05-26] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325880 2016-05-26] (Windows (R) Win 7 DDK provider)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2305816 2016-06-10] (Broadcom Corporation.)
S4 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2307768 2016-05-26] (Comodo)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-06-16] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-16] (COMODO)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2016-05-26] (Seiko Epson Corporation)
R2 HPGuard Service; C:\Program Files (x86)\HPGuard\HPGuardSrv.exe [479920 2016-07-02] (WebProtection)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-05-30] (IBM Corp.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [33240 2016-05-26] (VIA Technologies, Inc.)
R3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-10-28] (Western Digital Technologies, Inc.)
R3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVTouch; C:\Windows\System32\drivers\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2016-06-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2016-05-26] (ASUS Corporation)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2016-06-10] (Broadcom Corporation.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [851856 2016-06-15] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45592 2016-06-15] (COMODO)
R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2016-06-10] (Cypress Semiconductor, Inc.)
S3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31320 2015-07-14] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-10] (REALiX(tm))
S3 i8042HDR; C:\Windows\System32\drivers\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-06-10] (Intel Corporation)
R1 RapportCerberus_1609041; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609041.sys [1157864 2016-06-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-05-30] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-05-30] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-05-30] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-05-30] (IBM Corp.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-06-10] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [11304 2016-05-26] (wisecleaner.com) [File not signed]
R1 WiseTDIFw; C:\WINDOWS\WiseTDIFw64.sys [39464 2016-05-26] (WiseCleaner.com) [File not signed]
S3 ASUSProcObsrv; \??\F:\WD SmartWare.swstor\Games\eSupport\eDriver\I386\AsPrOb64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 14:22 - 2016-07-06 14:22 - 00000000 ____D C:\ProgramData\pdfforge
2016-07-06 11:42 - 2016-07-06 11:42 - 00001135 _____ C:\Users\rudyk\Documents\MBAM.txt
2016-07-06 11:10 - 2016-07-06 14:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-06 11:09 - 2016-07-06 11:12 - 00001173 ____C C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-06 11:09 - 2016-07-06 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-06 11:09 - 2016-07-06 11:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-06 11:09 - 2016-07-06 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-06 11:09 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-06 11:09 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-06 11:09 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-06 04:01 - 2016-07-06 04:03 - 00110427 _____ C:\Users\rudyk\Desktop\Addition.txt
2016-07-06 03:57 - 2016-07-06 15:05 - 00023520 _____ C:\Users\rudyk\Desktop\FRST.txt
2016-07-06 03:57 - 2016-07-06 15:04 - 00000000 ____D C:\FRST
2016-07-06 03:53 - 2016-07-06 03:55 - 02390016 _____ (Farbar) C:\Users\rudyk\Desktop\FRST64.exe
2016-07-06 02:37 - 2016-07-06 02:39 - 00000000 ____D C:\Users\rudyk\Documents\eM Client
2016-07-04 12:41 - 2016-07-04 12:41 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\PDF Producer
2016-07-04 11:54 - 2016-07-04 12:45 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\PDF Architect 4
2016-07-04 11:51 - 2016-07-04 12:53 - 00000000 ____D C:\Users\rudyk\Documents\PDF Architect
2016-07-04 11:48 - 2016-07-06 14:30 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-07-02 23:21 - 2016-07-02 23:21 - 00000000 ___DC C:\Users\rudyk\.objectdb
2016-07-02 23:20 - 2016-07-02 23:20 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\VitySoft
2016-07-02 23:01 - 2016-07-02 23:01 - 00000000 ___DC C:\Users\rudyk\aTubeCatcher
2016-07-02 21:57 - 2016-07-02 21:58 - 51126160 _____ C:\Users\rudyk\Documents\torbrowser-install-6.0_en-US.exe
2016-07-02 13:45 - 2016-07-02 13:45 - 00001889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001877 ____C C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00001875 ____C C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-07-02 13:45 - 2016-07-02 13:45 - 00000000 ____D C:\Program Files (x86)\HPGuard
2016-07-02 12:19 - 2016-07-06 11:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-02 02:28 - 2016-07-02 02:28 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\ABBYY
2016-07-02 02:03 - 2016-07-06 14:14 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Seznam.cz
2016-07-01 22:51 - 2016-07-01 22:51 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Ashampoo Photo Commander 11
2016-07-01 12:40 - 2016-07-01 12:40 - 00190087 _____ C:\Users\rudyk\Documents\Tomáš Haas- Trapné a komické. Halík považuje demokracii za zrůdnou. Fantasmagorie našich eurohujerů se spojuje s fantasmagorií rusofobů - ParlamentniListy.cz – politika ze všech stran.pdf
2016-07-01 01:47 - 2016-07-01 01:47 - 00000000 ____D C:\inetpub
2016-07-01 01:05 - 2016-07-01 01:05 - 00000000 ___DC C:\Users\rudyk\AppData\Local\VS Revo Group
2016-07-01 01:04 - 2016-07-01 01:04 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-07-01 01:04 - 2016-07-01 01:04 - 00001124 ____C C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-07-01 01:04 - 2016-07-01 01:04 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-29 15:01 - 2016-06-29 15:01 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Software602
2016-06-29 14:59 - 2016-06-29 14:59 - 00000000 ____D C:\Program Files\Software602
2016-06-29 14:58 - 2015-07-14 11:52 - 01754096 _____ C:\WINDOWS\system32\602convert.dll
2016-06-29 14:58 - 2014-02-05 13:51 - 00036864 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localmon.dll
2016-06-29 14:58 - 2014-02-05 13:51 - 00022528 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localui.dll
2016-06-29 14:58 - 2011-01-18 12:49 - 04940800 _____ (NiXPS NV) C:\WINDOWS\system32\NiXPS.dll
2016-06-29 14:57 - 2016-07-02 11:13 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\602XML
2016-06-29 14:57 - 2016-06-29 15:00 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\602Installer
2016-06-29 14:57 - 2016-06-29 14:57 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk
2016-06-29 14:57 - 2016-06-29 14:57 - 00001186 ____C C:\Users\Public\Desktop\Software602 Form Filler.lnk
2016-06-29 14:56 - 2016-06-29 14:56 - 00000000 ____D C:\Program Files (x86)\Software602
2016-06-28 20:30 - 2016-06-28 20:30 - 00001177 ____C C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-06-28 20:30 - 2016-06-28 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-06-28 20:28 - 2016-06-28 20:30 - 00000000 ____D C:\Program Files\LibreOffice 5
2016-06-28 11:58 - 2016-07-06 01:00 - 00000258 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2016-06-28 11:58 - 2016-06-28 11:58 - 00002954 _____ C:\WINDOWS\System32\Tasks\CCleanerClean
2016-06-28 11:31 - 2016-06-28 11:31 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Softland
2016-06-28 11:29 - 2016-06-28 11:29 - 00000000 ____D C:\ProgramData\Softland
2016-06-28 11:26 - 2016-06-28 12:27 - 00000000 ____D C:\Program Files\Softland
2016-06-28 11:26 - 2016-06-28 12:27 - 00000000 ____D C:\Program Files (x86)\Softland
2016-06-27 21:11 - 2016-07-06 15:03 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-27 00:40 - 2016-07-06 14:42 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-06-26 10:32 - 2016-06-27 00:09 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Q-Dir
2016-06-26 10:32 - 2016-06-26 10:32 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-06-26 10:32 - 2016-06-26 10:32 - 00001846 ____C C:\Users\Public\Desktop\Q-Dir.lnk
2016-06-26 10:32 - 2016-06-26 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2016-06-24 16:56 - 2016-06-24 16:56 - 00000000 ____D C:\Users\rudyk\Documents\My Cheat Tables
2016-06-24 11:27 - 2016-06-24 11:27 - 00000000 ___DC C:\Users\Public\Documents\sun
2016-06-24 11:22 - 2016-06-24 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-24 11:22 - 2016-06-24 11:21 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-06-24 11:21 - 2016-06-24 11:21 - 00000000 ____D C:\Program Files\Java
2016-06-23 12:26 - 2016-06-23 12:26 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-06-23 12:26 - 2016-06-23 12:26 - 00000000 ____D C:\WINDOWS\system32\NV
2016-06-23 11:40 - 2016-03-22 05:19 - 00034609 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-23 11:29 - 2016-06-23 11:32 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-23 11:29 - 2016-06-23 11:32 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-23 11:29 - 2016-06-03 09:22 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-06-23 11:29 - 2016-06-03 09:22 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-06-23 11:29 - 2016-03-22 07:03 - 00048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-06-22 01:12 - 2016-06-22 01:12 - 00004114 _____ C:\WINDOWS\System32\Tasks\eM Client Database Backup
2016-06-22 00:46 - 2016-06-22 01:48 - 00000000 ____D C:\Users\rudyk\Documents\ipnetinfo
2016-06-21 23:26 - 2016-06-21 23:26 - 00000000 ____D C:\WINDOWS\pss
2016-06-21 17:45 - 2016-07-02 11:04 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Seznam Browser
2016-06-21 17:45 - 2016-06-21 17:45 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Crashpad
2016-06-20 16:29 - 2016-06-20 16:29 - 00000939 ____C C:\Users\Public\Desktop\Honeyview.lnk
2016-06-20 16:29 - 2016-06-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honeyview
2016-06-20 16:29 - 2016-06-20 16:29 - 00000000 ____D C:\Program Files\Honeyview
2016-06-20 10:15 - 2016-06-20 10:44 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Deployment
2016-06-19 14:35 - 2016-06-19 14:35 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-19 14:35 - 2016-06-19 14:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-19 14:35 - 2016-06-19 14:35 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-19 14:34 - 2016-06-19 14:34 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-19 14:34 - 2016-06-19 14:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-19 14:34 - 2016-06-19 14:34 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-19 14:34 - 2016-06-19 14:34 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-19 14:34 - 2016-06-19 14:34 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-17 11:15 - 2016-07-06 03:11 - 00002474 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_rudyk
2016-06-17 11:15 - 2016-07-06 03:11 - 00000288 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_rudyk.job
2016-06-17 11:15 - 2016-06-17 11:15 - 00001429 ____C C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-06-17 11:15 - 2016-06-17 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-06-17 10:09 - 2016-06-17 10:09 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\GHISLER
2016-06-13 23:04 - 2016-06-13 23:04 - 00012546 _____ C:\Users\rudyk\Documents\Plaček Fery.odt
2016-06-13 16:13 - 2016-07-02 23:41 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\vlc
2016-06-13 16:13 - 2016-06-13 16:13 - 00001141 ____C C:\Users\Public\Desktop\VLC media player.lnk
2016-06-13 16:13 - 2016-06-13 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-06-13 16:03 - 2016-06-13 16:04 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\IObit
2016-06-13 16:02 - 2016-06-13 16:04 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\IObit
2016-06-13 14:07 - 2016-06-13 14:54 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\KeePass
2016-06-12 17:54 - 2016-06-12 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fireluke Software
2016-06-12 17:41 - 2016-06-12 18:22 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fireluke Software
2016-06-12 17:41 - 2016-06-12 17:41 - 00000000 ____D C:\Program Files (x86)\Fireluke
2016-06-11 19:03 - 2016-06-11 19:03 - 00002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-06-11 19:03 - 2016-06-11 19:03 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\Google
2016-06-10 23:41 - 2016-06-10 23:41 - 00000000 ____D C:\Users\rudyk\Documents\ASUS
2016-06-10 22:59 - 2016-07-06 11:55 - 00000000 ____D C:\Users\rudyk\Documents\Lightshot
2016-06-10 17:02 - 2016-06-20 10:15 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Apps\2.0
2016-06-10 12:38 - 2016-06-10 12:38 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-06-10 12:09 - 2016-06-10 12:09 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-06-10 12:09 - 2016-06-10 12:09 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe
2016-06-10 12:09 - 2016-06-10 12:09 - 00413912 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2016-06-10 12:07 - 2016-06-10 12:20 - 00243512 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2016-06-10 12:07 - 2016-06-10 12:08 - 00227144 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2016-06-10 12:06 - 2016-06-10 12:06 - 01077248 _____ C:\WINDOWS\system32\AmRdrIco.icl
2016-06-10 12:06 - 2016-06-10 12:06 - 00084480 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2016-06-10 12:06 - 2016-06-10 12:06 - 00019066 _____ C:\WINDOWS\system32\AmUStor.ini
2016-06-10 12:06 - 2016-06-10 12:06 - 00012800 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor2.dll
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6420.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6366.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6362.bin
2016-06-10 12:06 - 2016-06-10 12:06 - 00000008 _____ C:\WINDOWS\system32\CardDetect6361.bin
2016-06-10 12:05 - 2016-06-10 12:06 - 00447720 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2016-06-10 12:05 - 2016-06-10 12:05 - 00019968 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cykbfltr.sys
2016-06-10 11:49 - 2016-06-10 11:49 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-06-10 11:46 - 2016-06-10 11:47 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\ProductData
2016-06-10 11:46 - 2016-06-10 11:46 - 00002420 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_rudyk
2016-06-10 11:46 - 2016-06-10 11:46 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-06-10 11:46 - 2016-06-10 11:46 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-06-10 11:45 - 2016-06-10 12:43 - 00000248 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_rudyk.job
2016-06-10 11:45 - 2016-06-10 11:45 - 00003296 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-06-10 11:44 - 2016-06-25 09:24 - 00000000 ____D C:\ProgramData\ProductData
2016-06-10 11:43 - 2016-06-20 10:49 - 00000000 ____D C:\ProgramData\IObit
2016-06-10 11:43 - 2016-06-17 11:14 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-10 11:43 - 2016-06-10 12:36 - 00003004 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (rudyk)
2016-06-10 11:43 - 2016-06-10 11:43 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-06-09 20:24 - 2016-06-09 20:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-06 10:52 - 2016-06-07 20:18 - 00000000 ___DC C:\Users\rudyk\AppData\Local\ElevatedDiagnostics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 15:05 - 2016-05-25 22:11 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\eM Client
2016-07-06 15:04 - 2016-05-25 20:55 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-07-06 15:03 - 2016-05-25 21:54 - 00908028 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-07-06 15:02 - 2016-05-25 15:25 - 00000000 ____D C:\Users\rudyk\AppData\LocalLow\LastPass
2016-07-06 14:23 - 2016-05-25 12:23 - 00000000 ____D C:\WINDOWS\INF
2016-07-06 14:08 - 2016-05-26 11:43 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-07-06 14:08 - 2016-05-26 08:58 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-06 14:08 - 2016-05-26 01:31 - 00000398 _____ C:\WINDOWS\Tasks\update-sys.job
2016-07-06 14:07 - 2016-05-26 08:58 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 14:05 - 2016-05-25 21:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 14:04 - 2016-05-25 11:55 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-06 13:46 - 2016-05-27 12:15 - 00000000 ____D C:\Users\rudyk\Documents\ČIŠTĚNÍ
2016-07-06 13:15 - 2016-05-26 01:31 - 00000398 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2772540604-3902122079-841815421-1001.job
2016-07-06 12:26 - 2016-05-26 01:06 - 00000000 ____D C:\Users\rudyk\AppData\Local\CrashDumps
2016-07-06 12:25 - 2016-06-03 17:44 - 00000000 ____D C:\AdwCleaner
2016-07-06 10:30 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-06 10:21 - 2016-05-25 14:19 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F8346480-1A63-4517-B7D0-2F8E0B19255D}
2016-07-06 02:30 - 2016-05-25 12:23 - 00000000 ___DC C:\Users\rudyk
2016-07-05 23:11 - 2016-05-25 12:34 - 00985652 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-05 23:11 - 2016-05-25 12:34 - 00235568 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-05 23:11 - 2016-05-25 12:16 - 02095148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-04 16:24 - 2016-05-25 12:25 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 16:18 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\registration
2016-07-03 02:12 - 2016-05-30 13:50 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-02 23:17 - 2016-05-25 13:24 - 00000000 ____D C:\Users\rudyk\AppData\Local\VirtualStore
2016-07-02 11:34 - 2016-05-26 18:49 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\Skype
2016-07-02 11:33 - 2016-05-26 18:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-02 11:33 - 2016-05-26 18:49 - 00000000 ____D C:\ProgramData\Skype
2016-07-02 11:13 - 2016-05-26 02:52 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\uTorrent
2016-07-02 11:13 - 2016-05-26 00:38 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-07-02 05:41 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\rescache
2016-07-01 15:52 - 2016-05-26 21:46 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2016-07-01 15:51 - 2016-05-26 21:46 - 00001121 _____ C:\Users\rudyk\Desktop\Recepty doma.lnk
2016-07-01 15:51 - 2016-05-26 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma
2016-07-01 01:49 - 2016-05-25 12:01 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-01 01:47 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-07-01 01:47 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-07-01 01:47 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-07-01 01:47 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-07-01 01:47 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-07-01 01:23 - 2016-05-25 22:02 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-06-29 21:29 - 2016-05-25 20:58 - 00258928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-28 12:27 - 2016-05-26 10:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 21:11 - 2016-06-02 20:07 - 00000000 ___DC C:\Users\rudyk\AppData\Local\Adobe
2016-06-27 00:41 - 2016-05-25 20:51 - 00000000 ____D C:\ProgramData\Comodo
2016-06-26 23:24 - 2016-05-25 21:50 - 00000000 ____D C:\Program Files\CCleaner
2016-06-26 23:22 - 2016-05-25 21:50 - 00000865 ____C C:\Users\Public\Desktop\CCleaner.lnk
2016-06-26 10:34 - 2016-05-25 20:40 - 00012854 _____ C:\WINDOWS\Q-Dir.ini
2016-06-26 10:32 - 2016-05-25 21:54 - 00000000 ____D C:\Program Files\Q-Dir
2016-06-25 14:16 - 2016-05-30 15:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 14:16 - 2016-05-30 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-25 14:14 - 2016-05-26 11:40 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-06-25 14:06 - 2016-05-30 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-24 12:46 - 2016-06-01 23:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 11:22 - 2016-05-27 22:59 - 00000000 ___DC C:\Users\rudyk\.oracle_jre_usage
2016-06-23 12:26 - 2016-05-25 12:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-23 12:26 - 2016-05-25 12:32 - 00945600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-23 11:44 - 2016-05-25 12:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-23 11:08 - 2016-05-27 22:58 - 00000000 ____D C:\ProgramData\Oracle
2016-06-21 00:24 - 2016-05-26 02:16 - 00000000 ____D C:\Program Files\Recuva
2016-06-19 15:10 - 2016-05-25 13:25 - 00000000 _RHDC C:\Users\Public\AccountPictures
2016-06-19 15:03 - 2016-05-25 12:25 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-19 15:03 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-19 15:02 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-19 14:49 - 2016-05-25 12:27 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-19 14:49 - 2016-05-25 12:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-19 14:48 - 2016-05-25 16:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-19 14:40 - 2016-05-25 16:02 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-19 14:34 - 2016-05-25 12:13 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-17 19:04 - 2016-05-30 13:50 - 00004026 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-16 21:20 - 2016-05-25 20:55 - 00001904 ____C C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-06-16 08:42 - 2016-05-26 12:28 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-06-15 22:22 - 2016-05-25 12:44 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-06-15 08:14 - 2015-08-05 01:31 - 00138560 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2016-06-15 08:14 - 2015-08-05 01:31 - 00045592 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2016-06-15 08:13 - 2015-08-05 01:31 - 00851856 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2016-06-15 08:13 - 2015-08-05 01:31 - 00032224 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2016-06-15 08:08 - 2015-09-03 12:52 - 00793104 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2016-06-15 08:08 - 2015-09-03 12:52 - 00626288 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2016-06-15 08:08 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2016-06-15 08:04 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2016-06-15 08:02 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2016-06-15 07:58 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2016-06-15 07:56 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2016-06-13 22:30 - 2016-06-01 15:28 - 00000000 ____D C:\Users\rudyk\AppData\Roaming\XnView
2016-06-13 19:54 - 2016-05-26 19:39 - 00000000 ____D C:\Users\rudyk\AppData\Local\Windows Live
2016-06-13 16:05 - 2016-05-25 16:11 - 00000000 ____D C:\Program Files\VideoLAN
2016-06-11 20:17 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-11 19:02 - 2016-05-26 08:58 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-11 11:40 - 2016-05-26 02:07 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000969 ____C C:\Users\Public\Desktop\FreeFileSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000955 ____C C:\Users\Public\Desktop\RealTimeSync.lnk
2016-06-11 11:40 - 2016-05-26 02:07 - 00000000 ____D C:\Program Files\FreeFileSync
2016-06-10 12:21 - 2016-05-26 09:49 - 00003102 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-06-10 12:21 - 2016-05-26 09:48 - 00003082 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2016-06-10 12:20 - 2013-09-04 18:12 - 00121616 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2016-06-10 12:13 - 2016-05-27 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2016-06-10 12:11 - 2016-05-25 15:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-10 12:11 - 2016-05-25 14:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-10 12:09 - 2015-08-23 23:06 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-06-10 12:08 - 2015-08-03 08:41 - 04323976 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys
2016-06-10 12:07 - 2016-05-25 16:28 - 02305816 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2016-06-10 12:06 - 2016-05-25 12:44 - 00000000 ____D C:\Program Files\Elantech
2016-06-09 17:58 - 2016-05-25 12:25 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-06-09 10:01 - 2016-05-26 02:16 - 00001701 ____C C:\Users\Public\Desktop\Recuva.lnk
2016-06-08 10:22 - 2016-05-26 01:46 - 00001176 ____C C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2016-06-07 08:59 - 2016-05-30 14:36 - 00001038 _____ C:\Users\rudyk\Desktop\Desktop Calendar.lnk
2016-06-06 20:56 - 2016-05-25 12:31 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Files in the root of some directories =======

2016-05-26 09:52 - 2016-06-03 17:29 - 0000405 _____ () C:\Users\rudyk\AppData\Roaming\sp_data.sys
2016-05-25 20:27 - 2016-05-25 20:27 - 0003584 ____C () C:\Users\rudyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:08 - 2016-06-04 17:11 - 0007606 ____C () C:\Users\rudyk\AppData\Local\resmon.resmoncfg
2016-05-26 01:31 - 2016-05-26 01:31 - 0000003 ____C () C:\Users\rudyk\AppData\Local\updater.log
2016-05-26 01:31 - 2016-05-26 01:31 - 0000424 ____C () C:\Users\rudyk\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\rudyk\AppData\Local\Temp\libeay32.dll
C:\Users\rudyk\AppData\Local\Temp\msvcr120.dll
C:\Users\rudyk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 21:39

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\MountPoints2: {d0db6895-2e2e-11e6-af45-3085a9d570cb} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1
Edge HomeButtonPage: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> hxxp://www.bing.com/
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\update-S-1-5-21-2772540604-3902122079-841815421-1001.job
C:\Users\rudyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\rudyk\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[rudkr63]

Stále se načítají stránky s azbukou
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by rudyk (2016-07-06 17:38:33) Run:1
Running from C:\Users\rudyk\Desktop
Loaded Profiles: rudyk (Available Profiles: rudyk)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\...\MountPoints2: {d0db6895-2e2e-11e6-af45-3085a9d570cb} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1
Edge HomeButtonPage: HKU\S-1-5-21-2772540604-3902122079-841815421-1001 -> hxxp://www.bing.com/
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\update-S-1-5-21-2772540604-3902122079-841815421-1001.job
C:\Users\rudyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\rudyk\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus => value removed successfully
"HKU\S-1-5-21-2772540604-3902122079-841815421-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0db6895-2e2e-11e6-af45-3085a9d570cb}" => key removed successfully
HKCR\CLSID\{d0db6895-2e2e-11e6-af45-3085a9d570cb} => key not found.
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2772540604-3902122079-841815421-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\update-S-1-5-21-2772540604-3902122079-841815421-1001.job => moved successfully
C:\Users\rudyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\rudyk\AppData\Local\Temp" folder move:

Could not move "C:\Users\rudyk\AppData\Local\Temp" => Scheduled to move on reboot.

[Rudy]

Vše bylo smazáno. Zkusíme ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[rudkr63]

Už přes 2 h progr.nic nedělá - nb se také nerestartuje.Čekat?

[Rudy]

Pokud dosud nedoběhl, zkuste ho spustit v nouz. režimu.

[rudkr63]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by rudyk on 07.07.2016 at 3:21:32,40.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\rudyk\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-07-06-194116.log 4474 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\rudyk\AppData\Local\ActiveSync deleted successfully
C:\Users\rudyk\AppData\Local\CrashDumps deleted successfully
C:\Users\rudyk\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?logged=1");
user_pref("browser.search.defaultenginename", "Google");

Added to C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default

---- Lines guardi removed from prefs.js ----
user_pref("extensions.s3gt.always_domain_question_www_theguardian_com", false);
user_pref("extensions.s3gt.always_domain_translate_www_theguardian_com", true);
---- FireFox user.js and prefs.js backups ----

user__0559_.backup
prefs__0559_.backup

==== Deleting Files \ Folders ======================

"C:\WINDOWS\Installer\11dc76.msi" not found
C:\Users\rudyk\AppData\Local\CrashRpt deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [25.05.2016 19:08]

==== Firefox Extensions ======================

ProfilePath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
- LastPass - %ProfilePath%\extensions\support@lastpass.com
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Tab Mix Plus - %ProfilePath%\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default
BE6367597C07E72D61AF4D18E41302F3 - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll - Silverlight Plug-In
D63AF2A0A33FC7A9EC1E78AB75A8665F - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll - Microsoft® Silverlight
31837E0896A13FD58F7C8FD59A94206F - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer


==== Chromium Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Comodo Drag&Drop Service - rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Rapport - rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
Comodo Web Inspector - rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Media Downloader - rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Rapport - rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
Seznam Lištička - Email - rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam Lištička - Rychlá volba - rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com/?scope=web&mkt=en-ww&FORM=HDRSC1"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{32501F99-BCA2-4D98-B5A5-F863115A175E} - http://www.novinky.cz/hledej?w={searchT ... arch_13014
HKCU\SearchScopes\{337CCC6C-DFD3-420E-8419-F506CE05AA31} - https://www.google.com/search?q={search ... utEncoding?}
HKCU\SearchScopes\{512CFFC4-E8F9-4A21-91A2-87B62EC35BF9} - http://www.mapy.cz/?query={searchTerms} ... arch_13014
HKCU\SearchScopes\{51497A49-55A9-4EF3-90BB-D3AAB5A8D920} - http://en.wikipedia.org/w/index.php?tit ... earchTerms}
HKCU\SearchScopes\{5410EFA8-2DA1-4626-89FE-BB60AA35BBA1} - http://encyklopedie.seznam.cz/search?q= ... arch_13014
HKCU\SearchScopes\{66C2CFC0-5D30-43F5-A0CD-46707121E697} - http://tv.seznam.cz/hledej?w={searchTer ... arch_13014
HKCU\SearchScopes\{6F315124-37F7-40C1-9793-B5D8D077A727} - http://slovnik.seznam.cz/?q={searchTerm ... arch_13014
HKCU\SearchScopes\{724A02E6-74A1-4D58-951A-6C4C30EFA60A} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13014
HKCU\SearchScopes\{9903CEA2-E523-4DF0-A0C9-FE9DEECBA241} - http://www.firmy.cz/?q={searchTerms}&so ... arch_13014
HKCU\SearchScopes\{B69D826B-D09E-4547-ACC1-70711F9FA799} - http://slovnik.seznam.cz/?q={searchTerm ... arch_13014
HKCU\SearchScopes\{FB59872C-D15C-423F-A837-EBFE933625C7} - http://search.seznam.cz/?q={searchTerms ... arch_13014

==== Reset Google Chrome ======================

C:\Users\rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Preferences was reset successfully
C:\Users\rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Secure Preferences was reset successfully
C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Web Data was reset successfully
C:\Users\rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Web Data-journal was reset successfully
C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\rudyk\Desktop\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe
C:\Users\rudyk\Desktop\Desktop Calendar.lnk - C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe
C:\Users\rudyk\Desktop\MyHeritage Family Tree Builder.lnk - C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
C:\Users\rudyk\Desktop\Plus500.lnk - C:\Program Files (x86)\Plus500\Plus500.exe
C:\Users\rudyk\Desktop\Recepty doma.lnk - C:\Program Files (x86)\Recepty doma\ReceptyDoma.exe
C:\Users\rudyk\Desktop\XnView.lnk - C:\Program Files (x86)\XnView\xnview.exe
C:\Users\rudyk\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AI Recovery Burner.lnk - C:\WINDOWS\Installer\{D39F0676-163E-4595-A917-E28F99BBD4D2}\_3AF0ACA0B1EBC77F1CA80D.exe
C:\Users\Public\Desktop\Ashampoo Photo Commander 11.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 11\apc.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\COMODO Internet Security.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\Users\Public\Desktop\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe
C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
C:\Users\Public\Desktop\Epson Příručka pro síť L355 Series.lnk -
C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe
C:\Users\Public\Desktop\Epson Uživatelská příručka EPSON Perfection V370 Photo.lnk -
C:\Users\Public\Desktop\FastStone Image Viewer.lnk - C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe
C:\Users\Public\Desktop\FreeFileSync.lnk - C:\Program Files\FreeFileSync\FreeFileSync.exe
C:\Users\Public\Desktop\G??gl? ?hr?m?.lnk -
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\Honeyview.lnk - C:\Program Files\Honeyview\Honeyview.exe
C:\Users\Public\Desktop\Internet (Chromodo).lnk - C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\LibreOffice 5.1.lnk - C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
C:\Users\Public\Desktop\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Media Impression 2.lnk - C:\Program Files (x86)\ArcSoft\MediaImpression 2\MediaImpression.exe
C:\Users\Public\Desktop\PDF-Viewer.lnk - C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
C:\Users\Public\Desktop\PDF24.lnk - C:\Program Files (x86)\PDF24\pdf24-Launcher.exe
C:\Users\Public\Desktop\Q-Dir.lnk - C:\Program Files (x86)\Q-Dir\Q-Dir.exe
C:\Users\Public\Desktop\RealTimeSync.lnk - C:\Program Files\FreeFileSync\RealTimeSync.exe
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe
C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Public\Desktop\Scene Switch.lnk - C:\WINDOWS\Installer\{5172E572-C175-4F80-A6D5-5CB45826AD61}\_8F17C0F35C60FD833BF581.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
C:\Users\Public\Desktop\Software602 Form Filler.lnk - C:\Program Files (x86)\Software602\602XML\Filler\Filler602.exe -forms
C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe
C:\Users\Public\Desktop\WD Security.lnk - C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe
C:\Users\Public\Desktop\Zoner Photo Studio 18.lnk - C:\Program Files\Zoner\Photo Studio 18\Program64\Zps.exe
C:\Users\Public\Desktop\??zill? Fir?f??.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\rudyk\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SystemExplorer.lnk - D:\Stažené soubory II\System Explorer\SystemExplorer.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ???l?r?r.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Calendar\Desktop Calendar.lnk - C:\Users\rudyk\AppData\Roaming\DesktopCal\desktopcal.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Calendar\DesktopCal Homepage.lnk - C:\Users\rudyk\AppData\Roaming\DesktopCal\DesktopCal.url
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Calendar\Uninstall.lnk - C:\Users\rudyk\AppData\Roaming\DesktopCal\uninst.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fireluke Software\Skin Creator\OrganizerSC.lnk - C:\Users\rudyk\AppData\Roaming\Microsoft\Installer\{DB9E6633-2527-4309-B616-A009BA1A58E4}\OrganizerSC.exe_D10E8DE78ED14BF6B896FDF4BB2B9892.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com\MyHeritage Family Tree Builder.lnk - C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500\Plus500.lnk - C:\Program Files (x86)\Plus500\Plus500.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500\Uninstall Plus500.lnk - C:\Program Files (x86)\Plus500\Plus500.exe /uninstall
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\Fórum podpory.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\Složka nastavení.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\Uninstall.lnk - C:\Users\rudyk\AppData\Roaming\uTorrent\uninstall.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\µTorrent.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk - C:\Program Files (x86)\Q-Dir\Q-Dir.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk - C:\Program Files\Zoner\Photo Studio 18\Program64\Zps.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk - C:\Program Files (x86)\eM Client\MailClient.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk - C:\Program Files\FreeFileSync\FreeFileSync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G??gl? ?hr?m?.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk - C:\Program Files\FreeFileSync\RealTimeSync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk - C:\Program Files (x86)\Software602\602XML\Filler\Filler602.exe -forms
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files\7-Zip\7zFM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files\7-Zip\7-zip.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\Spustit ArcSoft Connect.lnk - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACStart.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\Zobrazit moje informace ArcSoft.lnk - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACRun.exe ProductInfo.ac
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft MediaImpression 2\MediaImpression 2.lnk - C:\Program Files (x86)\ArcSoft\MediaImpression 2\MediaImpression.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Photo Commander 11\Ashampoo Photo Commander 11 .lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 11\apc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Recovery.lnk - C:\WINDOWS\Installer\{D39F0676-163E-4595-A917-E28F99BBD4D2}\_637B3312044ADB2BCE5F20.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Live Update.Lnk - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS On-Screen Display.lnk - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Virtual Camera.lnk - C:\WINDOWS\Installer\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}\_DD6BB7CCB61B3F6F56681D.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Scene Switch.lnk - C:\WINDOWS\Installer\{5172E572-C175-4F80-A6D5-5CB45826AD61}\_3B0276D37AEF1DC98AC6C8.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\USB Charger Plus.lnk - C:\WINDOWS\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_C135493C20DFA7FE7F14D0.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk - C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Wireless Console 3.lnk - C:\WINDOWS\Installer\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}\_6FC4AD3CB38ECE3AA1E7B9.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\FaceLogon Console.lnk - C:\Program Files (x86)\ASUS\FaceLogon\facemgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\FaceLogon Manager.lnk - C:\Program Files (x86)\ASUS\FaceLogon\logonmgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\General disclaimer.lnk - C:\Program Files (x86)\ASUS\FaceLogon\disclaimer.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (32-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (64-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-x86_64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine help.lnk - C:\Program Files (x86)\Cheat Engine 6.3\CheatEngine.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine tutorial.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Tutorial-i386.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\main.lua.lnk - C:\WINDOWS\system32\notepad.exe C:\Program Files (x86)\Cheat Engine 6.3\main.lua
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Reset settings.lnk - C:\Program Files (x86)\Cheat Engine 6.3\ceregreset.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Uninstall Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Kernel stuff\Unload kernel module.lnk - C:\Program Files (x86)\Cheat Engine 6.3\Kernelmoduleunloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Chromodo\Internet (Chromodo).lnk - C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Internet Security\COMODO Internet Security.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Internet Security\Přidat a odebrat komponenty.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON L355 Series\Aktualizace softwaru.lnk - C:\Windows\System32\spool\drivers\x64\3\E_YUBI4E.EXE /RUN /D "EPSON L355 Series"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON L355 Series\Program pro odinstalaci softwaru tiskárny EPSON.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON L355 Series\Technická podpora.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\NastavenEaplikace EPSON Scan.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\Nastavení aplikace EPSON Scan.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Copy Utility.lnk - C:\Program Files (x86)\Epson Software\Copy Utility\ECOPY.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Document Capture Pro.lnk - C:\Program Files (x86)\Epson Software\Document Capture\Document Capture.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\EPSON Software Updater.lnk - C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE /ST
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Event Manager.lnk - C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Epson Manual\Epson Příručka pro síť L355 Series.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Epson Manual\Epson Uživatelská příručka EPSON Perfection V370 Photo.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Read Me\Copy Utility.lnk - C:\Program Files (x86)\Epson Software\Copy Utility\DspReadMe.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer\FastStone Image Viewer Help.lnk - C:\Program Files (x86)\FastStone Image Viewer\FSViewerHelp.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer\FastStone Image Viewer.lnk - C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer\Uninstall FastStone Image Viewer.lnk - C:\Program Files (x86)\FastStone Image Viewer\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer\Visit www.FastStone.org.lnk - C:\Program Files (x86)\FastStone Image Viewer\Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honeyview\Honeyview.lnk - C:\Program Files\Honeyview\Honeyview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honeyview\Odinstalovat program.lnk - C:\Program Files (x86)\Honeyview\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Odinstalovat aplikaci IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 5\program\sbase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 5\program\scalc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 5\program\sdraw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 5\program\simpress.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 5\program\smath.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 5\program\swriter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot.lnk - C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Odinstalovat aplikaci Lightshot.lnk - C:\Program Files (x86)\Skillbrains\lightshot\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Odinstalovat aplikaci Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer\Konzola ochrany koncového bodu Trusteer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer\Spustit ochranu koncového bodu Trusteer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer\Zastavit ochranu koncového bodu Trusteer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Live Update.lnk - C:\Program Files\Tracker Software\Live Update\LiveUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer License.lnk - C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVLicense.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer Users Manual.lnk - C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVManualSm.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer.lnk - C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Tracker Updater.lnk - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Uninstall.lnk - C:\Program Files\Tracker Software\PDF Viewer\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk - C:\Program Files (x86)\PDF24\pdf24-Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir\Nápověda Q-Dir.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir\Q-Dir.lnk - C:\Program Files (x86)\Q-Dir\Q-Dir.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir\Uninstall Q-Dir.lnk - C:\Program Files (x86)\Q-Dir\Q-Dir.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma\Aplikace Recepty doma na internetu.lnk - C:\Program Files (x86)\Recepty doma\ReceptyDoma.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma\Odinstalovat aplikaci Recepty doma.lnk - C:\Program Files (x86)\Recepty doma\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma\Prohlížečka souborů rcpt.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma\Recepty doma.lnk - C:\Program Files (x86)\Recepty doma\ReceptyDoma.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma\Údržba databáze.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Odinstalovat aplikaci Revo Uninstaller Pro.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk - C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\WDSmartWare.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView\XnView - Homepage.lnk - C:\Program Files (x86)\XnView\website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView\XnView.lnk - C:\Program Files (x86)\XnView\xnview.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Q-Dir.lnk - C:\Program Files (x86)\Q-Dir\Q-Dir.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XnView.lnk - C:\Program Files (x86)\XnView\xnview.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Zoner Photo Studio 18.lnk - C:\Program Files\Zoner\Photo Studio 18\Program64\Zps.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\G??gl? ?hr?m?.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b38c8a402571e3e7\Seznam.cz.lnk - C:\Users\rudyk\AppData\Roaming\Seznam Browser\Seznam.cz.exe --user-data-dir="C:\Users\rudyk\AppData\Local\Seznam.cz\User Data" --profile-directory=Default --app-id=ckjpageadhfekbilpnlbcjgbflimllbk
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eM Client.lnk - C:\Program Files (x86)\eM Client\MailClient.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Int?rn?t ???l?r?r.lnk -
C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts After Repair ======================

C:\Users\rudyk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b38c8a402571e3e7\Seznam.cz.lnk - C:\Users\rudyk\AppData\Roaming\Seznam Browser\Seznam.cz.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rudyk\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rudyk\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rudyk\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\rudyk\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\rudyk\AppData\Local\Mozilla\Firefox\Profiles\krnnsb2e.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\rudyk\AppData\Local\Comodo\Chromodo\User Data\Default\Cache emptied successfully
C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=132 folders=57 182819504 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\rudyk\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07.07.2016 at 15:53:45,97 ======================

[rudkr63]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by rudyk (Limited) on 07.07.2016 at 15:58:24,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 14

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\pdfforge (Folder)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\rudyk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Successfully deleted: C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\user.js (File)
Successfully deleted: C:\Users\rudyk\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (rudyk) (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_rudyk (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_rudyk.job (Task)
Successfully deleted: C:\WINDOWS\prefetch\FREEFILESYNC_X64.EXE-598DADBF.pf (File)

Deleted the following from C:\Users\rudyk\AppData\Roaming\Mozilla\Firefox\Profiles\krnnsb2e.default\prefs.js
user_pref(extensions.s3gt.always_domain_question_www_theguardian_com, false);
user_pref(extensions.s3gt.always_domain_translate_www_theguardian_com, true);



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FB59872C-D15C-423F-A837-EBFE933625C7} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.07.2016 at 16:01:12,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[rudkr63]

Jen bych pro stejné "znalce" jako jsem já doplnil, že se mi nepodařilo vstpoupit do nouzového režimu za použití kláves f1-f12, ani za pomoci kl. shift apod. Nakonec jsem vyčetl a odzkoušel, že pro W10 stačí kliknout na restartovní za současného držení kl shift.Pak už to navede samo.Snad se to někomu bude hodit.

[Rudy]

OK. Přesměrování zmizelo?

[rudkr63]

Tak bohužel. Stále se i přes nastavení jiných dom. stránek se pořád zobrazují ruské weby.