Prosím o kontrolu logu - havěť

[athlan]

Logfile of random's system information tool 1.14 (written by random/random)
Run by Administrator at 2017-01-27 09:31:43
Microsoft Windows 10 Pro
System drive C: has 833 GB (87%) free of 953 GB
Total RAM: 8103 MB (70% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:31:53, on 27.1.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Administrator_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem29.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kerio Control VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Radmin Server V3 (RServer3) - Famatech Corp. - C:\Windows\SysWOW64\rserver30\RServer3.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10405 bytes

======Enumerating Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\WINDOWS\system32\ibtsiva.exe
"C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\system32\mqsvc.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 45f7449a-401e-4f93-b758-d1bed2411a01 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe"
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
"C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Administrator\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x23c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4828 --on-initialized-event-handle=684 --parent-handle=688 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Default/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,21,37,54,65 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --gpu-secondary-vendor-ids=0x0000;0x10de --gpu-secondary-device-ids=0x0000;0x1299 --service-request-channel-token=D8116F4B45165CB85B49521C17DD10A3 --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=2A730ECC673422E1386485BF5CCEF0CD --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=2A730ECC673422E1386485BF5CCEF0CD --mojo-platform-channel-handle=2892 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*DisableFirstRunAutoImport<DisableFirstRunAutoImport,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_87/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=81D73975E86F53CD1C2B102E1091165A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=81D73975E86F53CD1C2B102E1091165A --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x1f0
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 644 652 8192 648
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Administrator\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=14
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-3856685454-3635898508-2700020702-500 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ForcedRebootRetry
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default

prefs.js - "browser.search.suggest.enabled" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll


C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\addons.json
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Firefox Hello Beta (discontinued) - extension - loop@mozilla.org

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\extensions.json
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\extensions\firefox-hotfix@mozilla.org.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Firefox Hello - extension - loop@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\loop@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.19.15 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.19.15 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Software602 Form Filler - 4.15.0.0 - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
Plugin - NVIDIA 3D VISION - 7.17.13.5382 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - NVIDIA 3D Vision - 7.17.13.5382 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - Shockwave Flash - 24.0.0.186 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll

=========Google Chrome=========

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension ffkjmlgaieeinaacclchibfdgdhaapoe 1 Cyrilic URL 0.8
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ndnmjckfjclclmjiekoibnmoglogldeh 1 Merry Christmas 25.12
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage: https://www.google.com/
default_search_provider.search_url:
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-03-09 8721656]
"RtHDVBg_MAXX6"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-09 1416440]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-01-15 2585744]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-01-15 1514528]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe [2016-12-15 9533688]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-16 631808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"OneDrive"=C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-01-19 1517280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager]
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-07-30 523144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2015-01-27 1310088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Administrator\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio Control VPN Client]
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2015-04-09 2147840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POLICIE]
C:\Users\Administrator\Downloads\Microsoft-Office-Word-2007.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"FilterAdministratorToken"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-27 09:31:44 ----D---- C:\Program Files\trend micro
2017-01-27 09:31:43 ----D---- C:\rsit
2017-01-26 10:15:30 ----A---- C:\WINDOWS\SYSWOW64\msvcr80.dll
2017-01-26 10:15:29 ----A---- C:\WINDOWS\SYSWOW64\msvcp80.dll
2017-01-26 10:15:28 ----A---- C:\WINDOWS\SYSWOW64\msvcp90.dll
2017-01-26 10:15:26 ----A---- C:\WINDOWS\SYSWOW64\msvcr90.dll
2017-01-26 10:15:24 ----A---- C:\WINDOWS\SYSWOW64\eEmpty.exe
2017-01-26 10:15:15 ----D---- C:\ProgramData\MicroWorld
2017-01-26 09:31:40 ----D---- C:\AdwCleaner
2017-01-25 20:13:55 ----D---- C:\ProgramData\BitDefender
2017-01-25 20:01:26 ----D---- C:\ProgramData\Application Data
2017-01-25 20:01:15 ----D---- C:\Users\Administrator\AppData\Roaming\Lavasoft
2017-01-25 20:01:10 ----A---- C:\WINDOWS\system32\LavasoftTcpService64.dll
2017-01-25 20:00:56 ----D---- C:\Program Files (x86)\Lavasoft
2017-01-25 19:59:27 ----D---- C:\Program Files\Lavasoft
2017-01-25 19:58:08 ----D---- C:\Users\Administrator\AppData\Roaming\LavasoftStatistics
2017-01-25 19:57:39 ----D---- C:\Program Files\Common Files\Lavasoft
2017-01-25 19:57:29 ----D---- C:\ProgramData\Lavasoft
2017-01-25 19:01:32 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2017-01-25 19:01:32 ----A---- C:\WINDOWS\system32\poqexec.exe
2017-01-11 18:44:33 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 18:44:33 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 18:44:33 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 18:44:29 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 18:44:26 ----A---- C:\WINDOWS\SYSWOW64\mqmigplugin.dll
2017-01-11 18:44:08 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 18:44:03 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 18:43:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 18:43:54 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 18:43:54 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 18:43:54 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 18:43:49 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 18:43:49 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 18:43:49 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 18:43:49 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 18:43:48 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 18:43:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 18:43:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 18:43:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 18:43:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 18:43:46 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 18:43:46 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 18:43:46 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 18:43:45 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 18:43:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 18:43:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 18:43:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 18:43:43 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 18:43:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 18:43:42 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 18:43:42 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 18:43:41 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 18:43:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 18:43:30 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 18:43:30 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 18:43:29 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 18:43:29 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 18:43:29 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 18:43:28 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 18:43:28 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 18:43:28 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 18:43:25 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 18:43:20 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 18:43:19 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 18:43:18 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 18:43:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:43:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 18:43:09 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 18:43:09 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 18:43:06 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 18:43:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 18:43:04 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 18:43:04 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 18:43:04 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 18:43:03 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 18:43:03 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-01-11 18:43:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:32:40 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 18:31:30 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 18:31:30 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 18:31:29 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 18:31:29 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 18:31:28 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 18:31:28 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 18:31:28 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 18:31:24 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 18:31:24 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 18:31:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 18:31:19 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 18:31:18 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 18:31:18 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 18:31:18 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 18:31:17 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 18:31:15 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 18:31:12 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 18:31:11 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 18:31:11 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 18:31:10 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 18:31:10 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 18:31:07 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 18:31:07 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 18:31:04 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 18:31:03 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 18:31:01 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 18:31:00 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 18:30:59 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 18:30:59 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 18:30:58 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 18:30:58 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 18:30:56 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 18:30:55 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 18:30:55 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 18:30:54 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 18:30:52 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 18:30:51 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 18:30:51 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 18:30:51 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 18:30:47 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 18:30:47 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 18:30:46 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 18:30:44 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 18:30:44 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 18:30:41 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 18:30:28 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 18:30:26 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 18:30:20 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 18:30:19 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 18:30:17 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 18:30:16 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 18:30:16 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 18:30:16 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 18:30:03 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 18:29:54 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 18:29:51 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 18:29:50 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 18:29:50 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 18:29:50 ----A---- C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 18:29:49 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 18:29:44 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 18:29:44 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 18:29:44 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 18:29:44 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 18:29:43 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 18:29:43 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 18:29:42 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 18:29:37 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 18:29:37 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 18:29:34 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 18:29:27 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 18:29:26 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 18:29:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 18:29:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 18:29:10 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:29:08 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 18:29:08 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 18:28:56 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 18:28:56 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 18:28:56 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 18:28:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 18:28:55 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 18:28:54 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 18:28:53 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 18:28:53 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 18:28:52 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 18:28:46 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 18:28:46 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 18:28:46 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 18:28:44 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 18:28:23 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 18:28:19 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 18:28:18 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 18:28:18 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 18:28:18 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 18:28:17 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 18:28:15 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 18:28:13 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 18:28:12 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 18:28:08 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 18:28:03 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 18:27:44 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 18:27:44 ----A---- C:\WINDOWS\system32\drivers\pci.sys

======List of files/folders modified in the last 1 month======

2017-01-27 09:31:44 ----RD---- C:\Program Files
2017-01-27 09:31:27 ----D---- C:\WINDOWS\Prefetch
2017-01-27 09:28:18 ----D---- C:\WINDOWS\Temp
2017-01-27 09:24:36 ----D---- C:\WINDOWS\system32\sru
2017-01-27 09:21:53 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-26 20:33:20 ----D---- C:\WINDOWS\AppReadiness
2017-01-26 17:25:00 ----HD---- C:\Program Files\WindowsApps
2017-01-26 17:22:17 ----D---- C:\WINDOWS\System32
2017-01-26 17:22:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-26 11:27:17 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-26 11:26:22 ----D---- C:\ProgramData\NVIDIA
2017-01-26 10:17:43 ----D---- C:\Windows
2017-01-26 10:15:30 ----AD---- C:\WINDOWS\SysWOW64
2017-01-26 10:15:20 ----D---- C:\Program Files (x86)\Common Files
2017-01-26 10:15:20 ----A---- C:\WINDOWS\win.ini
2017-01-26 10:15:15 ----HD---- C:\ProgramData
2017-01-26 10:02:25 ----SHD---- C:\System Volume Information
2017-01-26 09:53:55 ----SHD---- C:\WINDOWS\Installer
2017-01-26 09:36:06 ----D---- C:\WINDOWS\system32\Tasks
2017-01-25 20:02:09 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2017-01-25 20:01:46 ----RSD---- C:\WINDOWS\assembly
2017-01-25 20:00:56 ----RD---- C:\Program Files (x86)
2017-01-25 20:00:10 ----D---- C:\WINDOWS\system32\drivers
2017-01-25 19:57:39 ----D---- C:\Program Files\Common Files
2017-01-25 19:08:38 ----D---- C:\WINDOWS\system32\config
2017-01-25 19:04:45 ----D---- C:\WINDOWS\CbsTemp
2017-01-25 19:04:24 ----D---- C:\WINDOWS\WinSxS
2017-01-25 19:04:10 ----D---- C:\WINDOWS\system32\catroot2
2017-01-25 18:03:57 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-16 01:30:24 ----D---- C:\WINDOWS\system32\Macromed
2017-01-16 01:30:15 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-01-15 14:15:03 ----D---- C:\WINDOWS\rescache
2017-01-11 20:20:11 ----D---- C:\WINDOWS\INF
2017-01-11 20:16:45 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-11 20:14:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-11 20:14:54 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-01-11 20:13:16 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:13:16 ----D---- C:\WINDOWS\system32\wbem
2017-01-11 20:13:16 ----D---- C:\WINDOWS\system32\oobe
2017-01-11 20:13:16 ----D---- C:\WINDOWS\ShellExperiences
2017-01-11 20:13:15 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:13:15 ----D---- C:\WINDOWS\Provisioning
2017-01-11 20:13:15 ----D---- C:\WINDOWS\PolicyDefinitions
2017-01-11 20:13:15 ----D---- C:\Program Files\Internet Explorer
2017-01-11 20:13:15 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 19:19:45 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 19:14:41 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-05 16:38:12 ----D---- C:\WINDOWS\system32\NDF
2017-01-04 20:23:25 ----D---- C:\Program Files (x86)\Browny02

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ignis;ignis Service; C:\WINDOWS\system32\drivers\ignis.sys [2016-08-15 300840]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [2016-06-16 127312]
R1 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2009-10-09 5632]
R1 raddrvv3;raddrvv3; \??\C:\Windows\SysWOW64\rserver30\raddrvv3.sys [2009-10-09 68704]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2016-11-23 1605376]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2016-11-23 878072]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-16 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-16 84992]
R3 DellRbtn;@oem17.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-05-08 19440]
R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [2016-04-28 161592]
R3 ibtusb;@oem29.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-07-12 349960]
R3 kvnet;@oem18.inf,%kvnet.Service.DispName%;Kerio Virtual Network Adapter; C:\WINDOWS\System32\drivers\kvnet.sys [2015-04-09 30208]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-16 175616]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-07-16 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [2016-09-12 13754936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-01-15 19600]
R3 nvvad_WaveExtensible;@oem10.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 RSUSBVSTOR;@oem2.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2014-05-28 332504]
R3 rt640x64;@oem28.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-08-13 896744]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-16 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-07-30 1129864]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
R2 CDPUserSvc_411e5;CDPUserSvc_411e5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-01-15 1148560]
R2 ibtsiva;@oem29.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 KVPNCSvc;Kerio Control VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2015-04-09 1950208]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe [2016-12-15 630976]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-16 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-01-15 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-01-15 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_411e5;Hostitel synchronizace_411e5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 277360]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-07 410928]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 PimIndexMaintenanceSvc_411e5;Data kontaktů_411e5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-08-05 1369856]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_411e5;Služba zasílání zpráv_411e5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-16 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 RServer3;Radmin Server V3; C:\Windows\SysWOW64\rserver30\RServer3.exe [2009-10-09 1242504]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[athlan]

Doplním, počítač nemá výkon, nepravidelně zpomaluje, vyskakují okna. Děkuji.

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[athlan]

Děkuji, zde je:

# AdwCleaner v6.043 - Log vytvořen 27/01/2017 v 19:45:44
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-01-27.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Administrator - INSPIRON15-NTB
# Spuštěno z : C:\Users\Administrator\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Administrator\Downloads\ReimageRepair.exe
[-] Soubor smazán: C:\WINDOWS\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\adawarebp


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1249 Bajty] - [26/01/2017 09:50:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [1291 Bajty] - [27/01/2017 19:45:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [9818 Bajty] - [26/01/2017 09:34:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [1542 Bajty] - [26/01/2017 09:50:28]
C:\AdwCleaner\AdwCleaner[S2].txt - [1806 Bajty] - [26/01/2017 10:13:21]
C:\AdwCleaner\AdwCleaner[S3].txt - [1939 Bajty] - [27/01/2017 19:43:53]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1656 Bajty] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[athlan]

Log přikládám níže, jen dodám, že mi neustále, zejména na webu, figuruje nějaký reimage, který se tváří jako nástroj microsoftu.

LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Administrator (administrator) on INSPIRON15-NTB (28-01-2017 06:15:51)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16122.10271.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe [9533688 2016-12-15] ()
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-16] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\...\Run: [Akamai NetSession Interface] => C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.5.2.1 10.5.2.2
Tcpip\..\Interfaces\{6e31d786-d80e-448c-bb6d-11344c0bdb1a}: [DhcpNameServer] 192.168.1.1 10.5.2.1 10.5.2.2
Tcpip\..\Interfaces\{c2419c58-dc67-4b2b-ae29-a8e07304debb}: [DhcpNameServer] 81.200.55.54 81.200.55.34

Internet Explorer:
==================
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {0136D54E-9B2C-4840-974D-476B729E6EED} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {085080D0-D927-4362-A07D-2062F5B0FA43} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {1968CEA2-BD29-4CF3-B8C7-B44CA831AE90} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {88F5A12B-26CE-4838-A903-315B6380BBCB} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {9146DDDC-1156-4821-B989-2790C7A54506} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {A5061D7D-BF40-4906-8803-8C81809E18A6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {ACC44246-B2FD-4BD1-A007-54AB043F7954} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3856685454-3635898508-2700020702-500 -> {EC8D4BCA-CD75-4304-B12F-83CB5F3036F9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454

FireFox:
========
FF DefaultProfile: amggywoc.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default [2017-01-25]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\amggywoc.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\amggywoc.default -> Yahoo®
FF Extension: (Firefox Hotfix) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-15]
FF Extension: (Seznam lištička) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\amggywoc.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-09-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-16] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-01-28]
CHR Extension: (Dokumenty Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-07]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Cyrilic URL) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkjmlgaieeinaacclchibfdgdhaapoe [2017-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Merry Christmas) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnmjckfjclclmjiekoibnmoglogldeh [2015-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1129864 2015-07-30] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-15] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [1950208 2015-04-09] (Kerio Technologies Inc.) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe [630976 2016-12-15] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-15] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 RServer3; C:\Windows\SysWOW64\rserver30\RServer3.exe [1242504 2009-10-09] (Famatech Corp.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-11-23] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-11-23] (BitDefender)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [127312 2016-06-16] (BitDefender LLC)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [161592 2016-04-28] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R0 ignis; C:\WINDOWS\System32\drivers\ignis.sys [300840 2016-08-15] (Bitdefender)
R3 kvnet; C:\WINDOWS\System32\drivers\kvnet.sys [30208 2015-04-09] (Kerio Technologies Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [5632 2009-10-09] (Famatech International Corp.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 raddrvv3; C:\Windows\SysWOW64\rserver30\raddrvv3.sys [68704 2009-10-09] (Famatech Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-13] (Realtek )
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-28 06:08 - 2017-01-28 06:08 - 00093188 _____ C:\Users\Administrator\Desktop\FRST3.txt
2017-01-28 06:07 - 2017-01-28 06:09 - 00056268 _____ C:\Users\Administrator\Desktop\Addition.txt
2017-01-28 06:04 - 2017-01-28 06:16 - 00017263 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-01-28 06:04 - 2017-01-28 06:15 - 00000000 ____D C:\FRST
2017-01-28 06:03 - 2017-01-28 06:03 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Downloads\FRSTLauncher.exe
2017-01-28 06:03 - 2017-01-28 06:03 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe
2017-01-28 06:00 - 2017-01-28 06:04 - 02420736 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2017-01-28 06:00 - 2017-01-28 06:00 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Desktop\Nepotvrzeno 482680.crdownload
2017-01-27 19:39 - 2017-01-27 19:40 - 04015056 _____ C:\Users\Administrator\Desktop\adwcleaner_6.043.exe
2017-01-27 09:31 - 2017-01-27 09:32 - 00000000 ____D C:\rsit
2017-01-27 09:31 - 2017-01-27 09:31 - 01323520 _____ C:\Users\Administrator\Downloads\RSITx64.exe
2017-01-27 09:31 - 2017-01-27 09:31 - 00000000 ____D C:\Program Files\trend micro
2017-01-27 09:27 - 2017-01-27 09:28 - 02420736 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2017-01-26 10:17 - 2017-01-26 10:17 - 00000029 _____ C:\WINDOWS\Lic.xxx
2017-01-26 10:15 - 2017-01-26 10:15 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr90.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp90.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 00156392 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2017-01-26 10:15 - 2017-01-26 10:15 - 00000000 ____D C:\ProgramData\MicroWorld
2017-01-26 10:10 - 2017-01-26 10:13 - 154422000 _____ C:\Users\Administrator\Downloads\mwav.exe
2017-01-26 10:09 - 2017-01-26 10:10 - 03988944 _____ C:\Users\Administrator\Downloads\adwcleaner_6.042 (3).exe
2017-01-26 10:09 - 2017-01-26 10:09 - 03988944 _____ C:\Users\Administrator\Downloads\adwcleaner_6.042 (4).exe
2017-01-26 10:00 - 2017-01-26 10:01 - 01663040 _____ (Malwarebytes) C:\Users\Administrator\Downloads\JRT.exe
2017-01-26 09:55 - 2017-01-26 09:55 - 03988944 _____ C:\Users\Administrator\Downloads\adwcleaner_6.042 (2).exe
2017-01-26 09:47 - 2017-01-26 09:47 - 03988944 _____ C:\Users\Administrator\Downloads\adwcleaner_6.042 (1).exe
2017-01-26 09:31 - 2017-01-27 19:45 - 00000000 ____D C:\AdwCleaner
2017-01-26 09:31 - 2017-01-26 09:31 - 03988944 _____ C:\Users\Administrator\Downloads\adwcleaner_6.042.exe
2017-01-25 20:13 - 2017-01-25 20:13 - 00000000 ____D C:\ProgramData\BitDefender
2017-01-25 20:01 - 2017-01-26 09:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Lavasoft
2017-01-25 20:01 - 2017-01-25 20:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Lavasoft
2017-01-25 20:00 - 2017-01-26 09:36 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-01-25 20:00 - 2017-01-25 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-01-25 19:59 - 2017-01-25 19:59 - 00000000 ____D C:\Program Files\Lavasoft
2017-01-25 19:58 - 2017-01-25 19:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\LavasoftStatistics
2017-01-25 19:57 - 2017-01-26 09:35 - 00000000 ____D C:\ProgramData\Lavasoft
2017-01-25 19:57 - 2017-01-25 19:57 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2017-01-25 19:56 - 2017-01-25 19:57 - 02586928 _____ C:\Users\Administrator\Downloads\Adaware_Installer.exe
2017-01-25 19:01 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 19:01 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 18:36 - 2017-01-25 18:37 - 00604928 _____ (Reimage) C:\Users\Administrator\Downloads\ReimageRepair (1).exe
2017-01-25 18:11 - 2017-01-25 18:11 - 00462848 _____ C:\Users\Administrator\Downloads\Pergola_16230.rfa
2017-01-25 17:55 - 2017-01-25 17:55 - 00241664 _____ C:\Users\Administrator\Downloads\Pergola_5388.rfa
2017-01-24 22:26 - 2017-01-24 22:26 - 00278528 _____ C:\Users\Administrator\Downloads\Trash_Can_-_Trash_Ben_13417.rfa
2017-01-24 22:19 - 2017-01-24 22:19 - 00205824 _____ C:\Users\Administrator\Downloads\Big_Air_Trampoline_3mtr_1979.rfa
2017-01-24 20:39 - 2017-01-25 18:32 - 91316224 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.rvt
2017-01-24 20:39 - 2017-01-24 22:27 - 90767360 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.0005.rvt
2017-01-24 20:39 - 2017-01-24 22:24 - 90632192 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.0004.rvt
2017-01-24 20:39 - 2017-01-24 22:11 - 90398720 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.0003.rvt
2017-01-24 20:39 - 2017-01-24 20:44 - 90030080 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.0002.rvt
2017-01-24 20:39 - 2017-01-24 20:40 - 90009600 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE Dům new.0001.rvt
2017-01-24 20:12 - 2017-01-24 20:12 - 01613824 _____ C:\Users\Administrator\Downloads\Fence_with_louver_screen_panels_7226.rfa
2017-01-24 20:02 - 2017-01-24 20:02 - 01949696 _____ C:\Users\Administrator\Downloads\Jonathan_Furlong39s_3D2D_Tree_2766.rfa
2017-01-24 20:00 - 2017-01-24 20:00 - 00331776 _____ C:\Users\Administrator\Downloads\Pipe_fence_13394.rfa
2017-01-24 19:57 - 2017-01-24 19:57 - 01060864 _____ C:\Users\Administrator\Downloads\10039_Chainlink_Fence_14494.rvt
2017-01-23 21:59 - 2017-01-23 21:59 - 00847872 _____ C:\Users\Administrator\Downloads\a_tree40s_7613.rfa
2017-01-23 21:58 - 2017-01-23 21:58 - 00565248 _____ C:\Users\Administrator\Downloads\large_detailed_tree_2840.rfa
2017-01-23 21:54 - 2017-01-23 21:54 - 00724992 _____ C:\Users\Administrator\Downloads\3d_tree_a_tree49_7611.rfa
2017-01-23 21:53 - 2017-01-23 21:53 - 01011712 _____ C:\Users\Administrator\Downloads\Tree_17356.rfa
2017-01-23 21:50 - 2017-01-23 21:50 - 00364544 _____ C:\Users\Administrator\Downloads\Garden_Teak_Table_16448.rfa
2017-01-23 21:47 - 2017-01-23 21:47 - 00311296 _____ C:\Users\Administrator\Downloads\Garden_Chair_16449.rfa
2017-01-23 21:44 - 2017-01-23 21:44 - 00524288 _____ C:\Users\Administrator\Downloads\Cantilever_Unbrella_14114.rfa
2017-01-23 21:44 - 2017-01-23 21:44 - 00397312 _____ C:\Users\Administrator\Downloads\Umbrella-Outdoor_17359 (1).rfa
2017-01-23 21:43 - 2017-01-23 21:43 - 00397312 _____ C:\Users\Administrator\Downloads\Umbrella-Outdoor_17359.rfa
2017-01-23 21:08 - 2017-01-23 21:08 - 00405504 _____ C:\Users\Administrator\Downloads\Chainlink_Fence_-_Updated_17583.rfa
2017-01-23 21:03 - 2017-01-23 21:03 - 02744320 _____ C:\Users\Administrator\Downloads\Regular_Residential_Wood_Fence_12483.rvt
2017-01-23 20:51 - 2017-01-23 20:51 - 00229376 _____ C:\Users\Administrator\Downloads\Pool_Fully_Parametric_11710.rfa
2017-01-23 20:49 - 2017-01-23 20:49 - 00479232 _____ C:\Users\Administrator\Downloads\Swimming_Pool_with_pebble_drain_16956.rfa
2017-01-23 20:48 - 2017-01-23 20:48 - 00303104 _____ C:\Users\Administrator\Downloads\Frameless_glass_pool__balcony_fence_panel_-_fully_parametric_15528.rfa
2017-01-23 20:48 - 2017-01-23 20:48 - 00204800 _____ C:\Users\Administrator\Downloads\Olympic_pool_with_diving_well_6990.rfa
2017-01-23 20:31 - 2017-01-23 20:31 - 00229376 _____ C:\Users\Administrator\Downloads\Pergola_7311.rfa
2017-01-23 20:26 - 2017-01-23 20:26 - 00299008 _____ C:\Users\Administrator\Downloads\PERGOLA_12033.rfa
2017-01-23 19:58 - 2017-01-23 19:58 - 01134592 _____ C:\Users\Administrator\Downloads\Marcus_Lord_Bike_13519.rfa
2017-01-23 19:55 - 2017-01-23 19:55 - 00442368 _____ C:\Users\Administrator\Downloads\Dero_Wall_Rack_7778.rfa
2017-01-23 19:45 - 2017-01-23 19:45 - 00323584 _____ C:\Users\Administrator\Downloads\Modern_wall_shelf_17235.rfa
2017-01-23 19:44 - 2017-01-23 19:44 - 01458176 _____ C:\Users\Administrator\Downloads\Wall_Storage_Unit_with_Desk_7213.rfa
2017-01-23 19:36 - 2017-01-23 19:36 - 00413696 _____ C:\Users\Administrator\Downloads\Mesa_Hall__Hall_Table_17939.rfa
2017-01-23 19:26 - 2017-01-23 19:26 - 00062464 _____ C:\Users\Administrator\Downloads\File_Cabinet_1040.rfa
2017-01-23 19:11 - 2017-01-23 19:11 - 00315392 _____ C:\Users\Administrator\Downloads\MODERN_DINING_SET_11513 (1).rfa
2017-01-23 19:06 - 2017-01-23 19:06 - 00323584 _____ C:\Users\Administrator\Downloads\design_wall_clock_12309.rfa
2017-01-23 19:04 - 2017-01-23 19:04 - 00293629 _____ C:\Users\Administrator\Downloads\Art-Modern_Wall_Art_17318 (1).dwg
2017-01-23 18:57 - 2017-01-23 18:57 - 00811008 _____ C:\Users\Administrator\Downloads\Gas_BBQ_-_6_Burner_16419.rfa
2017-01-23 18:52 - 2017-01-23 18:52 - 00311296 _____ C:\Users\Administrator\Downloads\Gas_Fireplace_Insert_-_Type_Sized_2553.rfa
2017-01-22 18:57 - 2017-01-22 18:57 - 00503808 _____ C:\Users\Administrator\Downloads\Lolita_Chair_13785.rfa
2017-01-22 17:18 - 2017-01-22 17:18 - 00618496 _____ C:\Users\Administrator\Downloads\Speakers_10507.rfa
2017-01-22 17:15 - 2017-01-22 17:15 - 00700416 _____ C:\Users\Administrator\Downloads\Dining_Table_amp_Chair_11036.rfa
2017-01-21 23:23 - 2017-01-21 23:23 - 02486272 _____ C:\Users\Administrator\Downloads\Bed_8136 (1).rfa
2017-01-21 22:58 - 2017-01-21 22:58 - 01081344 _____ C:\Users\Administrator\Downloads\Bookshelf_13513.rfa
2017-01-21 22:51 - 2017-01-21 22:51 - 00696320 _____ C:\Users\Administrator\Downloads\EvoEnergy_Ltd_Solar_Photovoltaic_4kWp_16_Panel_Pitch_Roof_Mounted_16107.rfa
2017-01-21 22:47 - 2017-01-21 22:47 - 01085440 _____ C:\Users\Administrator\Downloads\solar_panel_awning_13565.rfa
2017-01-21 22:33 - 2017-01-21 22:33 - 00237568 _____ C:\Users\Administrator\Downloads\Area_Rug_7119.rfa
2017-01-21 22:05 - 2017-01-21 22:05 - 00733184 _____ C:\Users\Administrator\Downloads\REVIT_CAR_FAMILY_-_PORSCHE_CAYENNE_11960.rfa
2017-01-21 21:55 - 2017-01-21 21:55 - 00176128 _____ C:\Users\Administrator\Downloads\MIRROR_W_MED_CAB_5255.rfa
2017-01-21 21:51 - 2017-01-21 21:51 - 00610304 _____ C:\Users\Administrator\Downloads\Restoration_Hardware_Modern_Dining_Chair_17086.rfa
2017-01-21 21:51 - 2017-01-21 21:51 - 00356352 _____ C:\Users\Administrator\Downloads\Mart_Stam_Chair_by_Mart_Stam_9305.rfa
2017-01-21 21:51 - 2017-01-21 21:51 - 00348160 _____ C:\Users\Administrator\Downloads\11_Simple_Chair_2D_17868.rfa
2017-01-21 21:46 - 2017-01-21 21:46 - 05537792 _____ C:\Users\Administrator\Downloads\clerk039s_desk___16336.rfa
2017-01-21 21:45 - 2017-01-21 21:45 - 00393216 _____ C:\Users\Administrator\Downloads\Studio_Desk_16981.rfa
2017-01-21 21:36 - 2017-01-21 21:36 - 00462848 _____ C:\Users\Administrator\Downloads\Modern_Sofa_16696.rfa
2017-01-21 21:35 - 2017-01-21 21:35 - 00348160 _____ C:\Users\Administrator\Downloads\STUDY_TABLE_17333.rfa
2017-01-21 21:30 - 2017-01-21 21:30 - 05308416 _____ C:\Users\Administrator\Downloads\Washing_Machine_11368.rfa
2017-01-21 21:27 - 2017-01-21 21:27 - 02486272 _____ C:\Users\Administrator\Downloads\Bed_8136.rfa
2017-01-21 21:20 - 2017-01-21 21:20 - 00174592 _____ C:\Users\Administrator\Downloads\Kohler_-_K-1330-H2_Fleur_Whirlpool_Bath_1259.rfa
2017-01-21 21:17 - 2017-01-21 21:17 - 00385024 _____ C:\Users\Administrator\Downloads\sink___table___mirror_for_bathroom_10977.rfa
2017-01-21 21:12 - 2017-01-21 21:12 - 00137216 _____ C:\Users\Administrator\Downloads\Kohler_-_K-783-H2_Guardian_Bath_1234.rfa
2017-01-21 21:11 - 2017-01-21 21:11 - 00270336 _____ C:\Users\Administrator\Downloads\Dansani_Mido_Havanna_16134.rfa
2017-01-21 21:06 - 2017-01-21 21:06 - 01187840 _____ C:\Users\Administrator\Downloads\Corner_Shower_With_Round_Front_7836.rfa
2017-01-21 20:59 - 2017-01-21 20:59 - 01294336 _____ C:\Users\Administrator\Downloads\Caroma_Toilet_12261.rfa
2017-01-21 20:58 - 2017-01-21 20:58 - 00303104 _____ C:\Users\Administrator\Downloads\Toilet_paper_holder_9389.rfa
2017-01-21 20:55 - 2017-01-21 20:55 - 00471040 _____ C:\Users\Administrator\Downloads\Modern_Hand_Wash_Basin_16200.rfa
2017-01-21 20:46 - 2017-01-21 20:46 - 00293629 _____ C:\Users\Administrator\Downloads\Art-Modern_Wall_Art_17318.dwg
2017-01-21 20:44 - 2017-01-21 20:44 - 00393216 _____ C:\Users\Administrator\Downloads\Bed_Head_Cabecera_para_cama_15863.rfa
2017-01-21 20:42 - 2017-01-21 20:42 - 00258048 _____ C:\Users\Administrator\Downloads\LCD_Wide_Screen_48x84_11298.rfa
2017-01-21 20:32 - 2017-01-21 20:32 - 00950272 _____ C:\Users\Administrator\Downloads\Black_glass_V_Style_Dining_Table_and_Chairs_17295.rfa
2017-01-21 20:30 - 2017-01-21 20:30 - 01613824 _____ C:\Users\Administrator\Downloads\Dining_table___chairs_14161.rfa
2017-01-21 20:25 - 2017-01-21 20:25 - 00532480 _____ C:\Users\Administrator\Downloads\Robert_Abbey_Shinto_Tripod_Floor_Lamp_15184.rfa
2017-01-21 20:22 - 2017-01-21 20:22 - 00229376 _____ C:\Users\Administrator\Downloads\Book_Shelf_12604.rfa
2017-01-21 20:08 - 2017-01-21 20:08 - 07311360 _____ C:\Users\Administrator\Downloads\Chrysler_300_SRT8_-_Car_Automobile_Vehicle_13576.rfa
2017-01-21 19:58 - 2017-01-21 19:58 - 00225280 _____ C:\Users\Administrator\Downloads\Monolithic_TV_console_table_14437.rfa
2017-01-21 19:54 - 2017-01-21 19:54 - 00315392 _____ C:\Users\Administrator\Downloads\MODERN_DINING_SET_11513.rfa
2017-01-21 19:49 - 2017-01-21 19:49 - 00409600 _____ C:\Users\Administrator\Downloads\Samsung_6_series_smartTV__Television__TV_13081.rfa
2017-01-21 19:42 - 2017-01-21 19:42 - 00286720 _____ C:\Users\Administrator\Downloads\Scab_Design_Divo_Barstool_14352.rfa
2017-01-21 19:30 - 2017-01-21 19:30 - 00819200 _____ C:\Users\Administrator\Downloads\Cozinha_Platium_Tio_Marcelo_12493.rfa
2017-01-21 19:02 - 2017-01-21 19:02 - 00770048 _____ C:\Users\Administrator\Downloads\Modern_Kitchen_13604.rfa
2017-01-21 00:14 - 2017-01-21 00:14 - 00520192 _____ C:\Users\Administrator\Downloads\kitchen_1_6050.rfa
2017-01-21 00:03 - 2017-01-21 00:03 - 05107712 _____ C:\Users\Administrator\Downloads\Complete_Kitchen_With_Holdspline_15312.rfa
2017-01-20 23:57 - 2017-01-20 23:57 - 00315392 _____ C:\Users\Administrator\Downloads\COALESSE_EMU_-_Ivy_Square_Side_Table_8797.rfa
2017-01-20 23:51 - 2017-01-20 23:51 - 00512000 _____ C:\Users\Administrator\Downloads\Chaselong_10192.rfa
2017-01-20 23:34 - 2017-01-20 23:34 - 00520192 _____ C:\Users\Administrator\Downloads\3_Seater_Sofa_-_Fully_Parametric_16203.rfa
2017-01-20 23:29 - 2017-01-20 23:29 - 02449408 _____ C:\Users\Administrator\Downloads\UPDATE_MODERN_GLASS_TABLE_WITH_CHAIRS_11796.rvt
2017-01-20 22:37 - 2017-01-20 22:37 - 00076288 _____ C:\Users\Administrator\Downloads\Single_Door_Glass_256.rfa
2017-01-20 22:29 - 2017-01-20 22:29 - 00770048 _____ C:\Users\Administrator\Downloads\Front_Entry_14636.rfa
2017-01-20 22:28 - 2017-01-20 22:28 - 00659456 _____ C:\Users\Administrator\Downloads\Custom_Door_15589.rfa
2017-01-20 22:26 - 2017-01-20 22:26 - 00454656 _____ C:\Users\Administrator\Downloads\Contemporary_door_17736 (1).rfa
2017-01-20 22:25 - 2017-01-20 22:25 - 00299008 _____ C:\Users\Administrator\Downloads\Exterior_-_Commercial_-_Storefront_Entry_w_Sidelights_10928.rfa
2017-01-20 22:23 - 2017-01-20 22:23 - 01052672 _____ C:\Users\Administrator\Downloads\Entrance_Door_with_Ornaments_Cupido_2_12967.rfa
2017-01-20 22:22 - 2017-01-20 22:22 - 00565248 _____ C:\Users\Administrator\Downloads\External_Double_Doors_-_With_Outswing_Door_and_Cill_External_15710 (2).rfa
2017-01-20 22:22 - 2017-01-20 22:22 - 00278528 _____ C:\Users\Administrator\Downloads\Four_Panel_Sliding_door_11160 (1).rfa
2017-01-20 22:16 - 2017-01-20 22:16 - 00475136 _____ C:\Users\Administrator\Downloads\Main_entrance_door_11153.rfa
2017-01-20 22:10 - 2017-01-20 22:10 - 01540096 _____ C:\Users\Administrator\Downloads\Solid_door_with_sidelight_that_opens_and_closes_13806 (1).rfa
2017-01-20 21:59 - 2017-01-20 21:59 - 01540096 _____ C:\Users\Administrator\Downloads\Solid_door_with_sidelight_that_opens_and_closes_13806.rfa
2017-01-20 21:59 - 2017-01-20 21:59 - 00507904 _____ C:\Users\Administrator\Downloads\Sliding_Panel_Door_10821.rfa
2017-01-20 21:57 - 2017-01-20 21:57 - 00344064 _____ C:\Users\Administrator\Downloads\Porta_de_Correr_2_Folhas_Aluminio_e_Vidro_Parametrica_14319.rfa
2017-01-20 21:56 - 2017-01-20 21:56 - 01509120 _____ C:\Users\Administrator\Downloads\Kolbe_Ultra_Series_SketchUp_7_TerraSpan_6-10-Panel_Stacking_Dynamic_Units_6770.skp
2017-01-20 21:56 - 2017-01-20 21:56 - 00472980 _____ C:\Users\Administrator\Downloads\Kolbe_Ultra_Series_SketchUp_6_TerraSpan_4-Panel_Stacking_Unit_6761.skp
2017-01-20 21:55 - 2017-01-20 21:56 - 00591319 _____ C:\Users\Administrator\Downloads\Kolbe_Ultra_Series_SketchUp_6_TerraSpan_4-Panel_Corner_Stacking_Unit_6757 (1).skp
2017-01-20 21:55 - 2017-01-20 21:55 - 00591319 _____ C:\Users\Administrator\Downloads\Kolbe_Ultra_Series_SketchUp_6_TerraSpan_4-Panel_Corner_Stacking_Unit_6757.skp
2017-01-20 21:25 - 2017-01-20 21:25 - 02240512 _____ C:\Users\Administrator\Downloads\5-panel_Bi-fold_external_door_10806 (1) (1).rfa
2017-01-20 21:23 - 2017-01-20 21:23 - 00565248 _____ C:\Users\Administrator\Downloads\External_Double_Doors_-_With_Outswing_Door_and_Cill_External_15710 (1).rfa
2017-01-20 21:23 - 2017-01-20 21:23 - 00475136 _____ C:\Users\Administrator\Downloads\DTS_ext-entrance_pair_pair_side_lights_door_2871.rfa
2017-01-20 21:23 - 2017-01-20 21:23 - 00278528 _____ C:\Users\Administrator\Downloads\Four_Panel_Sliding_door_11160.rfa
2017-01-20 21:23 - 2017-01-20 21:23 - 00274432 _____ C:\Users\Administrator\Downloads\Frameless_Glass_Door_13578.rfa
2017-01-20 21:22 - 2017-01-20 21:22 - 00434176 _____ C:\Users\Administrator\Downloads\Double_-_Sliding_Glass_door_17381.rfa
2017-01-20 21:21 - 2017-01-20 21:21 - 00221184 _____ C:\Users\Administrator\Downloads\Curtain_Wall_Panel_Door_4861.rfa
2017-01-20 21:20 - 2017-01-20 21:20 - 02240512 _____ C:\Users\Administrator\Downloads\5-panel_Bi-fold_external_door_10806 (1).rfa
2017-01-20 21:12 - 2017-01-20 21:12 - 00565248 _____ C:\Users\Administrator\Downloads\External_Double_Doors_-_With_Outswing_Door_and_Cill_External_15710.rfa
2017-01-20 21:10 - 2017-01-20 21:10 - 00454656 _____ C:\Users\Administrator\Downloads\Contemporary_door_17736.rfa
2017-01-20 21:09 - 2017-01-20 21:09 - 02240512 _____ C:\Users\Administrator\Downloads\5-panel_Bi-fold_external_door_10806.rfa
2017-01-20 20:45 - 2017-01-20 20:45 - 00208896 _____ C:\Users\Administrator\Downloads\Multi_Glass_Sliding_Aluminium_Framed_End_Open_1962.rfa
2017-01-20 20:45 - 2017-01-20 20:45 - 00204288 _____ C:\Users\Administrator\Downloads\Multi-Panel_Fixed_1959.rfa
2017-01-20 20:45 - 2017-01-20 20:45 - 00181248 _____ C:\Users\Administrator\Downloads\Multi-Panel_Awning_1958.rfa
2017-01-20 20:43 - 2017-01-20 20:43 - 00540672 _____ C:\Users\Administrator\Downloads\Four_Panel_Window_17886.rfa
2017-01-20 20:43 - 2017-01-20 20:43 - 00266240 _____ C:\Users\Administrator\Downloads\custom_craftsman_window_80390X40396_3607.rfa
2017-01-20 20:42 - 2017-01-20 20:42 - 00548864 _____ C:\Users\Administrator\Downloads\Awning_Window_6259.rfa
2017-01-20 20:42 - 2017-01-20 20:42 - 00512000 _____ C:\Users\Administrator\Downloads\Awning_Window_6260.rfa
2017-01-20 20:41 - 2017-01-20 20:41 - 00208896 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_4_wide_x_2_high_3892.rfa
2017-01-20 20:41 - 2017-01-20 20:41 - 00196608 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_4_Wide_3893.rfa
2017-01-20 20:41 - 2017-01-20 20:41 - 00196608 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_3_wide_x_2_high_3891.rfa
2017-01-20 20:40 - 2017-01-20 20:41 - 00184320 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_3_Wide_3890.rfa
2017-01-20 20:40 - 2017-01-20 20:40 - 02445312 _____ C:\Users\Administrator\Downloads\40mm_Double_Casement_Window_-_adjustable_pane_widths_6327.rfa
2017-01-20 20:40 - 2017-01-20 20:40 - 02084864 _____ C:\Users\Administrator\Downloads\40mm_Casement_window_6324.rfa
2017-01-20 20:40 - 2017-01-20 20:40 - 00180224 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_2_Wide_3886.rfa
2017-01-20 20:40 - 2017-01-20 20:40 - 00180224 _____ C:\Users\Administrator\Downloads\Aluminum_Exterior_Window_-_1_wide_x_2_high_3888.rfa
2017-01-19 22:41 - 2017-01-23 22:21 - 101748736 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE DŮM.rvt
2017-01-19 22:41 - 2017-01-23 21:57 - 99454976 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE DŮM.0002.rvt
2017-01-19 22:41 - 2017-01-23 18:23 - 93782016 _____ C:\Users\Administrator\Desktop\MATURITNÍ PRÁCE DŮM.0001.rvt
2017-01-15 16:25 - 2017-01-15 16:25 - 00037485 _____ C:\Users\Administrator\Downloads\KRITERIA_2016-2017.pdf
2017-01-12 21:06 - 2017-01-12 21:06 - 00092026 _____ C:\Users\Administrator\Downloads\Pripravny kurz_15.pdf
2017-01-11 18:44 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 18:44 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 18:44 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 18:44 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 18:44 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 18:44 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 18:44 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 18:43 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 18:43 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 18:43 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 18:43 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 18:43 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 18:43 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 18:43 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 18:43 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:43 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 18:43 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 18:43 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 18:43 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 18:43 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 18:43 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 18:43 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 18:43 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 18:43 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 18:43 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 18:43 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 18:43 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 18:43 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 18:43 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 18:43 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 18:43 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 18:43 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 18:43 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 18:43 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 18:43 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 18:43 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 18:43 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 18:43 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 18:43 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 18:43 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 18:43 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 18:43 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 18:43 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 18:43 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 18:43 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 18:43 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:43 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 18:43 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 18:43 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 18:43 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 18:43 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 18:43 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 18:43 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 18:43 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 18:43 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 18:43 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 18:43 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 18:32 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 18:31 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 18:31 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 18:31 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 18:31 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 18:31 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 18:31 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 18:31 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 18:31 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 18:31 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 18:31 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 18:31 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 18:31 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 18:31 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 18:31 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 18:31 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 18:31 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 18:31 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 18:31 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 18:30 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 18:30 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 18:30 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 18:30 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 18:30 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 18:30 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 18:30 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 18:30 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 18:30 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 18:30 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 18:30 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 18:30 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 18:30 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 18:30 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 18:30 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 18:30 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 18:30 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 18:30 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 18:30 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 18:30 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 18:30 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 18:29 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 18:29 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 18:29 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 18:29 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 18:29 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 18:29 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 18:29 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 18:29 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 18:29 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 18:29 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 18:29 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 18:29 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 18:29 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 18:29 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 18:29 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 18:29 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 18:29 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 18:29 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 18:29 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 18:29 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 18:28 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 18:28 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 18:28 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 18:28 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 18:28 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 18:28 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 18:28 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 18:28 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 18:28 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 18:28 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 18:28 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 18:28 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 18:28 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 18:28 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 18:28 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 18:28 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 18:28 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 18:28 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 18:28 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 18:28 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 18:28 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 18:28 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 18:28 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:28 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 18:28 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 18:27 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 18:27 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 20:03 - 2017-01-10 20:04 - 00454656 _____ C:\Users\Administrator\Downloads\Opplt.mdb
2017-01-07 22:45 - 2017-01-07 22:45 - 00188912 _____ C:\Users\Administrator\Downloads\opatr.dek.12-16_PRIJ17 (1).pdf
2017-01-07 21:02 - 2017-01-07 21:02 - 00188912 _____ C:\Users\Administrator\Downloads\opatr.dek.12-16_PRIJ17.pdf
2017-01-07 21:00 - 2017-01-07 21:00 - 04013453 _____ C:\Users\Administrator\Downloads\Opatreni dekanky c.19_2016.pdf
2017-01-07 20:54 - 2017-01-07 20:54 - 00202428 _____ C:\Users\Administrator\Downloads\informace-o-kon-prij-riz
2017-01-04 20:38 - 2017-01-04 20:38 - 51693408 _____ (A.I.SOFT,INC.) C:\Users\Administrator\Downloads\HL-1210W-inst-A1-eeu (1).EXE
2017-01-04 20:18 - 2017-01-04 20:18 - 51693408 _____ (A.I.SOFT,INC.) C:\Users\Administrator\Downloads\HL-1210W-inst-A1-eeu.EXE
2017-01-04 20:18 - 2017-01-04 20:18 - 00000000 ____D C:\Users\Administrator\Downloads\install
2017-01-04 20:17 - 2017-01-04 20:17 - 00991992 _____ (A.I.SOFT,INC.) C:\Users\Administrator\Downloads\nettool_1215.EXE
2017-01-04 20:17 - 2017-01-04 20:17 - 00000000 ____D C:\Users\Administrator\Downloads\NetworkRepairTool
2017-01-04 20:15 - 2017-01-04 20:16 - 01588272 _____ (Brother Industries, Ltd.) C:\Users\Administrator\Downloads\WirelessSetupHelper1.3.3_cs.exe
2017-01-03 19:05 - 2017-01-03 19:05 - 14262056 _____ C:\Users\Administrator\Downloads\ART_25_povalečny_historismus_SORELA.pptx
2017-01-03 19:05 - 2017-01-03 19:05 - 10848508 _____ C:\Users\Administrator\Downloads\ART_24_funkcionalismus_cesky.pptx
2017-01-03 19:05 - 2017-01-03 19:05 - 06000955 _____ C:\Users\Administrator\Downloads\ART_23_funkcionalismus_inspirace.pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00849697 _____ C:\Users\Administrator\Downloads\8-Střecha-I (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00818203 _____ C:\Users\Administrator\Downloads\10-Materiál-konstrukcí (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00799829 _____ C:\Users\Administrator\Downloads\19-Výkazy.pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00788649 _____ C:\Users\Administrator\Downloads\1-Úvod-do-problematiky.pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00640621 _____ C:\Users\Administrator\Downloads\20-Terén (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00589708 _____ C:\Users\Administrator\Downloads\11-Schodiště (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00571884 _____ C:\Users\Administrator\Downloads\17-Zábradlí (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00509935 _____ C:\Users\Administrator\Downloads\13-Střecha-III (1).pptx
2017-01-02 13:11 - 2017-01-02 13:11 - 00504747 _____ C:\Users\Administrator\Downloads\12-Strop-v-podkroví (1).pptx
2017-01-02 13:10 - 2017-01-02 13:11 - 00691802 _____ C:\Users\Administrator\Downloads\3-Okna.pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00601282 _____ C:\Users\Administrator\Downloads\5-Podlaha (1).pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00585609 _____ C:\Users\Administrator\Downloads\7-Stropy (2).pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00585609 _____ C:\Users\Administrator\Downloads\7-Stropy (1).pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00499610 _____ C:\Users\Administrator\Downloads\4-Dveře.pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00486965 _____ C:\Users\Administrator\Downloads\9-Střecha-II (1).pptx
2017-01-02 13:10 - 2017-01-02 13:10 - 00473072 _____ C:\Users\Administrator\Downloads\6-Základy (1).pptx
2017-01-02 12:52 - 2017-01-02 12:52 - 07270258 _____ C:\Users\Administrator\Downloads\STŘEDOŠKOLSKÁ-ODBORNÁ-ČINNOST-op (1).pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00332800 _____ C:\Users\Administrator\Downloads\51-metoda-per-partes.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00321430 _____ C:\Users\Administrator\Downloads\60-obsah-obrazce.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00314348 _____ C:\Users\Administrator\Downloads\61-obsah-obrazce-cv..pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00277763 _____ C:\Users\Administrator\Downloads\48-vzorce-a-věty-pro-integrování-fcí.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00273434 _____ C:\Users\Administrator\Downloads\57-určitý-integrál-cv..pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00250152 _____ C:\Users\Administrator\Downloads\65-rotace-kuželosečky.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00249947 _____ C:\Users\Administrator\Downloads\47-pojem-primitivní-fce.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00245052 _____ C:\Users\Administrator\Downloads\52-per-partes-cv..pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00233610 _____ C:\Users\Administrator\Downloads\50-neurčitý-integrál-cv..pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00230224 _____ C:\Users\Administrator\Downloads\58-metoda-substituce-určitého-integrálu.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00222077 _____ C:\Users\Administrator\Downloads\56-určitý-integrál.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00221960 _____ C:\Users\Administrator\Downloads\54-metoda-substice.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00216491 _____ C:\Users\Administrator\Downloads\53-per-partes-cvičení.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00197281 _____ C:\Users\Administrator\Downloads\59-metoda-per-partes-určitého-integrálu.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00196824 _____ C:\Users\Administrator\Downloads\62-obsah-obrazce-cv..pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00179748 _____ C:\Users\Administrator\Downloads\63-objem-rotačního-tělesa.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00161884 _____ C:\Users\Administrator\Downloads\49-neurčitý-integrál-cvičení.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00144042 _____ C:\Users\Administrator\Downloads\55-substituce-cvičení.pdf
2017-01-01 16:59 - 2017-01-01 16:59 - 00132351 _____ C:\Users\Administrator\Downloads\64-rotační-těleso-cv..pdf
2016-12-31 16:18 - 2016-12-31 16:18 - 03554063 _____ C:\Users\Administrator\Downloads\Ben Cristovao ft. Forsomeone - Kolotoc (prod. by The Glowsticks ) Text - Lyric videoo (1).mp3
2016-12-31 16:13 - 2016-12-31 16:13 - 02853145 _____ C:\Users\Administrator\Downloads\American Authors - What We Live For (Lyric Video).mp3
2016-12-31 16:12 - 2016-12-31 16:12 - 03404851 _____ C:\Users\Administrator\Downloads\The Strumbellas - Spirits.mp3
2016-12-31 16:11 - 2016-12-31 16:11 - 03291584 _____ C:\Users\Administrator\Downloads\Alle Farben - Please Tell Rosie (feat. YOUNOTUS) [OFFICIAL VIDEO].mp3
2016-12-31 16:11 - 2016-12-31 16:11 - 03104338 _____ C:\Users\Administrator\Downloads\X Ambassadors - Renegades (Lyric Video).mp3
2016-12-31 16:10 - 2016-12-31 16:10 - 04038771 _____ C:\Users\Administrator\Downloads\Fun.- We Are Young ft. Janelle Monáe [OFFICIAL VIDEO].mp3
2016-12-31 16:09 - 2016-12-31 16:09 - 02960143 _____ C:\Users\Administrator\Downloads\Major Lazer - Cold Water (feat. Justin Bieber & MØ) (Official Dance Video).mp3
2016-12-31 16:09 - 2016-12-31 16:09 - 02818036 _____ C:\Users\Administrator\Downloads\Jake Miller Dazed And Confused Lyrics.mp3
2016-12-31 16:08 - 2016-12-31 16:08 - 03568431 _____ C:\Users\Administrator\Downloads\Maroon 5 - One More Night.mp3
2016-12-31 16:08 - 2016-12-31 16:08 - 03426879 _____ C:\Users\Administrator\Downloads\Gym Class Heroes- Stereo Hearts ft. Adam Levine [OFFICIAL VIDEO].mp3
2016-12-31 16:08 - 2016-12-31 16:08 - 03366693 _____ C:\Users\Administrator\Downloads\Maroon 5 - Misery.mp3
2016-12-31 16:07 - 2016-12-31 16:07 - 03865862 _____ C:\Users\Administrator\Downloads\Taylor Swift - Shake It Off.mp3
2016-12-31 16:07 - 2016-12-31 16:07 - 03607019 _____ C:\Users\Administrator\Downloads\P!nk - So What.mp3
2016-12-31 16:06 - 2016-12-31 16:06 - 03269852 _____ C:\Users\Administrator\Downloads\Iggy Azalea - Fancy ft. Charli XCX.mp3
2016-12-31 16:06 - 2016-12-31 16:06 - 02833921 _____ C:\Users\Administrator\Downloads\Charli XCX - Boom Clap [Official Video].mp3
2016-12-31 16:05 - 2016-12-31 16:05 - 03351772 _____ C:\Users\Administrator\Downloads\Katy Perry - This Is How We Do (Official).mp3
2016-12-31 16:04 - 2016-12-31 16:04 - 04009638 _____ C:\Users\Administrator\Downloads\Coldplay - Up&Up (Official video).mp3
2016-12-31 16:04 - 2016-12-31 16:04 - 03845120 _____ C:\Users\Administrator\Downloads\Rihanna - Stay feat. Mikky Ekko -OFFICIAL LYRICS VIDEO-.mp3
2016-12-31 16:03 - 2016-12-31 16:03 - 04172224 _____ C:\Users\Administrator\Downloads\Coldplay - Hymn For The Weekend (Official video).mp3
2016-12-31 16:03 - 2016-12-31 16:03 - 03370161 _____ C:\Users\Administrator\Downloads\EDDIE STOILOW -- BABY (official video 2013).mp3
2016-12-31 16:02 - 2016-12-31 16:02 - 03339649 _____ C:\Users\Administrator\Downloads\Robbie Williams - Love My Life - Official Video.mp3
2016-12-31 16:01 - 2016-12-31 16:01 - 02588871 _____ C:\Users\Administrator\Downloads\The Lumineers - Ho Hey (Official Video).mp3
2016-12-31 16:00 - 2016-12-31 16:00 - 03222203 _____ C:\Users\Administrator\Downloads\Nightcore Treble Heart Anna Graceman 1 - steady big go 1,2,3,4 -.mp3
2016-12-31 15:59 - 2016-12-31 16:00 - 03023548 _____ C:\Users\Administrator\Downloads\Timbaland - Apologize ft. OneRepublic.mp3
2016-12-31 15:59 - 2016-12-31 15:59 - 03872841 _____ C:\Users\Administrator\Downloads\Nelly - Just A Dream.mp3
2016-12-31 15:59 - 2016-12-31 15:59 - 03070066 _____ C:\Users\Administrator\Downloads\Rihanna, Kanye West, Paul McCartney - FourFiveSeconds.mp3
2016-12-31 15:58 - 2016-12-31 15:58 - 03642128 _____ C:\Users\Administrator\Downloads\David Guetta feat Rihanna - Who's That Chick- - Day version (Official videoclip).mp3
2016-12-31 15:57 - 2016-12-31 15:57 - 04404067 _____ C:\Users\Administrator\Downloads\DJ Antoine - Welcome to St. Tropez.mp3
2016-12-31 15:57 - 2016-12-31 15:57 - 03137777 _____ C:\Users\Administrator\Downloads\David Guetta ft Akon - Sexy Beach â--â-¬â-- â-- â--â--â--.mp3
2016-12-31 15:56 - 2016-12-31 15:56 - 03912671 _____ C:\Users\Administrator\Downloads\Calvin Harris - My Way (Official Video).mp3
2016-12-31 15:56 - 2016-12-31 15:56 - 03193364 _____ C:\Users\Administrator\Downloads\Marshmello - Alone (Official Music Video).mp3
2016-12-31 15:54 - 2016-12-31 15:54 - 04823405 _____ C:\Users\Administrator\Downloads\Maroon 5 - Sugar.mp3
2016-12-31 15:54 - 2016-12-31 15:54 - 04747338 _____ C:\Users\Administrator\Downloads\Ed Sheeran - Thinking Out Loud [Official Video].mp3
2016-12-31 15:54 - 2016-12-31 15:54 - 03183751 _____ C:\Users\Administrator\Downloads\Martin Garrix & Bebe Rexha - In The Name Of Love.mp3
2016-12-31 15:53 - 2016-12-31 15:53 - 04209425 _____ C:\Users\Administrator\Downloads\Tove Lo - Stay High ft. Hippie Sabotage.mp3
2016-12-31 15:53 - 2016-12-31 15:53 - 03981635 _____ C:\Users\Administrator\Downloads\SAIL - AWOLNATION (Unofficial Video).mp3
2016-12-31 15:53 - 2016-12-31 15:53 - 03809438 _____ C:\Users\Administrator\Downloads\Milky Chance - Flashed Junk Mind.mp3
2016-12-31 15:52 - 2016-12-31 15:52 - 04256528 _____ C:\Users\Administrator\Downloads\Arctic Monkeys - Do I Wanna Know- (Official Video).mp3
2016-12-31 15:52 - 2016-12-31 15:52 - 03939423 _____ C:\Users\Administrator\Downloads\WALK THE MOON - Shut Up and Dance.mp3
2016-12-31 15:50 - 2016-12-31 15:50 - 03797191 _____ C:\Users\Administrator\Downloads\Spice Girls - Wannabe.mp3
2016-12-31 15:50 - 2016-12-31 15:50 - 03565641 _____ C:\Users\Administrator\Downloads\Ricky Martin - Livin' La Vida Loca.mp3
2016-12-31 15:49 - 2016-12-31 15:49 - 04103679 _____ C:\Users\Administrator\Downloads\Ewa Farna - Na ostri noze.mp3
2016-12-31 15:49 - 2016-12-31 15:49 - 03184463 _____ C:\Users\Administrator\Downloads\Beyoncé - Single Ladies (Put A Ring On It).mp3
2016-12-31 15:48 - 2016-12-31 15:48 - 03715135 _____ C:\Users\Administrator\Downloads\P!nk feat. Lily Allen - True Love.mp3
2016-12-31 15:48 - 2016-12-31 15:48 - 03233232 _____ C:\Users\Administrator\Downloads\P!nk - Raise Your Glass.mp3
2016-12-31 15:48 - 2016-12-31 15:48 - 03162729 _____ C:\Users\Administrator\Downloads\OneRepublic - Feel Again.mp3
2016-12-31 15:47 - 2016-12-31 15:47 - 03990414 _____ C:\Users\Administrator\Downloads\OneRepublic - Something I Need.mp3
2016-12-31 15:47 - 2016-12-31 15:47 - 03655211 _____ C:\Users\Administrator\Downloads\OneRepublic - Love Runs Out.mp3
2016-12-31 15:47 - 2016-12-31 15:47 - 03262746 _____ C:\Users\Administrator\Downloads\Tina feat. Ego - SEXXXY.mp3
2016-12-31 15:46 - 2016-12-31 15:46 - 04621948 _____ C:\Users\Administrator\Downloads\Ben Cristovao & The Glowsticks - ASIO [Malaysia ].mp3
2016-12-31 15:46 - 2016-12-31 15:46 - 03494712 _____ C:\Users\Administrator\Downloads\Paulie Garand - Play (prod. Fiedlerski) (Oficiální video).mp3
2016-12-31 15:46 - 2016-12-31 15:46 - 02893269 _____ C:\Users\Administrator\Downloads\Annet Charitonova - TAKTOMABYT feat. Ben Cristovao.mp3
2016-12-31 15:45 - 2016-12-31 15:45 - 04466049 _____ C:\Users\Administrator\Downloads\Majk Spirit - Šampuss (OFFICIAL VIDEO) +Anita Soul, prod. Billy Hollywood.mp3
2016-12-31 15:45 - 2016-12-31 15:45 - 03555318 _____ C:\Users\Administrator\Downloads\Majk Spirit - Tancujj (prod. Abe).mp3
2016-12-31 15:45 - 2016-12-31 15:45 - 03554063 _____ C:\Users\Administrator\Downloads\Ben Cristovao ft. Forsomeone - Kolotoc (prod. by The Glowsticks ) Text - Lyric videoo.mp3
2016-12-31 15:44 - 2016-12-31 15:44 - 04036263 _____ C:\Users\Administrator\Downloads\Black Eyed Peas - Where Is The Love-.mp3
2016-12-31 15:44 - 2016-12-31 15:44 - 03869209 _____ C:\Users\Administrator\Downloads\Mattafix - Big City Life.mp3
2016-12-31 15:44 - 2016-12-31 15:44 - 03817953 _____ C:\Users\Administrator\Downloads\Lana Del Rey - Young and Beautiful.mp3
2016-12-31 15:43 - 2016-12-31 15:44 - 04916193 _____ C:\Users\Administrator\Downloads\John Legend - All of Me.mp3
2016-12-31 15:43 - 2016-12-31 15:43 - 03607563 _____ C:\Users\Administrator\Downloads\MAGIC! - Rude.mp3
2016-12-31 15:43 - 2016-12-31 15:43 - 03296182 _____ C:\Users\Administrator\Downloads\Justin Bieber - What Do You Mean- (Lyric Video).mp3
2016-12-31 15:43 - 2016-12-31 15:43 - 03029524 _____ C:\Users\Administrator\Downloads\OMI - Cheerleader (Felix Jaehn Remix) [Official Video] (1).mp3
2016-12-31 15:42 - 2016-12-31 15:42 - 03322513 _____ C:\Users\Administrator\Downloads\Jonas Blue - Perfect Strangers ft. JP Cooper.mp3
2016-12-31 15:42 - 2016-12-31 15:42 - 02948858 _____ C:\Users\Administrator\Downloads\Mike Perry - The Ocean ft. Shy Martin.mp3
2016-12-31 15:41 - 2016-12-31 15:42 - 03521044 _____ C:\Users\Administrator\Downloads\Fifth Harmony - Work from Home ft. Ty Dolla $ign.mp3
2016-12-31 15:41 - 2016-12-31 15:41 - 03808600 _____ C:\Users\Administrator\Downloads\Ariana Grande - Side To Side ft. Nicki Minaj.mp3
2016-12-31 15:41 - 2016-12-31 15:41 - 03133178 _____ C:\Users\Administrator\Downloads\Emily Roberts - #santaclara (Official Video).mp3
2016-12-31 15:40 - 2016-12-31 15:40 - 03525517 _____ C:\Users\Administrator\Downloads\Natasha Bedingfield - These Words.mp3
2016-12-31 15:39 - 2016-12-31 15:39 - 03821558 _____ C:\Users\Administrator\Downloads\Duke Dumont - I Got U ft. Jax Jones.mp3
2016-12-31 15:39 - 2016-12-31 15:39 - 03198379 _____ C:\Users\Administrator\Downloads\David Guetta - Hey Mama (Official Video) ft Nicki Minaj, Bebe Rexha & Afrojack.mp3
2016-12-31 15:39 - 2016-12-31 15:39 - 03029524 _____ C:\Users\Administrator\Downloads\OMI - Cheerleader (Felix Jaehn Remix) [Official Video].mp3
2016-12-31 15:39 - 2016-12-31 15:39 - 02864012 _____ C:\Users\Administrator\Downloads\Major Lazer & DJ Snake - Lean On (feat. MØ) (Official Music Video).mp3
2016-12-31 15:38 - 2016-12-31 15:38 - 03888850 _____ C:\Users\Administrator\Downloads\Sigma - Nobody To Love (Official Video) HD.mp3
2016-12-31 15:38 - 2016-12-31 15:38 - 03666076 _____ C:\Users\Administrator\Downloads\Robin Schulz - Headlights [feat. Ilsey] [official video].mp3
2016-12-31 15:38 - 2016-12-31 15:38 - 03097653 _____ C:\Users\Administrator\Downloads\Lilly Wood & The Prick and Robin Schulz - Prayer In C (Robin Schulz Remix).mp3
2016-12-31 15:38 - 2016-12-31 15:38 - 02789617 _____ C:\Users\Administrator\Downloads\Robin Schulz - Sun Goes Down feat. Jasmine Thompson (Official Video) (1).mp3
2016-12-31 15:37 - 2016-12-31 15:37 - 03841494 _____ C:\Users\Administrator\Downloads\Shaggy - Angel Lyrics.mp3
2016-12-31 15:37 - 2016-12-31 15:37 - 03565347 _____ C:\Users\Administrator\Downloads\Robin Schulz - Sugar (feat. Francesco Yates) (OFFICIAL MUSICVIDEO).mp3
2016-12-31 15:37 - 2016-12-31 15:37 - 03257731 _____ C:\Users\Administrator\Downloads\nirvana - hey girl shake it.mp3
2016-12-31 15:36 - 2016-12-31 15:36 - 04750556 _____ C:\Users\Administrator\Downloads\Kid Cudi - Pursuit Of Happiness ft. MGMT.mp3
2016-12-31 15:36 - 2016-12-31 15:36 - 03704404 _____ C:\Users\Administrator\Downloads\Mac Miller - Knock Knock.mp3
2016-12-31 15:35 - 2016-12-31 15:35 - 05626304 _____ C:\Users\Administrator\Downloads\Sia - The Greatest.mp3
2016-12-31 15:35 - 2016-12-31 15:35 - 04766144 _____ C:\Users\Administrator\Downloads\Sucker for Pain - Lil Wayne, Wiz Khalifa & Imagine Dragons w- Logic & Ty Dolla $ign ft X Ambassadors.mp3
2016-12-31 15:35 - 2016-12-31 15:35 - 03651865 _____ C:\Users\Administrator\Downloads\The Chainsmokers - Roses ft. ROZES (1).mp3
2016-12-31 15:34 - 2016-12-31 15:35 - 03421151 _____ C:\Users\Administrator\Downloads\Alvaro Soler - Sofia.mp3
2016-12-31 15:34 - 2016-12-31 15:34 - 02723996 _____ C:\Users\Administrator\Downloads\Deorro - Bailar feat. Elvis Crespo (Official Video).mp3
2016-12-31 15:33 - 2016-12-31 15:33 - 05178964 _____ C:\Users\Administrator\Downloads\Eminem - Like Toy Soldiers.mp3
2016-12-31 15:33 - 2016-12-31 15:33 - 03952796 _____ C:\Users\Administrator\Downloads\The Chainsmokers - Closer ft. Halsey.mp3
2016-12-31 15:32 - 2016-12-31 15:33 - 03977037 _____ C:\Users\Administrator\Downloads\Little Mix - Shout Out to My Ex (Official Video).mp3
2016-12-31 15:32 - 2016-12-31 15:32 - 03842036 _____ C:\Users\Administrator\Downloads\Christopher - Limousine feat. Madcon (Official Music Video).mp3
2016-12-31 15:32 - 2016-12-31 15:32 - 03727934 _____ C:\Users\Administrator\Downloads\P!nk - Just Like Fire (From the Original Motion Picture Alice Through The Looking Glass).mp3
2016-12-31 15:31 - 2016-12-31 15:32 - 04878159 _____ C:\Users\Administrator\Downloads\ENVY - Am I Wrong (Official Video).mp3
2016-12-31 15:31 - 2016-12-31 15:31 - 06062236 _____ C:\Users\Administrator\Downloads\Maroon 5 - Don't Wanna Know.mp3
2016-12-31 15:31 - 2016-12-31 15:31 - 04295942 _____ C:\Users\Administrator\Downloads\Clean Bandit - Rather Be feat. Jess Glynne.mp3
2016-12-31 15:31 - 2016-12-31 15:31 - 03627623 _____ C:\Users\Administrator\Downloads\Bruno Mars - 24K Magic [Official Video].mp3
2016-12-31 15:30 - 2016-12-31 15:31 - 04063973 _____ C:\Users\Administrator\Downloads\Clean Bandit - Rockabye ft. Sean Paul & Anne-Marie [Official Video].mp3

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-28 06:13 - 2016-09-16 16:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-28 06:03 - 2016-06-12 17:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2017-01-28 00:10 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-28 00:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-27 19:47 - 2016-09-16 16:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-27 19:47 - 2015-06-09 15:28 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-01-27 19:46 - 2016-09-16 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 19:46 - 2016-09-16 16:39 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-27 19:46 - 2016-07-16 07:04 - 01835008 _____ C:\WINDOWS\system32\config\BBI
2017-01-27 19:41 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 19:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-26 17:22 - 2016-09-16 16:42 - 03576392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-26 17:22 - 2016-07-16 23:25 - 01502966 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-26 17:22 - 2016-07-16 23:25 - 00411804 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-26 10:15 - 2009-07-14 03:34 - 00000425 _____ C:\WINDOWS\win.ini
2017-01-26 09:53 - 2015-08-05 08:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\Akamai
2017-01-25 19:04 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 18:31 - 2015-06-09 14:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-22 16:47 - 2016-10-08 11:03 - 00000000 ____D C:\Users\Administrator\Desktop\maturita
2017-01-19 16:40 - 2016-06-04 17:46 - 00002455 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-19 16:40 - 2016-06-04 17:46 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-01-16 01:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-16 01:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-15 14:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 23:50 - 2016-01-11 14:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2017-01-11 20:18 - 2016-06-04 17:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 20:15 - 2016-09-16 16:35 - 00503136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 20:14 - 2016-12-16 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-11 20:14 - 2015-06-09 13:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 20:09 - 2016-09-16 16:43 - 00000000 ____D C:\Users\Administrator
2017-01-11 19:19 - 2015-06-09 13:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:14 - 2015-06-09 13:25 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 20:03 - 2015-06-09 13:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-01-10 20:02 - 2016-09-16 17:05 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-05 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-04 20:24 - 2016-06-20 17:11 - 00002213 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2017-01-04 20:23 - 2016-06-20 17:10 - 00000000 ____D C:\Program Files (x86)\Browny02

==================== Files in the root of some directories =======

2016-09-16 16:38 - 2016-09-16 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-05 08:41 - 2015-08-05 08:41 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
2017-01-26 10:13 - 2011-05-20 11:33 - 0056224 _____ (BitDefender) C:\Users\Administrator\AppData\Local\Temp\avxdisk.dll
2017-01-25 20:00 - 2017-01-25 20:00 - 0349408 _____ (Lavasoft) C:\Users\Administrator\AppData\Local\Temp\b514794a-bbb7-41cf-b118-328e0e83384f.exe
2017-01-26 10:13 - 2011-09-06 00:20 - 0182792 _____ (BitDefender) C:\Users\Administrator\AppData\Local\Temp\bdc.exe
2017-01-26 10:13 - 2014-05-16 00:46 - 0116152 _____ (Bitdefender) C:\Users\Administrator\AppData\Local\Temp\bdcore.dll
2017-01-26 10:13 - 2009-09-17 14:48 - 0231944 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\bdfltlib2k.dll
2017-01-26 10:13 - 2014-03-24 03:29 - 0085736 _____ (BitDefender) C:\Users\Administrator\AppData\Local\Temp\bdnimbus32.dll
2017-01-26 10:13 - 2014-03-24 03:29 - 0092392 _____ (BitDefender) C:\Users\Administrator\AppData\Local\Temp\bdnimbus64.dll
2017-01-26 10:13 - 2010-01-14 23:54 - 0009224 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\bdupdateservice.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 0061184 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\DEVCON.EXE
2017-01-26 10:15 - 2017-01-26 10:15 - 0156392 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\eEmpty.exe
2017-01-26 10:14 - 2015-07-28 19:30 - 0319664 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\encdec.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0474288 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\esupdate.exe
2017-01-26 10:14 - 2009-07-17 13:39 - 0043776 _____ (Kaspersky Lab) C:\Users\Administrator\AppData\Local\Temp\FSSync.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0107248 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\Getvlist.exe
2017-01-26 10:14 - 2009-07-17 13:39 - 0070912 _____ () C:\Users\Administrator\AppData\Local\Temp\ikave.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0044784 _____ (Kaspersky Lab.) C:\Users\Administrator\AppData\Local\Temp\ipc.dll
2017-01-26 10:14 - 2009-07-17 13:39 - 0283904 _____ (Kaspersky Lab.) C:\Users\Administrator\AppData\Local\Temp\kave.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0110344 _____ () C:\Users\Administrator\AppData\Local\Temp\kavvlg.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0229040 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\msvclnt.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 0554240 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\msvcp80.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 0572928 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\msvcp90.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 0632064 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\msvcr80.dll
2017-01-26 10:15 - 2017-01-26 10:15 - 0655872 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\msvcr90.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 5426864 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\msvl64.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 0221360 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\msvlclnt.dll
2017-01-26 10:14 - 2015-07-28 19:30 - 1133744 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\mwavdwnl.exe
2017-01-26 10:14 - 2015-07-28 19:30 - 0705712 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\MWAVL.exe
2017-01-26 10:15 - 2015-07-28 19:30 - 1126640 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\mwavscan.exe
2017-01-26 10:14 - 2015-07-28 19:30 - 0855728 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\mwunzip.dll
2017-01-26 10:15 - 2009-07-17 13:39 - 0189696 _____ (Kaspersky Lab) C:\Users\Administrator\AppData\Local\Temp\prLoader.dll
2017-01-26 10:15 - 2015-07-28 19:30 - 0011440 _____ (Microsoft Corporation) C:\Users\Administrator\AppData\Local\Temp\red32.dll
2017-01-26 10:15 - 2015-07-28 19:30 - 0403120 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\Reload.exe
2017-01-26 10:15 - 2012-07-17 01:42 - 0355624 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\scan.dll
2017-01-26 10:15 - 2009-07-17 13:39 - 0144640 _____ (Kaspersky Lab.) C:\Users\Administrator\AppData\Local\Temp\ScanningProcess.exe
2017-01-26 10:15 - 2015-07-28 19:31 - 0083120 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\setpriv.exe
2017-01-26 10:15 - 2015-07-27 22:27 - 2126056 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\test2.exe
2017-01-26 10:15 - 2017-01-26 10:15 - 0394408 _____ (BitDefender S.R.L.) C:\Users\Administrator\AppData\Local\Temp\trufos.dll
2017-01-26 10:15 - 2015-07-27 20:00 - 0100584 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\unregx.exe
2017-01-26 10:15 - 2015-07-28 19:31 - 0578224 _____ (MicroWorld Technologies Inc.) C:\Users\Administrator\AppData\Local\Temp\viewtcp.exe
2016-09-18 18:08 - 2006-05-24 18:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Administrator\AppData\Local\Temp\_is6ADF.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-18 17:21

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\...\Run: [Akamai NetSession Interface] => C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\Administrator\AppData\Local\Akamai
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Internet Explorer\Main,Start Page =
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Administrator\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[athlan]

zde je.. fyi, reimage okno se spouští pořád. Díky.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-01-2017 01
Ran by Administrator (28-01-2017 12:33:44) Run:1
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\...\Run: [Akamai NetSession Interface] => C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\Administrator\AppData\Local\Akamai
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Internet Explorer\Main,Start Page =
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Administrator\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
C:\Users\Administrator\AppData\Local\Akamai => moved successfully
"C:\Windows\system32\nvinitx.dll" => Value data removed successfully.
HKU\S-1-5-21-3856685454-3635898508-2700020702-500\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Administrator\AppData\Local\Temp" folder move:

Could not move "C:\Users\Administrator\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 1134528 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 158904511 B
Java, Flash, Steam htmlcache => 1086 B
Windows/system/drivers => 68186944 B
Edge => 8523866 B
Chrome => 853017011 B
Firefox => 200622434 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 26184 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6432 B
NetworkService => 39830 B
Administrator => 1041896587 B
DefaultAppPool => 26184 B

RecycleBin => 35704048560 B
EmptyTemp: => 35.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-01-2017 12:43:32)

C:\Users\Administrator\AppData\Local\Temp => moved successfully

==== End of Fixlog 12:43:36 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[athlan]

Zdá se ok, děkuji Vám.

[Rudy]

Nemáte zač!