Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Přesměrování webu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
prudil
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 28 srp 2017 21:49

Přesměrování webu

#1 Příspěvek od prudil »

Hezký večer,
mám problém, že v Opeře, Chromu a Firefoxu dochází k přesměrování na cizí weby. V případě vyhledávání jsem pak přesměrován na vyhledavač yahoo.
Děkuji za pomoc.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Ann (administrator) on KROVAK (28-08-2017 22:53:33)
Running from C:\Users\Ann\Desktop
Loaded Profiles: Ann (Available Profiles: Ann)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Andrey Gruber) C:\PNotes\PNotes.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Ann\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-08-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-12-09] ()
HKLM-x32\...\Run: [Wondershare Media Server] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\MediaLibServer.exe [215440 2014-12-09] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ShutdownTime] => C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe [91648 2017-06-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {be515169-72fc-11e5-81f7-0c8bfd05f78e} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} - "D:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-06-12]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2015-02-04]
ShortcutTarget: PNotes.lnk -> C:\PNotes\PNotes.exe (Andrey Gruber)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{83bb79ee-247b-4545-a1ee-8ea5bf4ac218}: [NameServer] 100.70.100.70
Tcpip\..\Interfaces\{83bb79ee-247b-4545-a1ee-8ea5bf4ac218}: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{b1b011e8-5509-4c9d-b365-af92136040df}: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{ba13801a-3cdf-4fe3-88a0-c8930940e45f}: [DhcpNameServer] 100.70.100.70 100.70.70.100

Internet Explorer:
==================
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> DefaultScope {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-28] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-12-09] (Wondershare)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default [2017-08-28]
FF user.js: detected! => C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\6mz5a0ld.default -> http://www.google.cz
FF Session Restore: Mozilla\Firefox\Profiles\6mz5a0ld.default -> is enabled.
FF Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\378507@extcorp.net.xpi [2017-08-23]
FF Extension: (Duplicate This Tab) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2016-04-28]
FF Extension: (Translate This!) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2016-11-05]
FF Extension: (Context Search) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi [2016-03-20]
FF Extension: (Adblock Plus) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Extended Statusbar) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2016-06-16]
FF Extension: (Firefox Screenshots) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\features\{049b8c47-e382-45a4-9ee1-755e0c6bb59c}\screenshots@mozilla.org.xpi [2017-08-28]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\dawiki.xml [2015-02-27]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\hellspy.xml [2014-01-12]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\ulozto.xml [2014-01-12]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-03-18]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-10-01] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-02-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: GvNPRT -> C:\Program Files (x86)\GvNPRT\nprt_gvx.dll [2013-05-31] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprt_gvx.dll [2013-05-31] ( )
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js [2017-08-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\12939359.cfg [2017-08-25] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (Dokumenty Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-19]
CHR Extension: (Tables) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-31]
CHR Extension: (AVG SafePrice) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
CHR Extension: (Gmail) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-08-27]
OPR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [312712 2017-08-27] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7481648 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-08-01] (AVG Technologies CZ, s.r.o.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-17] (Intel)
S2 clsid50662; C:\ProgramData\clsid50662.exe [443072 2017-08-27] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2015-02-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-16] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-10-06] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-02-02] ()
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2016-03-28] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-10-06] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [313616 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-08-27] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [139112 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\WINDOWS\system32\drivers\avgNetSec.sys [546968 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102792 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [578048 2017-08-27] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [191208 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [353744 2017-08-27] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-02-16] (Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-02-16] (Huawei Technologies Co., Ltd.)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-16] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-16] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-16] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [30072 2015-10-07] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [23416 2015-10-07] (Acer Incorporated)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [77920 2017-01-17] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-17] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-08-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-28 22:53 - 2017-08-28 22:54 - 000032161 _____ C:\Users\Ann\Desktop\FRST.txt
2017-08-28 22:42 - 2017-08-28 22:42 - 000112640 _____ (forum.viry.cz) C:\Users\Ann\Desktop\FRSTLauncher.exe
2017-08-28 22:37 - 2017-08-28 22:53 - 000000000 ____D C:\FRST
2017-08-28 22:36 - 2017-08-28 22:36 - 002395648 _____ (Farbar) C:\Users\Ann\Desktop\FRST64.exe
2017-08-28 22:10 - 2017-08-28 22:10 - 000000000 ___HD C:\$SysReset
2017-08-28 15:57 - 2017-08-28 15:57 - 000032312 _____ C:\Users\Ann\Downloads\config.bin
2017-08-28 15:46 - 2017-08-28 15:46 - 000514284 _____ C:\WINDOWS\Minidump\082817-6187-01.dmp
2017-08-28 09:42 - 2017-08-28 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-08-28 08:15 - 2017-08-28 08:15 - 000003798 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-08-28 01:17 - 2017-08-28 01:17 - 000002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-08-27 23:59 - 2017-08-27 23:59 - 000000000 ___HD C:\$AV_AVG
2017-08-27 23:55 - 2017-08-27 23:55 - 000002598 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-08-27 23:55 - 2017-02-21 09:29 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-08-27 23:45 - 2017-08-27 23:46 - 001008288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsnx.sys
2017-08-27 23:45 - 2017-08-27 23:46 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmonflt.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000578048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000546968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetSec.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000401584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-08-27 23:45 - 2017-08-27 23:45 - 000353744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000313616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000191208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000004008 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-08-27 23:44 - 2017-08-27 23:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-08-27 23:42 - 2017-08-27 23:55 - 000000000 ____D C:\Program Files (x86)\AVG
2017-08-27 23:42 - 2017-08-27 23:54 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-08-27 23:41 - 2017-08-27 23:55 - 000000000 ____D C:\Users\Ann\AppData\Local\AvgSetupLog
2017-08-27 23:41 - 2017-08-27 23:55 - 000000000 ____D C:\Users\Ann\AppData\Local\Avg
2017-08-27 23:30 - 2017-08-28 00:13 - 000000000 ____D C:\Program Files\ZM0VV92DV5
2017-08-27 23:30 - 2017-08-27 23:59 - 000000000 ____D C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
2017-08-27 23:30 - 2017-08-27 23:30 - 000000270 __RSH C:\Users\Ann\ntuser.pol
2017-08-27 23:00 - 2017-08-27 23:00 - 000443072 _____ C:\ProgramData\clsid50662.exe
2017-08-27 23:00 - 2017-08-27 23:00 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-08-27 23:00 - 2017-08-27 23:00 - 000000000 ____D C:\Users\Ann\AppData\Roaming\BrowserModule
2017-08-27 22:59 - 2017-08-28 00:43 - 000000000 ____D C:\Program Files\O6IETL2KTG
2017-08-27 22:59 - 2017-08-28 00:42 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-08-27 22:59 - 2017-08-27 22:59 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files\JELWXY1S0N
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files (x86)\BZip
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\ev2j4efogkg
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\5ljln1303l0
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Program Files (x86)\ibvvhb5tzdt
2017-08-27 22:58 - 2017-08-28 00:12 - 000000000 ____D C:\Users\Ann\AppData\Roaming\isMiner
2017-08-27 22:58 - 2017-08-27 23:59 - 000000000 ____D C:\ProgramData\WindowsReporting
2017-08-27 00:36 - 2017-08-27 23:30 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2017-08-26 20:06 - 2017-08-26 20:06 - 000000000 ____D C:\Users\Ann\AppData\Local\ESET
2017-08-26 17:34 - 2017-08-26 17:34 - 000006100 _____ C:\Users\Ann\Downloads\sanglab.cfg
2017-08-25 19:13 - 2017-08-25 19:13 - 000526444 _____ C:\WINDOWS\Minidump\082517-5515-01.dmp
2017-08-24 14:21 - 2017-08-24 14:21 - 000513428 _____ C:\WINDOWS\Minidump\082417-5578-01.dmp
2017-08-15 21:49 - 2017-08-15 21:49 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-14 19:12 - 2017-08-14 19:12 - 007897776 _____ (Tim Kosse) C:\Users\Ann\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-08-09 21:06 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 21:06 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 21:06 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 21:06 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 21:06 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 21:06 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 21:06 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 21:06 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 21:06 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 21:06 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 21:06 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 21:06 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 21:06 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 21:06 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 21:06 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 21:06 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 21:06 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 21:06 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 21:06 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 21:06 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 21:06 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 21:06 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 21:06 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 21:06 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 21:06 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 21:06 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 21:06 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 21:06 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 21:06 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 21:06 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 21:06 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 21:06 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 21:06 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 21:06 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 21:06 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 21:06 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 21:06 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 21:06 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 21:06 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 21:06 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 21:06 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 21:06 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-09 21:06 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-09 21:06 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-09 21:06 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-09 21:06 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-09 21:06 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-09 21:06 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-09 21:06 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-09 21:06 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-09 21:06 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-09 21:06 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-09 21:06 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-09 21:06 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-09 21:06 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-09 21:06 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-09 21:06 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-09 21:06 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-09 21:06 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-09 21:06 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-09 21:06 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-09 21:06 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-09 21:06 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-09 21:06 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-09 21:06 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-09 21:06 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-09 21:06 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-09 21:06 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-09 21:06 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-09 21:06 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-09 21:06 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-09 21:06 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-09 21:06 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-09 21:06 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:06 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-09 21:06 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-09 21:06 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-09 21:06 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:06 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-09 21:06 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-09 21:06 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-09 21:06 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-09 21:06 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-09 21:06 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 21:06 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-09 21:06 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-09 21:06 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-09 21:06 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-09 21:06 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-09 21:06 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-09 21:06 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-09 21:06 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-09 21:06 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 21:06 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-09 21:06 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-09 21:06 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-09 21:06 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-09 21:06 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-09 21:05 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 21:05 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 21:05 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 21:05 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 21:05 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 21:05 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 21:05 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 21:05 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 21:05 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 21:05 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 21:05 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 21:05 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 21:05 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 21:05 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-08-09 21:05 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 21:05 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 21:05 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 21:05 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 21:05 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 21:05 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 21:05 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 21:05 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 21:05 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 21:05 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 21:05 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 21:05 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 21:05 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 21:05 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 21:05 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 21:05 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 21:05 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 21:05 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 21:05 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 21:05 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-09 21:05 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-09 21:05 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-09 21:05 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-09 21:05 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-09 21:05 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-09 21:05 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-09 21:05 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-09 21:05 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-09 21:05 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-09 21:05 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-09 21:05 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-09 21:05 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-09 21:05 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-09 21:05 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-09 21:05 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-09 21:05 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-09 21:05 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-08-09 21:05 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-09 21:05 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-09 21:05 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-09 21:05 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-09 21:05 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-09 21:05 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-09 21:05 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-09 21:05 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-09 21:05 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-09 21:05 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-09 21:05 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-09 21:05 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-09 21:05 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-09 21:05 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-09 21:05 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-09 21:05 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-09 21:05 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-09 21:05 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-09 21:05 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-09 21:05 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-09 21:05 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-09 21:05 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-09 21:05 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-09 21:05 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-09 21:05 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-09 21:05 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-01 14:35 - 2017-08-01 14:35 - 007873888 _____ (Tim Kosse) C:\Users\Ann\Downloads\FileZilla_3.27.0.1_win64-setup.exe
2017-07-31 14:53 - 2017-08-28 16:08 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-31 14:12 - 2017-07-31 14:12 - 009263408 _____ C:\Users\Ann\Downloads\xc.v8.3.1-cs.34976.170727.1739.bin
2017-07-31 14:12 - 2017-07-31 14:12 - 008982624 _____ C:\Users\Ann\Downloads\wa.v8.3.1-cs.34976.170727.1739.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-28 22:32 - 2017-06-19 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-28 22:32 - 2015-09-25 16:26 - 000000000 ____D C:\Users\Ann\AppData\Local\ClassicShell
2017-08-28 16:13 - 2017-06-19 22:15 - 003217974 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-28 16:13 - 2017-03-20 06:43 - 001497384 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-28 16:13 - 2017-03-20 06:43 - 000371744 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-28 16:08 - 2017-06-25 10:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-28 16:08 - 2017-06-19 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-28 16:08 - 2017-06-19 22:07 - 000000000 ____D C:\Users\Ann
2017-08-28 16:08 - 2017-03-18 13:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-08-28 16:08 - 2015-02-15 17:41 - 000000000 __SHD C:\Users\Ann\IntelGraphicsProfiles
2017-08-28 16:08 - 2014-03-04 19:56 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-28 15:46 - 2017-06-21 08:24 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-28 10:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-28 10:24 - 2015-08-09 21:31 - 000000000 ____D C:\Intel
2017-08-28 10:24 - 2014-02-26 15:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-08-28 09:43 - 2015-02-02 20:23 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-08-28 09:43 - 2015-02-02 20:23 - 000000000 ____D C:\Program Files\Java
2017-08-28 09:43 - 2014-12-04 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-28 09:42 - 2017-03-09 22:37 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-08-28 09:42 - 2015-02-21 19:33 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-08-28 09:41 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files (x86)\Java
2017-08-28 08:15 - 2017-06-16 17:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-28 08:15 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 08:15 - 2016-10-01 21:16 - 000000000 ____D C:\Users\Ann\AppData\Roaming\avidemux
2017-08-28 08:15 - 2014-02-26 15:18 - 000000000 ____D C:\Users\Ann\AppData\Roaming\TeamViewer
2017-08-28 08:15 - 2014-02-24 19:49 - 000000000 ____D C:\Users\Ann\AppData\Local\Google
2017-08-28 08:15 - 2014-02-18 19:44 - 000000000 ____D C:\Users\Ann\AppData\Local\Microsoft Help
2017-08-28 08:15 - 2013-05-20 05:30 - 000000000 ____D C:\ProgramData\Temp
2017-08-28 07:01 - 2017-05-26 09:33 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-08-28 04:37 - 2017-06-19 22:14 - 000004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB32EC7D-ED10-4321-9C5A-5AE04D4AE98C}
2017-08-28 01:42 - 2015-07-30 18:41 - 000000000 ____D C:\ProgramData\AVG
2017-08-27 23:55 - 2015-07-30 18:42 - 000000000 ____D C:\Users\Ann\AppData\Roaming\AVG
2017-08-27 23:40 - 2017-06-19 22:14 - 000003952 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396547936
2017-08-27 23:40 - 2014-04-03 19:58 - 000000000 ____D C:\Program Files (x86)\Opera
2017-08-27 23:30 - 2017-06-19 22:05 - 004988824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-27 23:30 - 2014-02-18 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 23:00 - 2016-11-17 23:12 - 000000000 ____D C:\Users\Ann\AppData\LocalLow\Mozilla
2017-08-27 23:00 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-08-27 13:34 - 2014-03-15 18:34 - 000000600 _____ C:\Users\Ann\AppData\Local\PUTTY.RND
2017-08-27 01:37 - 2014-02-24 19:50 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 01:37 - 2014-02-18 19:29 - 000001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-27 01:36 - 2014-03-18 21:24 - 000000000 ____D C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2017-08-26 23:47 - 2014-02-18 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-26 23:44 - 2015-06-20 16:56 - 000000000 ____D C:\Users\Ann\Downloads\Photodex ProShow Producer 7
2017-08-26 23:43 - 2014-03-23 16:16 - 000000000 ____D C:\Users\Ann\AppData\Roaming\KeePass
2017-08-26 03:15 - 2014-12-06 10:36 - 000000000 _____ C:\Users\Ann\rgut
2017-08-25 22:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-25 22:50 - 2017-06-30 23:09 - 000001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2017-08-25 19:19 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 09:51 - 2014-02-18 20:05 - 000000000 ____D C:\Users\Ann\AppData\Roaming\FileZilla
2017-08-23 03:27 - 2014-03-19 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-22 15:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-08-22 15:46 - 2014-02-18 20:31 - 000002252 ____H C:\Users\Ann\Documents\Default.rdp
2017-08-22 09:55 - 2016-03-16 23:30 - 000000672 _____ C:\Users\Ann\advanced_ip_scanner_MAC.bin
2017-08-20 21:13 - 2017-07-27 20:23 - 000000000 ____D C:\Users\Ann\AppData\Local\Deployment
2017-08-18 23:27 - 2017-03-18 14:56 - 000000000 ____D C:\Users\Ann\AppData\Roaming\Kuki
2017-08-15 21:49 - 2017-06-19 22:06 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-14 20:48 - 2016-08-15 09:38 - 000000000 ____D C:\Users\Ann\AppData\Local\ElevatedDiagnostics
2017-08-14 20:44 - 2014-05-17 10:48 - 000000501 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-08-14 20:19 - 2015-06-18 15:57 - 000000000 ____D C:\Users\Ann\Ubiquiti UniFi
2017-08-12 20:02 - 2017-06-19 22:14 - 000004596 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-08-12 20:02 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-12 20:01 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-11 20:26 - 2015-11-06 17:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 22:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-09 22:46 - 2015-09-10 07:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-09 21:09 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-09 21:08 - 2014-02-18 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 21:07 - 2014-02-18 19:03 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 19:14 - 2017-06-19 22:14 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-02-18 20:12 - 2014-02-18 20:12 - 000502313 _____ () C:\Program Files (x86)\AXSVision_Client_InstallLog.log
2014-04-26 10:05 - 2015-09-28 19:21 - 000000132 _____ () C:\Users\Ann\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-05-02 10:19 - 2014-05-02 10:20 - 000009707 _____ () C:\Users\Ann\AppData\Roaming\ContactSheetII.log
2014-02-18 21:24 - 2014-02-18 21:28 - 000000017 ____H () C:\Users\Ann\AppData\Roaming\mpdt294
2017-07-27 20:35 - 2017-07-27 20:44 - 000006484 _____ () C:\Users\Ann\AppData\Roaming\PS13_panel.log
2014-05-02 10:19 - 2014-05-02 10:19 - 000000728 _____ () C:\Users\Ann\AppData\Roaming\Stránka miniatur II.xml
2014-03-24 18:25 - 2014-03-24 18:36 - 000012187 _____ () C:\Users\Ann\AppData\Roaming\WinSCP.ini
2014-03-24 18:33 - 2014-03-24 18:36 - 000000600 _____ () C:\Users\Ann\AppData\Roaming\winscp.rnd
2014-02-22 11:08 - 2015-07-21 14:08 - 000001480 _____ () C:\Users\Ann\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-06-22 12:15 - 2016-06-22 14:46 - 000004608 _____ () C:\Users\Ann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-15 18:34 - 2017-08-27 13:34 - 000000600 _____ () C:\Users\Ann\AppData\Local\PUTTY.RND
2017-08-27 23:00 - 2017-08-27 23:00 - 000443072 _____ () C:\ProgramData\clsid50662.exe
2013-06-12 10:37 - 2013-06-12 10:37 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-10-01 20:53 - 2016-10-01 20:53 - 000000016 _____ () C:\ProgramData\mntemp

Files to move or delete:
====================
C:\ProgramData\clsid50662.exe


Some files in TEMP:
====================
2017-07-14 11:27 - 2017-07-14 11:27 - 000288456 _____ (Adobe Systems Incorporated) C:\Users\Ann\AppData\Local\Temp\AAMHelper.exe
2017-07-14 11:26 - 2015-03-05 08:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\Ann\AppData\Local\Temp\AdobeApplicationManager.exe
2017-08-27 22:58 - 2017-08-27 22:58 - 000530739 _____ ( ) C:\Users\Ann\AppData\Local\Temp\Bestziper.exe
2017-08-27 22:59 - 2017-08-27 22:59 - 000636174 _____ (bIaW9Mwc2MRI1eCxeewZ ) C:\Users\Ann\AppData\Local\Temp\browmodule.exe
2017-06-21 21:19 - 2017-06-21 21:19 - 000739904 _____ (Oracle Corporation) C:\Users\Ann\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-08-27 22:59 - 2017-08-27 22:59 - 000374181 _____ (WeMonetize ) C:\Users\Ann\AppData\Local\Temp\MOK72LG.exe
2017-08-27 23:00 - 2017-08-27 23:00 - 000443072 _____ () C:\Users\Ann\AppData\Local\Temp\msclean.exe
2017-06-22 20:54 - 2017-06-22 20:54 - 000686592 _____ () C:\Users\Ann\AppData\Local\Temp\snappy-1.0.5-snappyjava.dll
2017-08-27 22:58 - 2017-08-27 22:58 - 001199825 _____ () C:\Users\Ann\AppData\Local\Temp\unins000.exe
2017-08-27 22:58 - 2017-08-27 22:58 - 000707434 _____ (VideoBox ) C:\Users\Ann\AppData\Local\Temp\v-b.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Antivirus (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ann\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.zip
Addition
(10.6 KiB) Staženo 93 x
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Přesměrování webu

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
prudil
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 28 srp 2017 21:49

Re: Přesměrování webu

#3 Příspěvek od prudil »

Také vám krásný den...


# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 12:48:09 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Program Files (x86)\ShutdownTime
Deleted: C:\Users\Ann\AppData\Roaming\isMiner
Deleted: C:\ProgramData\WindowsReporting
Deleted: C:\Users\All Users\WindowsReporting
Deleted: C:\Users\Ann\AppData\Roaming\BROWSERMODULE
Deleted: C:\Program Files (x86)\SecurityXploded
Deleted: C:\Program Files (x86)\SmartSound Software


***** [ Files ] *****

Deleted: C:\Windows\SysNative\drivers\wfcre.sys
Deleted: C:\Windows\Reimage.ini


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk[https:\\launchpage.org\?uid=oTlKGKjchx0cXe9WMhgVr8dgR1q81ylnbkmFGqecuHPu5KJsRsiLpzkRpoy9R97PIik%3D]
Cleaned: C:\Users\Ann\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk[https:\\launchpage.org\?uid=oTlKGKjchx0cXe9WMhgVr8dgR1q81ylnbkmFGqecuHPu5KJsRsiLpzkRpoy9R97PIik%3D]


***** [ Tasks ] *****

Deleted: Microsoft\Windows\Windows Error Reporting\ErrorReporting


***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.solvusoft.com
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\smarttweak
Deleted: [Key] - HKCU\Software\smarttweak
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Value] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|FixMyRegistry
Deleted: [Value] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SpeedUpMyComputer
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ShutdownTime
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ShutdownTime
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Reimage
Deleted: [Key] - HKCU\Software\Reimage
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\isMiner
Deleted: [Key] - HKCU\Software\isMiner
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\BigTime
Deleted: [Key] - HKCU\Software\Microsoft\BigTime
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

Plugin deleted: Tables -


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [6277 B] - [2017/8/29 12:46:29]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Přesměrování webu

#4 Příspěvek od altrok »

:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Tentokrat poprosim bez pouziti FRSTLauncheru - spustte tedy jen samotny FRST64.exe
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
prudil
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 28 srp 2017 21:49

Re: Přesměrování webu

#5 Příspěvek od prudil »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Ann (administrator) on KROVAK (29-08-2017 22:05:32)
Running from C:\Users\Ann\Desktop
Loaded Profiles: Ann (Available Profiles: Ann)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Andrey Gruber) C:\PNotes\PNotes.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\Time.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-08-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-12-09] ()
HKLM-x32\...\Run: [Wondershare Media Server] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\MediaLibServer.exe [215440 2014-12-09] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {be515169-72fc-11e5-81f7-0c8bfd05f78e} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} - "D:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-06-12]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2015-02-04]
ShortcutTarget: PNotes.lnk -> C:\PNotes\PNotes.exe (Andrey Gruber)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{83bb79ee-247b-4545-a1ee-8ea5bf4ac218}: [NameServer] 100.70.100.70
Tcpip\..\Interfaces\{83bb79ee-247b-4545-a1ee-8ea5bf4ac218}: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{b1b011e8-5509-4c9d-b365-af92136040df}: [DhcpNameServer] 192.168.255.1
Tcpip\..\Interfaces\{ba13801a-3cdf-4fe3-88a0-c8930940e45f}: [DhcpNameServer] 100.70.100.70 100.70.70.100

Internet Explorer:
==================
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> DefaultScope {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-28] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-12-09] (Wondershare)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default [2017-08-29]
FF user.js: detected! => C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\6mz5a0ld.default -> www.google.cz
FF Session Restore: Mozilla\Firefox\Profiles\6mz5a0ld.default -> is enabled.
FF Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\378507@extcorp.net.xpi [2017-08-23]
FF Extension: (Duplicate This Tab) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2016-04-28]
FF Extension: (Translate This!) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2016-11-05]
FF Extension: (Context Search) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi [2016-03-20]
FF Extension: (Adblock Plus) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Extended Statusbar) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2016-06-16]
FF Extension: (Firefox Screenshots) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\features\{049b8c47-e382-45a4-9ee1-755e0c6bb59c}\screenshots@mozilla.org.xpi [2017-08-28]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\dawiki.xml [2015-02-27]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\hellspy.xml [2014-01-12]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\ulozto.xml [2014-01-12]
FF SearchPlugin: C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-03-18]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-10-01] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-02-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: GvNPRT -> C:\Program Files (x86)\GvNPRT\nprt_gvx.dll [2013-05-31] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprt_gvx.dll [2013-05-31] ( )
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js [2017-08-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\12939359.cfg [2017-08-25] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default [2017-08-29]
CHR Extension: (Dokumenty Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-19]
CHR Extension: (Tables) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-31]
CHR Extension: (AVG SafePrice) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
CHR Extension: (Gmail) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-08-27]
OPR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [312712 2017-08-27] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7481648 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-08-01] (AVG Technologies CZ, s.r.o.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-17] (Intel)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2015-02-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-16] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-10-06] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-02-02] ()
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2016-03-28] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-10-06] (Intel® Corporation)
S2 clsid50662; C:\ProgramData\clsid50662.exe [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [313616 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-08-27] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [139112 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\WINDOWS\system32\drivers\avgNetSec.sys [546968 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102792 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [578048 2017-08-27] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [191208 2017-08-27] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [353744 2017-08-27] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-02-16] (Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-02-16] (Huawei Technologies Co., Ltd.)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-16] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-16] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-16] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [30072 2015-10-07] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [23416 2015-10-07] (Acer Incorporated)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [77920 2017-01-17] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-17] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-08-29] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-29 14:45 - 2017-08-29 14:48 - 000000000 ____D C:\AdwCleaner
2017-08-29 14:43 - 2017-08-29 14:43 - 008185288 _____ (Malwarebytes) C:\Users\Ann\Desktop\adwcleaner_7.0.1.0.exe
2017-08-28 22:53 - 2017-08-29 22:06 - 000031736 _____ C:\Users\Ann\Desktop\FRST.txt
2017-08-28 22:42 - 2017-08-28 22:42 - 000112640 _____ (forum.viry.cz) C:\Users\Ann\Desktop\FRSTLauncher.exe
2017-08-28 22:37 - 2017-08-29 22:05 - 000000000 ____D C:\FRST
2017-08-28 22:36 - 2017-08-28 22:36 - 002395648 _____ (Farbar) C:\Users\Ann\Desktop\FRST64.exe
2017-08-28 22:10 - 2017-08-28 22:10 - 000000000 ___HD C:\$SysReset
2017-08-28 15:57 - 2017-08-28 15:57 - 000032312 _____ C:\Users\Ann\Downloads\config.bin
2017-08-28 15:46 - 2017-08-28 15:46 - 000514284 _____ C:\WINDOWS\Minidump\082817-6187-01.dmp
2017-08-28 09:42 - 2017-08-28 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-08-28 08:15 - 2017-08-28 08:15 - 000003798 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-08-28 01:17 - 2017-08-28 01:17 - 000002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-08-27 23:59 - 2017-08-27 23:59 - 000000000 ___HD C:\$AV_AVG
2017-08-27 23:55 - 2017-08-27 23:55 - 000002598 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-08-27 23:55 - 2017-02-21 09:29 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-08-27 23:45 - 2017-08-29 10:26 - 000004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-08-27 23:45 - 2017-08-27 23:46 - 001008288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsnx.sys
2017-08-27 23:45 - 2017-08-27 23:46 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmonflt.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000578048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000546968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetSec.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000401584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-08-27 23:45 - 2017-08-27 23:45 - 000353744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000313616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000191208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-08-27 23:45 - 2017-08-27 23:45 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-08-27 23:44 - 2017-08-27 23:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-08-27 23:42 - 2017-08-27 23:55 - 000000000 ____D C:\Program Files (x86)\AVG
2017-08-27 23:42 - 2017-08-27 23:54 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-08-27 23:41 - 2017-08-27 23:55 - 000000000 ____D C:\Users\Ann\AppData\Local\AvgSetupLog
2017-08-27 23:41 - 2017-08-27 23:55 - 000000000 ____D C:\Users\Ann\AppData\Local\Avg
2017-08-27 23:30 - 2017-08-28 00:13 - 000000000 ____D C:\Program Files\ZM0VV92DV5
2017-08-27 23:30 - 2017-08-27 23:59 - 000000000 ____D C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
2017-08-27 23:30 - 2017-08-27 23:30 - 000000270 __RSH C:\Users\Ann\ntuser.pol
2017-08-27 23:00 - 2017-08-27 23:00 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-08-27 22:59 - 2017-08-28 00:43 - 000000000 ____D C:\Program Files\O6IETL2KTG
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files\JELWXY1S0N
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files (x86)\BZip
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\ev2j4efogkg
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\5ljln1303l0
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Program Files (x86)\ibvvhb5tzdt
2017-08-27 00:36 - 2017-08-27 23:30 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2017-08-26 20:06 - 2017-08-26 20:06 - 000000000 ____D C:\Users\Ann\AppData\Local\ESET
2017-08-26 17:34 - 2017-08-26 17:34 - 000006100 _____ C:\Users\Ann\Downloads\sanglab.cfg
2017-08-25 19:13 - 2017-08-25 19:13 - 000526444 _____ C:\WINDOWS\Minidump\082517-5515-01.dmp
2017-08-24 14:21 - 2017-08-24 14:21 - 000513428 _____ C:\WINDOWS\Minidump\082417-5578-01.dmp
2017-08-15 21:49 - 2017-08-15 21:49 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-14 19:12 - 2017-08-14 19:12 - 007897776 _____ (Tim Kosse) C:\Users\Ann\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-08-09 21:06 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 21:06 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 21:06 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 21:06 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 21:06 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 21:06 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 21:06 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 21:06 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 21:06 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 21:06 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 21:06 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 21:06 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 21:06 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 21:06 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 21:06 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 21:06 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 21:06 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 21:06 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 21:06 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 21:06 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 21:06 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 21:06 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 21:06 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 21:06 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 21:06 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 21:06 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 21:06 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 21:06 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 21:06 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 21:06 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 21:06 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 21:06 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 21:06 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 21:06 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 21:06 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 21:06 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 21:06 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 21:06 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 21:06 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 21:06 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 21:06 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 21:06 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 21:06 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 21:06 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 21:06 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 21:06 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 21:06 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-09 21:06 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-09 21:06 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-09 21:06 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-09 21:06 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-09 21:06 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-09 21:06 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-09 21:06 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-09 21:06 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-09 21:06 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-09 21:06 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-09 21:06 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-09 21:06 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-09 21:06 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-09 21:06 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-09 21:06 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-09 21:06 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-09 21:06 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-09 21:06 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-09 21:06 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-09 21:06 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-09 21:06 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-09 21:06 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-09 21:06 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-09 21:06 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-09 21:06 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-09 21:06 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-09 21:06 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-09 21:06 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-09 21:06 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-09 21:06 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-09 21:06 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-09 21:06 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-09 21:06 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-09 21:06 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-09 21:06 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-09 21:06 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:06 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-09 21:06 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-09 21:06 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-09 21:06 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-09 21:06 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-09 21:06 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:06 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-09 21:06 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-09 21:06 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-09 21:06 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-09 21:06 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-09 21:06 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-09 21:06 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 21:06 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-09 21:06 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-09 21:06 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-09 21:06 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-09 21:06 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-09 21:06 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-09 21:06 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-09 21:06 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-09 21:06 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-09 21:06 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-09 21:06 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-09 21:06 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-09 21:06 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-09 21:06 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-09 21:06 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 21:06 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-09 21:06 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-09 21:06 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-09 21:06 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-09 21:06 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-09 21:05 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 21:05 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 21:05 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 21:05 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 21:05 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 21:05 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 21:05 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 21:05 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 21:05 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 21:05 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 21:05 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 21:05 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 21:05 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 21:05 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 21:05 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-08-09 21:05 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 21:05 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 21:05 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 21:05 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 21:05 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 21:05 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 21:05 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 21:05 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 21:05 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 21:05 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 21:05 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 21:05 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 21:05 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 21:05 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 21:05 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 21:05 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 21:05 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 21:05 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 21:05 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 21:05 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 21:05 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 21:05 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-09 21:05 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-09 21:05 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-09 21:05 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-09 21:05 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-09 21:05 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-09 21:05 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-09 21:05 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-09 21:05 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-09 21:05 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-09 21:05 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-09 21:05 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-09 21:05 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-09 21:05 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-09 21:05 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-09 21:05 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-09 21:05 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-09 21:05 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-09 21:05 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-09 21:05 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-08-09 21:05 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-09 21:05 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-09 21:05 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-09 21:05 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-09 21:05 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-09 21:05 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-09 21:05 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-09 21:05 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-09 21:05 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-09 21:05 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-09 21:05 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-09 21:05 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-09 21:05 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-09 21:05 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-09 21:05 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-09 21:05 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-09 21:05 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-09 21:05 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-09 21:05 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-09 21:05 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-09 21:05 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-09 21:05 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-09 21:05 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-09 21:05 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-09 21:05 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-09 21:05 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-09 21:05 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-09 21:05 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-09 21:05 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-09 21:05 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-09 21:05 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-09 21:05 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-09 21:05 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-09 21:05 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-09 21:05 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-01 14:35 - 2017-08-01 14:35 - 007873888 _____ (Tim Kosse) C:\Users\Ann\Downloads\FileZilla_3.27.0.1_win64-setup.exe
2017-07-31 14:53 - 2017-08-29 14:48 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-31 14:12 - 2017-07-31 14:12 - 009263408 _____ C:\Users\Ann\Downloads\xc.v8.3.1-cs.34976.170727.1739.bin
2017-07-31 14:12 - 2017-07-31 14:12 - 008982624 _____ C:\Users\Ann\Downloads\wa.v8.3.1-cs.34976.170727.1739.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-29 21:43 - 2017-06-19 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-29 21:03 - 2017-06-19 22:14 - 000004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB32EC7D-ED10-4321-9C5A-5AE04D4AE98C}
2017-08-29 14:54 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-29 14:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-29 14:53 - 2017-06-19 22:15 - 003275274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-29 14:53 - 2017-03-20 06:43 - 001526980 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-29 14:53 - 2017-03-20 06:43 - 000380544 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-29 14:48 - 2017-06-25 10:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-29 14:48 - 2017-06-19 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-29 14:48 - 2017-06-19 22:07 - 000000000 ____D C:\Users\Ann
2017-08-29 14:48 - 2017-03-18 13:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-08-29 14:48 - 2015-02-15 17:41 - 000000000 __SHD C:\Users\Ann\IntelGraphicsProfiles
2017-08-29 14:48 - 2014-03-04 19:56 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-29 10:27 - 2014-02-26 15:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-08-29 10:17 - 2017-06-21 08:24 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-29 10:17 - 2015-11-15 10:59 - 000188618 ____N C:\WINDOWS\Minidump\082917-6421-01.dmp
2017-08-28 22:32 - 2015-09-25 16:26 - 000000000 ____D C:\Users\Ann\AppData\Local\ClassicShell
2017-08-28 10:24 - 2015-08-09 21:31 - 000000000 ____D C:\Intel
2017-08-28 09:43 - 2015-02-02 20:23 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-08-28 09:43 - 2015-02-02 20:23 - 000000000 ____D C:\Program Files\Java
2017-08-28 09:43 - 2014-12-04 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-28 09:42 - 2017-03-09 22:37 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-08-28 09:42 - 2015-02-21 19:33 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-08-28 09:41 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files (x86)\Java
2017-08-28 08:15 - 2017-06-16 17:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-28 08:15 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 08:15 - 2016-10-01 21:16 - 000000000 ____D C:\Users\Ann\AppData\Roaming\avidemux
2017-08-28 08:15 - 2014-02-26 15:18 - 000000000 ____D C:\Users\Ann\AppData\Roaming\TeamViewer
2017-08-28 08:15 - 2014-02-24 19:49 - 000000000 ____D C:\Users\Ann\AppData\Local\Google
2017-08-28 08:15 - 2014-02-18 19:44 - 000000000 ____D C:\Users\Ann\AppData\Local\Microsoft Help
2017-08-28 08:15 - 2013-05-20 05:30 - 000000000 ____D C:\ProgramData\Temp
2017-08-28 07:01 - 2017-05-26 09:33 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-08-28 01:42 - 2015-07-30 18:41 - 000000000 ____D C:\ProgramData\AVG
2017-08-27 23:55 - 2015-07-30 18:42 - 000000000 ____D C:\Users\Ann\AppData\Roaming\AVG
2017-08-27 23:40 - 2017-06-19 22:14 - 000003952 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396547936
2017-08-27 23:40 - 2014-04-03 19:58 - 000000000 ____D C:\Program Files (x86)\Opera
2017-08-27 23:30 - 2017-06-19 22:05 - 004988824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-27 23:30 - 2014-02-18 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 23:00 - 2016-11-17 23:12 - 000000000 ____D C:\Users\Ann\AppData\LocalLow\Mozilla
2017-08-27 23:00 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-08-27 13:34 - 2014-03-15 18:34 - 000000600 _____ C:\Users\Ann\AppData\Local\PUTTY.RND
2017-08-27 01:37 - 2014-02-24 19:50 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 01:37 - 2014-02-18 19:29 - 000001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-26 23:47 - 2014-02-18 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-26 23:44 - 2015-06-20 16:56 - 000000000 ____D C:\Users\Ann\Downloads\Photodex ProShow Producer 7
2017-08-26 23:43 - 2014-03-23 16:16 - 000000000 ____D C:\Users\Ann\AppData\Roaming\KeePass
2017-08-26 03:15 - 2014-12-06 10:36 - 000000000 _____ C:\Users\Ann\rgut
2017-08-25 22:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-25 22:50 - 2017-06-30 23:09 - 000001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2017-08-24 09:51 - 2014-02-18 20:05 - 000000000 ____D C:\Users\Ann\AppData\Roaming\FileZilla
2017-08-23 03:27 - 2014-03-19 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-22 15:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-08-22 15:46 - 2014-02-18 20:31 - 000002252 ____H C:\Users\Ann\Documents\Default.rdp
2017-08-22 09:55 - 2016-03-16 23:30 - 000000672 _____ C:\Users\Ann\advanced_ip_scanner_MAC.bin
2017-08-20 21:13 - 2017-07-27 20:23 - 000000000 ____D C:\Users\Ann\AppData\Local\Deployment
2017-08-18 23:27 - 2017-03-18 14:56 - 000000000 ____D C:\Users\Ann\AppData\Roaming\Kuki
2017-08-15 21:49 - 2017-06-19 22:06 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-14 20:48 - 2016-08-15 09:38 - 000000000 ____D C:\Users\Ann\AppData\Local\ElevatedDiagnostics
2017-08-14 20:44 - 2014-05-17 10:48 - 000000501 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-08-14 20:19 - 2015-06-18 15:57 - 000000000 ____D C:\Users\Ann\Ubiquiti UniFi
2017-08-12 20:02 - 2017-06-19 22:14 - 000004596 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-08-12 20:02 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-12 20:01 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-11 20:26 - 2015-11-06 17:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 22:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-09 22:46 - 2015-09-10 07:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-09 22:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-09 21:09 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-09 21:08 - 2014-02-18 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 21:07 - 2014-02-18 19:03 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 19:14 - 2017-06-19 22:14 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-02-18 20:12 - 2014-02-18 20:12 - 000502313 _____ () C:\Program Files (x86)\AXSVision_Client_InstallLog.log
2014-04-26 10:05 - 2015-09-28 19:21 - 000000132 _____ () C:\Users\Ann\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-05-02 10:19 - 2014-05-02 10:20 - 000009707 _____ () C:\Users\Ann\AppData\Roaming\ContactSheetII.log
2014-02-18 21:24 - 2014-02-18 21:28 - 000000017 ____H () C:\Users\Ann\AppData\Roaming\mpdt294
2017-07-27 20:35 - 2017-07-27 20:44 - 000006484 _____ () C:\Users\Ann\AppData\Roaming\PS13_panel.log
2014-05-02 10:19 - 2014-05-02 10:19 - 000000728 _____ () C:\Users\Ann\AppData\Roaming\Stránka miniatur II.xml
2014-03-24 18:25 - 2014-03-24 18:36 - 000012187 _____ () C:\Users\Ann\AppData\Roaming\WinSCP.ini
2014-03-24 18:33 - 2014-03-24 18:36 - 000000600 _____ () C:\Users\Ann\AppData\Roaming\winscp.rnd
2014-02-22 11:08 - 2015-07-21 14:08 - 000001480 _____ () C:\Users\Ann\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-06-22 12:15 - 2016-06-22 14:46 - 000004608 _____ () C:\Users\Ann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-15 18:34 - 2017-08-27 13:34 - 000000600 _____ () C:\Users\Ann\AppData\Local\PUTTY.RND
2013-06-12 10:37 - 2013-06-12 10:37 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-10-01 20:53 - 2016-10-01 20:53 - 000000016 _____ () C:\ProgramData\mntemp

Some files in TEMP:
====================
2017-07-14 11:27 - 2017-07-14 11:27 - 000288456 _____ (Adobe Systems Incorporated) C:\Users\Ann\AppData\Local\Temp\AAMHelper.exe
2017-07-14 11:26 - 2015-03-05 08:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\Ann\AppData\Local\Temp\AdobeApplicationManager.exe
2017-08-27 22:58 - 2017-08-27 22:58 - 000530739 _____ ( ) C:\Users\Ann\AppData\Local\Temp\Bestziper.exe
2017-08-27 22:59 - 2017-08-27 22:59 - 000636174 _____ (bIaW9Mwc2MRI1eCxeewZ ) C:\Users\Ann\AppData\Local\Temp\browmodule.exe
2017-06-21 21:19 - 2017-06-21 21:19 - 000739904 _____ (Oracle Corporation) C:\Users\Ann\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-08-27 22:59 - 2017-08-27 22:59 - 000374181 _____ (WeMonetize ) C:\Users\Ann\AppData\Local\Temp\MOK72LG.exe
2017-08-27 23:00 - 2017-08-27 23:00 - 000443072 _____ () C:\Users\Ann\AppData\Local\Temp\msclean.exe
2017-06-22 20:54 - 2017-06-22 20:54 - 000686592 _____ () C:\Users\Ann\AppData\Local\Temp\snappy-1.0.5-snappyjava.dll
2017-08-27 22:58 - 2017-08-27 22:58 - 001199825 _____ () C:\Users\Ann\AppData\Local\Temp\unins000.exe
2017-08-27 22:58 - 2017-08-27 22:58 - 000707434 _____ (VideoBox ) C:\Users\Ann\AppData\Local\Temp\v-b.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-28 22:15

==================== End of FRST.txt ============================
Nahoru
prudil
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 28 srp 2017 21:49

Re: Přesměrování webu

#6 Příspěvek od prudil »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Ann (29-08-2017 22:07:21)
Running from C:\Users\Ann\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-19 20:17:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1171680460-3079032358-4087076128-500 - Administrator - Disabled)
Ann (S-1-5-21-1171680460-3079032358-4087076128-1001 - Administrator - Enabled) => C:\Users\Ann
DefaultAccount (S-1-5-21-1171680460-3079032358-4087076128-503 - Limited - Disabled)
Guest (S-1-5-21-1171680460-3079032358-4087076128-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1171680460-3079032358-4087076128-1009 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Antivirus (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM-x32\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.4.1 - Angry IP Scanner)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (HKLM\...\{434FBA38-0562-4F98-9436-4B45C0C0EF0B}) (Version: 1.201.2 - AVG Technologies) Hidden
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 17.5.3022 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
AXSVision Client (HKLM-x32\...\AXSVision Client) (Version: 7.4.0.0 - Motorola, Inc)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CollageIt 1.9.3 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version: 1.9.3 - PearlMountain Technology Co., Ltd)
CyberLink PhotoDirector Suite 6 (HKLM-x32\...\{AB50FB13-B5AE-4BFB-AC8B-4560E2A8DBAC}) (Version: 6.0 - CyberLink Corp.)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2820.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DVD Filmotéka 1.6.2 (HKLM-x32\...\DVD Filmotéka) (Version: 1.6.2 - Miroslav Jasso)
FileZilla Client 3.9.0-rc3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0-rc3 - Tim Kosse)
FMW 1 (HKLM\...\{1DA9CD4A-687F-4075-A828-0A3ACB901438}) (Version: 1.222.1 - AVG Technologies) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
GeoVision ADPCM (HKLM-x32\...\GeoADPCM) (Version: - )
GeoVision Audio (HKLM-x32\...\GeoAudio) (Version: - )
GeoVision H264 (HKLM-x32\...\Codec_264) (Version: - )
GeoVision JPEG (HKLM-x32\...\Codec_jpeg) (Version: - )
GeoVision MJPG (HKLM-x32\...\Codec_MJPG) (Version: - )
GeoVision MPEG2 (HKLM-x32\...\Codec_mp2) (Version: - )
GeoVision MPEG4 (HKLM-x32\...\GEOXCodec) (Version: - )
GeoVision MPEG4 ASP (HKLM-x32\...\Codec_amp4) (Version: - )
GeoVision MPEG4 AVC (HKLM-x32\...\Codec_AVC) (Version: - )
GeoVision MXPG (HKLM-x32\...\Codec_MXPG) (Version: - )
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
HID Monitor (HKLM-x32\...\{E7DF7773-E78D-471E-9A3A-2AB55959F215}) (Version: 1.1.5 - Acer Incorporated)
HP Officejet 100 Mobile L411 14.0 Rel. 6 (HKLM\...\{36419AF2-1B07-4517-984B-ACCA10782FCC}) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.7.27.15 - Hewlett-Packard Company)
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Driver Update Utility 2.2 (HKLM-x32\...\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}) (Version: 2.2.0.1 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{DBECAE94-4C04-40AC-9AFB-FA9953258EAF}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{560C0B14-F973-4361-B073-B45AF9D538CF}) (Version: 17.1.1531.1764 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
Kolor Autopano Giga 3.0 (HKLM\...\AutopanoGiga3.0) (Version: V3.0.7 - Kolor)
Kuki (HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
L411 (HKLM-x32\...\{97FC7F51-C03A-49FE-ACCC-242C99475BC2}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Help (HKLM-x32\...\{5420FFDB-0FF9-4E6F-88BB-2382B586B3C5}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Software_Min (HKLM-x32\...\{1C33CD2B-91E8-4623-B5CC-EFB020E9554E}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Mapedit (HKLM-x32\...\Mapedit) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 cs)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
NEW fotoknihy online (HKLM-x32\...\Fotoknihy online_NEW fotoknihy online) (Version: - )
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
ODF Add-in for Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
Opera Stable 47.0.2631.71 (HKLM-x32\...\Opera 47.0.2631.71) (Version: 47.0.2631.71 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Collage Maker Pro 4.1.2 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.1.2 - PearlMountain Technology Co., Ltd)
PNotes 9.3.0 (HKLM-x32\...\{949D34E5-F53F-4830-9A50-1E2C39109043}_is1) (Version: 9.3.0 - Andrey Gruber)
Poradce pro upgrade na systém Windows 7 (HKLM-x32\...\{C3A13A35-63AC-427a-92E6-960C1D01FABB}) (Version: 2.0.5000.0 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
PTGui Pro 9.0 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Serviio (HKLM\...\Serviio) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.82216 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-21 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 8.0.2.8) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.2.8 - Wondershare Software)
X264 (HKLM-x32\...\Codec_X264) (Version: - )
XVID (HKLM-x32\...\Codec_XVID) (Version: - )
XYplorer 17.00 (HKLM-x32\...\XYplorer) (Version: 17.00 - Donald Lessau, Cologne Code Company)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers1-x32: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-08-27] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1-x32-x32: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files (x86)\PSPad editor\PSPadShell.dll [2009-11-16] ()
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWoW64\WSCM64.dll [2014-10-24] ()
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [AutopanoShell.ShellContextMenu] -> {4B4F4C4F-5220-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Giga 3.0\AutopanoShell_x64.dll [2013-07-24] (Kolor)
ContextMenuHandlers4-x32: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4-x32: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers6-x32: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-08-27] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6-x32: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A3EE7D0-2CF6-4302-87EE-E0D9E9828EDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {18B3AADD-C84F-4F76-A56C-FF275F77D58F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {1E2230FB-2DFD-4EBA-9088-3B26A0F161DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {20131466-9A07-4702-AB64-2B0F68FCB471} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {23C7501F-EB5F-477E-A57A-AF3913D66CDF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {24563B6A-209D-45E1-9043-52BDD4820037} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-08-27] (AVG Technologies CZ, s.r.o.)
Task: {3111E351-B4B8-48A2-BA09-BF21478CBA6E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {335F20F6-581D-46BC-818C-8C22C2359916} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BD3BF38-FC3A-4F6B-8609-EEB25F974E03} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {3C5EB29D-1427-4635-A9D3-61A69D8B52F2} - System32\Tasks\HIDMonitor => C:\Program Files\Acer Incorporated\HID Monitor\HIDMonitor.exe
Task: {467A0381-47DA-4247-B2D4-B0595D318DA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {4CC64188-DFC3-4650-A51E-458AB5F494F8} - System32\Tasks\Opera scheduled Autoupdate 1396547936 => C:\Program Files (x86)\Opera\launcher.exe [2017-08-25] (Opera Software)
Task: {5C6DF15F-41AF-48E8-BB2E-254CB1537AD4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5D848DFE-D25A-4691-BC44-AEB88E9F459E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-12] (Adobe Systems Incorporated)
Task: {5F4D78B0-012D-423C-8A58-46DCCD42C02A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {72267DE4-7B7D-4078-A887-5606421709EF} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {7600848B-706D-4CB7-9D62-D7BDF8B8B800} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {7ECA8078-BC7A-44F2-BB57-FD8DA7A6E70A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7F6256FE-736E-4180-8BB4-F651A87F6DF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {845B9C76-8189-4AEE-A45D-7171DC9FEF17} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8CB68B1F-D590-4AFF-878A-F724CC3C0DE6} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {9569459F-4076-4AD8-9C5F-95D446DAA23C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {968EA9CE-06D9-4788-83DC-CBB2459E9FF4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
Task: {9F65F489-AEC3-47A1-ABA2-3464A522E0C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7C122CD-E748-473E-AEA1-D033B0822D31} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9BA8DC1-80BC-4958-AA2A-C84BEBA48665} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B8808015-9A01-4A68-BF37-9C60B5ED0676} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C1D1E4AD-6FA8-447C-9715-F423F2FD233B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {C2C6D378-F757-44E9-9A33-F00DBFD0170C} - System32\Tasks\{BA7CD60C-49A1-4D12-83D4-7870B46FDAF8} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ann\Downloads\UniFi-installer.exe -d C:\Users\Ann\Downloads
Task: {C95CEF24-E9F3-4665-A548-F997C0C88547} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-12] (Adobe Systems Incorporated)
Task: {D13317B2-30CC-40A1-BAFD-136E13F39B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D1B18204-E7E8-4C2A-80F0-8DDB410ABEAA} - \Optimize Start Menu Cache Files-S-1-5-21-1171680460-3079032358-4087076128-1001 -> No File <==== ATTENTION
Task: {E078E2BF-9196-4194-A495-4D93B7AC8D71} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F5F52D3E-A086-44DD-B00E-ED5CCBBD913B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-09] (Microsoft Corporation)
Task: {FDFDBBF1-BE2E-4C7A-BD40-FD48DD1F9CE9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Ann\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com

==================== Loaded Modules (Whitelisted) ==============

2013-04-16 00:45 - 2013-04-16 00:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-16 00:45 - 2013-04-16 00:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-06-20 16:39 - 2016-02-02 14:39 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2016-03-28 23:06 - 2016-03-28 23:06 - 000327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2015-09-05 11:41 - 2015-09-30 20:39 - 000415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-05-26 03:18 - 2017-05-26 03:18 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-06-12 10:52 - 2013-02-21 07:58 - 000111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 000098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-10-01 21:44 - 2014-10-24 14:16 - 000721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2012-08-23 23:02 - 2012-08-23 23:02 - 000030640 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-15 02:38 - 2017-05-15 02:38 - 034957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-08-22 20:24 - 2017-08-22 20:24 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 20:24 - 2017-08-22 20:24 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-22 20:24 - 2017-08-22 20:24 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-22 20:24 - 2017-08-22 20:24 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-18 10:40 - 2017-08-18 10:41 - 029627904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 020719104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 003065856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-08 23:20 - 2017-06-08 23:20 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-03 08:02 - 2017-06-03 08:02 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-18 10:40 - 2017-08-18 10:41 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-08-29 14:53 - 2017-08-29 14:54 - 004354560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\Time.exe
2017-08-29 14:53 - 2017-08-29 14:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-08-29 14:53 - 2017-08-29 14:54 - 000819712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\TimeControls.dll
2017-08-29 14:53 - 2017-08-29 14:54 - 000821248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2016-12-18 21:56 - 2016-03-28 23:06 - 000006656 _____ () C:\Program Files\Serviio\lib\winp.dll
2013-01-05 01:19 - 2013-01-05 01:19 - 000035336 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll
2017-08-27 23:42 - 2017-08-27 23:42 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 000171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 001067056 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 000193784 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 000225376 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-08-27 23:45 - 2017-08-27 23:45 - 000690392 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-08-29 14:48 - 2017-08-29 14:48 - 000098816 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32api.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000110080 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\pywintypes27.dll
2017-08-29 14:48 - 2017-08-29 14:48 - 000364544 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\pythoncom27.dll
2017-08-29 14:48 - 2017-08-29 14:48 - 000320512 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32com.shell.shell.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000914432 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_hashlib.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 001176576 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._core_.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000806400 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._gdi_.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000816128 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._windows_.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 001067008 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._controls_.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000733184 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._misc_.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000682496 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\pysqlite2._sqlite.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000088064 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_ctypes.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000686080 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\unicodedata.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000119808 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32file.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000108544 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32security.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000007168 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\hashobjs_ext.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000017920 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\thumbnails_ext.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000088064 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\usb_ext.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000012800 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\common.time34.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000018432 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32event.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000167936 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32gui.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000046080 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_socket.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 001303552 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_ssl.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000128512 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_elementtree.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000127488 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\pyexpat.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000038912 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32inet.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000036864 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_psutil_windows.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000524248 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\windows._lib_cacheinvalidation.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000011264 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32crypt.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000123392 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._wizard.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000077312 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._html2.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000027648 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_multiprocessing.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000020480 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\_yappi.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000035840 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32process.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000078848 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\wx._animate.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000024064 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32pipe.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000010240 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\select.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000025600 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32pdh.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000017408 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32profile.pyd
2017-08-29 14:48 - 2017-08-29 14:48 - 000022528 ____R () C:\Users\Ann\AppData\Local\Temp\_MEI140202\win32ts.pyd
2017-06-04 07:19 - 2017-06-04 07:19 - 052051552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2013-06-12 10:09 - 2013-03-20 09:47 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-23 13:45 - 2017-08-27 23:00 - 000001258 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ann\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_6314_edit_.jpg
DNS Servers: 100.70.100.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "mncujatSrv"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Wondershare Media Server"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\StartupApproved\Run: => "gw64-core2 save settings"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{86056859-30AF-49B4-A1BD-910F9A2B272A}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{19F3D481-70E1-4B86-BC25-1D77B55813C0}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{4FCF5067-045A-4033-B8E0-0FEF41EB4F07}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{9BD7CB3A-D01C-4324-AB35-D90AF2C2AB62}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{5C77F124-BF00-46A8-83A6-C20EA0A4F50A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{6EE181F2-F141-41DC-BF28-6EA5DAE3C2F3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{322D7A68-621A-4B6B-80F4-CBDC942BB142}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe
FirewallRules: [{CE28ECF0-6EFB-4F4B-8BEC-FBF96F068BF8}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe
FirewallRules: [{2DC91539-94FE-494F-AA0E-C0D893C0FFCD}] => (Allow) C:\Users\Ann\Ubiquiti UniFi\bin\mongod.exe
FirewallRules: [{753C7D6D-CE1D-43DA-846C-253235DEB58A}] => (Allow) C:\Users\Ann\Ubiquiti UniFi\bin\mongod.exe
FirewallRules: [{7B36A6A7-41FF-4579-9D85-B5536A170AFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{90CE470E-69DC-4549-94FA-EBB8B517F176}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9C949F41-FE73-48AA-B130-0DCDCF2C6812}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{11F25CFB-BF6D-4C6A-8CDD-67F83F02B1D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{0B46F8B0-A19C-4CDB-8B9B-C9B1DA66FBD9}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{82400396-7990-4CA9-8452-898356B2215A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{CF23887E-9468-4037-BC7D-EE69CC4D4931}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe
FirewallRules: [{77292167-3F34-4E83-B190-54050DD06B90}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{450EFCD8-D9A8-43D2-A23C-AE9E948BF673}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [UDP Query User{B4B483BE-4CB2-428C-AAF0-87618BEA70A6}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe
FirewallRules: [TCP Query User{AE9EFEB2-26C7-4589-AAE1-7D76F1DC1C19}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe
FirewallRules: [{0F922D78-21B3-46EF-A268-E85E3EB18ABA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [UDP Query User{33A6C43F-9CFB-49A9-BF67-18E6FE73A134}C:\program files (x86)\sms\sms_6.3\smsc.exe] => (Allow) C:\program files (x86)\sms\sms_6.3\smsc.exe
FirewallRules: [TCP Query User{4F31BA99-4A4D-46BE-AC69-EE1062501124}C:\program files (x86)\sms\sms_6.3\smsc.exe] => (Allow) C:\program files (x86)\sms\sms_6.3\smsc.exe
FirewallRules: [UDP Query User{B97A0C0C-371B-47CD-99CF-D7D1FDBCB692}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{7D82C9AE-B07B-4CC1-904D-8B7B43EB0C08}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FD35FB0E-0080-4304-8117-5A8D07801F04}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [TCP Query User{18B6E571-2A9C-45A1-81F3-DA61D129EE14}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{91D9C7EE-D416-49BC-9ABE-CD8CEFEA3EF6}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe
FirewallRules: [TCP Query User{D9844AA0-1DD0-43C0-A539-5F4CEE493776}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe
FirewallRules: [UDP Query User{B48EAE4E-2170-4B3C-8C83-A8DB78132C16}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe
FirewallRules: [TCP Query User{7795445D-9035-4430-92D5-44614FBEED6D}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe
FirewallRules: [{7AB0A34C-434B-4853-8234-4F042C6E2CFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F77D94FE-2C1F-4327-9F5E-6A89A519D9EF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{CFCE2E15-EF71-44FF-BE9A-19B631217250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50010372-53B2-442F-88A0-D4896FF715C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{A9C89494-C03D-400B-B41C-E7E805FA6691}C:\program files (x86)\sms\sms_6.3\smsc.exe] => (Allow) C:\program files (x86)\sms\sms_6.3\smsc.exe
FirewallRules: [TCP Query User{ECCF6AFD-E087-436B-A0F7-0AA9224862C8}C:\program files (x86)\sms\sms_6.3\smsc.exe] => (Allow) C:\program files (x86)\sms\sms_6.3\smsc.exe
FirewallRules: [UDP Query User{A02ABC89-CF09-423C-92FB-4B6DCFDFDC67}C:\program files (x86)\sms\smsc.exe] => (Allow) C:\program files (x86)\sms\smsc.exe
FirewallRules: [TCP Query User{415E0C1C-4E82-4BE3-A5AC-7E6D5C285B71}C:\program files (x86)\sms\smsc.exe] => (Allow) C:\program files (x86)\sms\smsc.exe
FirewallRules: [TCP Query User{A5B2C9B7-E898-4082-946E-A9F746C44B32}C:\program files (x86)\winbox\winbox.exe] => (Allow) C:\program files (x86)\winbox\winbox.exe
FirewallRules: [UDP Query User{ABEB27EC-FED9-4F42-B180-DB422CC420AD}C:\program files (x86)\winbox\winbox.exe] => (Allow) C:\program files (x86)\winbox\winbox.exe
FirewallRules: [TCP Query User{98BCDA2B-419F-4AD1-B027-C22FBCEA1E52}C:\program files (x86)\winbox\winbox.exe] => (Allow) C:\program files (x86)\winbox\winbox.exe
FirewallRules: [UDP Query User{09D4E688-1B3A-4493-ADE8-453A2B31A44C}C:\program files (x86)\winbox\winbox.exe] => (Allow) C:\program files (x86)\winbox\winbox.exe
FirewallRules: [{8F254B7B-95FE-4DC4-97AA-02853BCA68EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D27E256D-45F0-41F3-92FF-A0AEE89D8D9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B82C872-D03E-46D1-801C-793A8E6E1A28}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{7CF03194-F2FF-4D12-AE61-3D2AFAFFA429}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2537B8AE-13DC-4EF5-9887-E1CE22A4D836}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C53DDBCD-98F5-4E0B-BAB9-E7CB8C6DD0B7}] => (Allow) LPort=67
FirewallRules: [{BC1B80E7-349C-467F-A58B-3628E453F150}] => (Allow) LPort=68
FirewallRules: [{22AADEAD-EB6D-40A3-A6B0-C21B615385A4}] => (Allow) LPort=53
FirewallRules: [{9B98BD60-3648-4AF7-B78F-25B1C5CBF3D4}] => (Allow) LPort=53
FirewallRules: [{9072A457-7CFF-4693-A587-B178FC563E82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{5DC09699-8D08-4D0C-80FB-BA8F6F0360E7}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{7B7ABF21-6F59-431A-8C8C-1E5632544CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{711D3C98-638A-4CD0-A08E-89FECD362664}] => (Allow) LPort=2869
FirewallRules: [{0FAD9497-6FB8-49EF-B8A4-B1B430EF669B}] => (Allow) LPort=1900
FirewallRules: [{C669C073-F4C8-49BD-AD5C-606A3EC8DFDC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4B4569ED-7B97-49C6-A262-7A147B18859D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B9A8904E-6082-446E-92A8-A4B64E50EFAE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2F814467-EDA3-4FD2-AD19-EB090B7F4911}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92B10AB0-CD1E-4F71-BFBC-035D948E516C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1079EF2F-730A-41E9-B887-918369010140}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DD6B610F-F742-42C1-B7A5-B280922A6606}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{65A375C2-73AC-4466-8AA8-B66248094E7C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7B2CA888-AAE0-443F-AFA2-AC3F42050599}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A98B69AD-7800-488A-A738-0F10801EA2B0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8B5A708E-4103-4CCE-9C94-8C27CEBAF355}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{518D9498-8659-414B-98F2-6D9039C1BEE3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ACFB7122-FF36-4832-A70E-C5C18CF72943}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2CD91CCB-BCA8-4E09-BBF0-3A0CCFECF3ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Zařízení standardu HID
Description: Zařízení standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2017 06:08:57 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 03:55:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=5232), GLE=31.

Error: (08/29/2017 02:48:43 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 02:48:42 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 02:48:37 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 10:39:24 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 10:38:56 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 10:38:29 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 10:28:54 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated

Error: (08/29/2017 10:28:54 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::IsAdapterAssociated RW wireless adapter is not associated


System errors:
=============
Error: (08/29/2017 03:25:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/29/2017 02:51:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/29/2017 02:48:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/29/2017 02:48:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/29/2017 02:48:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba clsid50662 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/29/2017 02:48:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (08/29/2017 02:48:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/29/2017 02:48:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/29/2017 02:48:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (08/29/2017 02:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 42%
Total physical RAM: 7848.27 MB
Available physical RAM: 4542.86 MB
Total Virtual: 13747.08 MB
Available Virtual: 10550.45 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.04 GB) (Free:5.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B36CE072)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Přesměrování webu

#7 Příspěvek od altrok »

:arrow: Doporucuji zvysenou opatrnost pri pouzivani AVG PC TuneUp


:arrow: Po restartu dejte vedet, jak se PC chova.


  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {be515169-72fc-11e5-81f7-0c8bfd05f78e} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} - "D:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> DefaultScope {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL = 
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
CMD: type "C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\user.js"
FF Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\378507@extcorp.net.xpi [2017-08-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CMD: type "C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js"
CMD: type "C:\Program Files (x86)\mozilla firefox\12939359.cfg"
C:\Program Files (x86)\mozilla firefox\12939359.cfg
CHR Extension: (Tables) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-27]
CHR Extension: (AVG SafePrice) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
OPR Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-08-27]
OPR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
File: C:\Program Files\Serviio\bin\ServiioService.exe
Virustotal: C:\Program Files\Serviio\bin\ServiioService.exe
S2 clsid50662; C:\ProgramData\clsid50662.exe [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
File: C:\WINDOWS\System32\drivers\wfcre.sys
Folder: C:\Program Files\ZM0VV92DV5
Folder: C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
Folder: C:\Program Files\O6IETL2KTG
Folder: C:\Program Files (x86)\BZip
Folder: C:\Users\Ann\AppData\Roaming\ev2j4efogkg
Zip: C:\Users\Ann\AppData\Roaming\ev2j4efogkg
Folder: C:\Program Files (x86)\ibvvhb5tzdt
2017-08-27 23:30 - 2017-08-28 00:13 - 000000000 ____D C:\Program Files\ZM0VV92DV5
2017-08-27 23:30 - 2017-08-27 23:59 - 000000000 ____D C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
2017-08-27 22:59 - 2017-08-28 00:43 - 000000000 ____D C:\Program Files\O6IETL2KTG
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files\JELWXY1S0N
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files (x86)\BZip
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\ev2j4efogkg
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\5ljln1303l0
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Program Files (x86)\ibvvhb5tzdt
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0A3EE7D0-2CF6-4302-87EE-E0D9E9828EDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3111E351-B4B8-48A2-BA09-BF21478CBA6E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {335F20F6-581D-46BC-818C-8C22C2359916} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5C6DF15F-41AF-48E8-BB2E-254CB1537AD4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {845B9C76-8189-4AEE-A45D-7171DC9FEF17} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9F65F489-AEC3-47A1-ABA2-3464A522E0C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7C122CD-E748-473E-AEA1-D033B0822D31} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9BA8DC1-80BC-4958-AA2A-C84BEBA48665} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B8808015-9A01-4A68-BF37-9C60B5ED0676} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2C6D378-F757-44E9-9A33-F00DBFD0170C} - System32\Tasks\{BA7CD60C-49A1-4D12-83D4-7870B46FDAF8} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ann\Downloads\UniFi-installer.exe -d C:\Users\Ann\Downloads
Task: {D13317B2-30CC-40A1-BAFD-136E13F39B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D1B18204-E7E8-4C2A-80F0-8DDB410ABEAA} - \Optimize Start Menu Cache Files-S-1-5-21-1171680460-3079032358-4087076128-1001 -> No File <==== ATTENTION
Task: {E078E2BF-9196-4194-A495-4D93B7AC8D71} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
prudil
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 28 srp 2017 21:49

Re: Přesměrování webu

#8 Příspěvek od prudil »

Zatím to vypadá dobře :-) Jen mi přestal fungovat Firefox, ale je to jen problém se spuštěním, kdy nelze najít konfigurační soubor, ale to si už vyřeším.

Zatím tedy moc a moc děkuju a v průběhu zítřka napíšu, jestli je to opravdu definitivně vyřešený.

Hezký den.


Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Ann (30-08-2017 11:37:41) Run:1
Running from C:\Users\Ann\Desktop
Loaded Profiles: Ann (Available Profiles: Ann)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {be515169-72fc-11e5-81f7-0c8bfd05f78e} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\...\MountPoints2: {e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> DefaultScope {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
SearchScopes: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> {EE4A9432-E655-4BCC-8809-86B548ACC7FC} URL =
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\S-1-5-21-1171680460-3079032358-4087076128-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
CMD: type "C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\user.js"
FF Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\378507@extcorp.net.xpi [2017-08-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CMD: type "C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js"
CMD: type "C:\Program Files (x86)\mozilla firefox\12939359.cfg"
C:\Program Files (x86)\mozilla firefox\12939359.cfg
CHR Extension: (Tables) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-27]
CHR Extension: (AVG SafePrice) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
OPR Extension: (Tables) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-08-27]
OPR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27]
File: C:\Program Files\Serviio\bin\ServiioService.exe
Virustotal: C:\Program Files\Serviio\bin\ServiioService.exe
S2 clsid50662; C:\ProgramData\clsid50662.exe [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
File: C:\WINDOWS\System32\drivers\wfcre.sys
Folder: C:\Program Files\ZM0VV92DV5
Folder: C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
Folder: C:\Program Files\O6IETL2KTG
Folder: C:\Program Files (x86)\BZip
Folder: C:\Users\Ann\AppData\Roaming\ev2j4efogkg
Zip: C:\Users\Ann\AppData\Roaming\ev2j4efogkg
Folder: C:\Program Files (x86)\ibvvhb5tzdt
2017-08-27 23:30 - 2017-08-28 00:13 - 000000000 ____D C:\Program Files\ZM0VV92DV5
2017-08-27 23:30 - 2017-08-27 23:59 - 000000000 ____D C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs
2017-08-27 22:59 - 2017-08-28 00:43 - 000000000 ____D C:\Program Files\O6IETL2KTG
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files\JELWXY1S0N
2017-08-27 22:58 - 2017-08-28 00:46 - 000000000 ____D C:\Program Files (x86)\BZip
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\ev2j4efogkg
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Users\Ann\AppData\Roaming\5ljln1303l0
2017-08-27 22:58 - 2017-08-28 00:45 - 000000000 ____D C:\Program Files (x86)\ibvvhb5tzdt
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0A3EE7D0-2CF6-4302-87EE-E0D9E9828EDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3111E351-B4B8-48A2-BA09-BF21478CBA6E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {335F20F6-581D-46BC-818C-8C22C2359916} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5C6DF15F-41AF-48E8-BB2E-254CB1537AD4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {845B9C76-8189-4AEE-A45D-7171DC9FEF17} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9F65F489-AEC3-47A1-ABA2-3464A522E0C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7C122CD-E748-473E-AEA1-D033B0822D31} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9BA8DC1-80BC-4958-AA2A-C84BEBA48665} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B8808015-9A01-4A68-BF37-9C60B5ED0676} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2C6D378-F757-44E9-9A33-F00DBFD0170C} - System32\Tasks\{BA7CD60C-49A1-4D12-83D4-7870B46FDAF8} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ann\Downloads\UniFi-installer.exe -d C:\Users\Ann\Downloads
Task: {D13317B2-30CC-40A1-BAFD-136E13F39B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D1B18204-E7E8-4C2A-80F0-8DDB410ABEAA} - \Optimize Start Menu Cache Files-S-1-5-21-1171680460-3079032358-4087076128-1001 -> No File <==== ATTENTION
Task: {E078E2BF-9196-4194-A495-4D93B7AC8D71} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be515169-72fc-11e5-81f7-0c8bfd05f78e} => key removed successfully
HKLM\Software\Classes\CLSID\{be515169-72fc-11e5-81f7-0c8bfd05f78e} => key not found.
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} => key removed successfully
HKLM\Software\Classes\CLSID\{e3ae20a7-89b8-11e7-832d-0c8bfd05f78e} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE4A9432-E655-4BCC-8809-86B548ACC7FC} => key removed successfully
HKLM\Software\Classes\CLSID\{EE4A9432-E655-4BCC-8809-86B548ACC7FC} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKU\S-1-5-21-1171680460-3079032358-4087076128-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => key removed successfully

========= type "C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\user.js" =========

user_pref("extensions.blocklist.detailsURL", "");
user_pref("extensions.blocklist.enabled", false);
user_pref("extensions.blocklist.interval", 86400);
user_pref("extensions.blocklist.itemURL", "");
user_pref("extensions.blocklist.url", "");
========= End of CMD: =========

C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\6mz5a0ld.default\Extensions\378507@extcorp.net.xpi => moved successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully

========= type "C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js" =========

pref("general.config.obscure_value", 0);pref("general.config.filename", "12939359.cfg");pref("network.proxy.type", 2);pref("network.proxy.autoconfig_url", "http://webaccessquick.com/wpad.dat?5dd6 ... 8234862563");pref("network.proxy.autoconfig_url.include_path", true);
========= End of CMD: =========


========= type "C:\Program Files (x86)\mozilla firefox\12939359.cfg" =========

var certdb;
try { certdb = Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB2); }
catch (e)
{ certdb = Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB); }
cert = 'MIIDRzCCAi+gAwIBAgIJAL1aMlXVxFOYMA0GCSqGSIb3DQEBCwUAMDoxGzAZBgNVBAMMEndlYmFjY2Vzc3F1aWNrLmNvbTEbMBkGA1UECgwSd2ViYWNjZXNzcXVpY2suY29tMB4XDTE3MDgwNDA4NTI0MFoXDTI3MDgwMjA4NTI0MFowOjEbMBkGA1UEAwwSd2ViYWNjZXNzcXVpY2suY29tMRswGQYDVQQKDBJ3ZWJhY2Nlc3NxdWljay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMwWrH+USwcfmVkm5xqDQCvBwJT6UpY5NJ8poKpNj+TqNVbn21CloYn+63TUlzESJ5FXjd3xM875VgRyp72m5w7rXoxwzJ7bmPaf3qFun1R9oeTdYut/Q5DPfcMi8zV1G+dEdfM0IrhyJYQLy9pXB7zMUPA+cv9X2vN5KvxX9yXeioK5wd1eVacseX/Sl8RTu48nqq54dVFxtVYH2ChsfPW8yv0P3NWiPKk+S61b7rTkAuxx49fHt0AdrAyYQomKnZd9HO7EGh7anY/FWlqtYOMZVEOtYKPhcThmhI0ejEtvZieAv0KeexzsgBEs2N1OjSfeM9autImZBaQsvVZlVbAgMBAAGjUDBOMB0GA1UdDgQWBBQKIw8olydvUdBrQtS4EGarh0HWWzAfBgNVHSMEGDAWgBQKIw8olydvUdBrQtS4EGarh0HWWzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCDGzIeM3WGyaD/FMAPYTSd5GI+fnbtILxb0PtfPGzb6qMmeOk1Th/Avu3DDN19gQaIL5EQBMS6IRPmmkHCEzvg60AENsixkTdv3+BoKKfSEEMhxjo2kcmAEUjoZ3jv3yfHVJPawubCa2ZRsnNVQZSLvP8ba/MrKoMKVfI5iziaUPR9UmEN64F0Q1zCuHzxQMqiO4JHSqmCx+PjR5MJx/1yShuQzC3Fmk0//hIst2XWkSYU1+50CA/L7BKk+IGZrjxeW7BAYtfmqafhsccBMMepyMrf7PelgN8qrGIL3DTC3mq2N6UT/I1iIkSNyaq6FMKjJDJCLAFy+fV7D6kClw9Z';
certdb.addCertFromBase64(cert, "CT,C,C", "");
========= End of CMD: =========

C:\Program Files (x86)\mozilla firefox\12939359.cfg => moved successfully
CHR Extension: (Tables) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-08-27] => Error: No automatic fix found for this entry.
CHR Extension: (AVG SafePrice) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-08-28] => Error: No automatic fix found for this entry.
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28] => Error: No automatic fix found for this entry.
CHR Extension: (Quick Searcher) - C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-08-27] => Error: No automatic fix found for this entry.
C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj => moved successfully
C:\Users\Ann\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha => moved successfully

========================= File: C:\Program Files\Serviio\bin\ServiioService.exe ========================

File not signed
MD5: D2E25B1FE392E6E1C9A149F17920C318
Creation and modification date: 2016-03-28 23:06 - 2016-03-28 23:06
Size: 000327680
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/f2fb3bc ... 497968170/

====== End of File: ======

VirusTotal: C:\Program Files\Serviio\bin\ServiioService.exe => https://www.virustotal.com/file/f2fb3bc ... 497968170/
HKLM\System\CurrentControlSet\Services\clsid50662 => key removed successfully
clsid50662 => service removed successfully
HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
ibtsiva => service removed successfully

========================= File: C:\WINDOWS\System32\drivers\wfcre.sys ========================

File is digitally signed
MD5: A23BF07FCB723AC9F905AF844BDAC181
Creation and modification date: 2017-07-04 10:46 - 2017-07-04 10:46
Size: 000124288
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/d214d98 ... 502672703/

====== End of File: ======


========================= Folder: C:\Program Files\ZM0VV92DV5 ========================

2017-08-27 23:30 - 2017-08-27 23:30 - 000000036 _____ () C:\Program Files\ZM0VV92DV5\cast.config
2017-08-27 23:30 - 2017-08-27 23:30 - 000001275 _____ () C:\Program Files\ZM0VV92DV5\uninstaller.exe.config
2017-08-27 23:30 - 2017-08-27 23:30 - 000001275 _____ () C:\Program Files\ZM0VV92DV5\ZM0VV92DV.exe.config

====== End of Folder: ======


========================= Folder: C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs ========================

2017-08-27 23:30 - 2017-08-27 23:30 - 000001275 _____ () C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs\fsmecq5v5sd.exe.config

====== End of Folder: ======


========================= Folder: C:\Program Files\O6IETL2KTG ========================

2017-08-27 22:59 - 2017-08-27 22:59 - 000000036 _____ () C:\Program Files\O6IETL2KTG\cast.config
2017-08-27 22:59 - 2017-08-27 22:59 - 000001275 _____ () C:\Program Files\O6IETL2KTG\O6IETL2KT.exe.config
2017-08-27 22:59 - 2017-08-27 22:59 - 000001275 _____ () C:\Program Files\O6IETL2KTG\uninstaller.exe.config

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\BZip ========================

2017-08-27 22:58 - 2017-08-27 22:58 - 000001658 _____ () C:\Program Files (x86)\BZip\uninstaller.exe.config

====== End of Folder: ======


========================= Folder: C:\Users\Ann\AppData\Roaming\ev2j4efogkg ========================

2017-08-27 22:58 - 2017-08-27 22:58 - 000001275 _____ () C:\Users\Ann\AppData\Roaming\ev2j4efogkg\v3snsgfnicu.exe.config

====== End of Folder: ======

================== Zip: ===================
C:\Users\Ann\AppData\Roaming\ev2j4efogkg -> copied successfully to C:\Users\Ann\Desktop\30.08.2017_11.38.38.zip
=========== Zip: End ===========

========================= Folder: C:\Program Files (x86)\ibvvhb5tzdt ========================

2017-08-27 22:58 - 2017-08-27 22:58 - 001909709 _____ (WeMonetize ) C:\Program Files (x86)\ibvvhb5tzdt\9ID.exe
2017-08-27 22:59 - 2017-08-27 22:59 - 000000036 _____ () C:\Program Files (x86)\ibvvhb5tzdt\cast.config
2017-08-27 22:58 - 2017-08-27 23:30 - 000000094 _____ () C:\Program Files (x86)\ibvvhb5tzdt\config.conf
2017-08-27 22:59 - 2017-08-27 22:59 - 000001658 _____ () C:\Program Files (x86)\ibvvhb5tzdt\P1FF0.exe.config
2017-08-27 22:58 - 2017-08-27 22:58 - 000001658 _____ () C:\Program Files (x86)\ibvvhb5tzdt\Q4ICLJW9P00RRXY.exe.config

====== End of Folder: ======

C:\Program Files\ZM0VV92DV5 => moved successfully
C:\Users\Ann\AppData\Roaming\dkcn5qfkrhs => moved successfully
C:\Program Files\O6IETL2KTG => moved successfully
C:\Program Files\JELWXY1S0N => moved successfully
C:\Program Files (x86)\BZip => moved successfully
C:\Users\Ann\AppData\Roaming\ev2j4efogkg => moved successfully
C:\Users\Ann\AppData\Roaming\5ljln1303l0 => moved successfully
C:\Program Files (x86)\ibvvhb5tzdt => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A3EE7D0-2CF6-4302-87EE-E0D9E9828EDD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A3EE7D0-2CF6-4302-87EE-E0D9E9828EDD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3111E351-B4B8-48A2-BA09-BF21478CBA6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3111E351-B4B8-48A2-BA09-BF21478CBA6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{335F20F6-581D-46BC-818C-8C22C2359916} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{335F20F6-581D-46BC-818C-8C22C2359916} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C6DF15F-41AF-48E8-BB2E-254CB1537AD4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C6DF15F-41AF-48E8-BB2E-254CB1537AD4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{845B9C76-8189-4AEE-A45D-7171DC9FEF17} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{845B9C76-8189-4AEE-A45D-7171DC9FEF17} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F65F489-AEC3-47A1-ABA2-3464A522E0C2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F65F489-AEC3-47A1-ABA2-3464A522E0C2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C122CD-E748-473E-AEA1-D033B0822D31} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C122CD-E748-473E-AEA1-D033B0822D31} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9BA8DC1-80BC-4958-AA2A-C84BEBA48665} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9BA8DC1-80BC-4958-AA2A-C84BEBA48665} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8808015-9A01-4A68-BF37-9C60B5ED0676} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8808015-9A01-4A68-BF37-9C60B5ED0676} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2C6D378-F757-44E9-9A33-F00DBFD0170C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2C6D378-F757-44E9-9A33-F00DBFD0170C} => key removed successfully
C:\WINDOWS\System32\Tasks\{BA7CD60C-49A1-4D12-83D4-7870B46FDAF8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BA7CD60C-49A1-4D12-83D4-7870B46FDAF8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D13317B2-30CC-40A1-BAFD-136E13F39B02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D13317B2-30CC-40A1-BAFD-136E13F39B02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1B18204-E7E8-4C2A-80F0-8DDB410ABEAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1B18204-E7E8-4C2A-80F0-8DDB410ABEAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1171680460-3079032358-4087076128-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E078E2BF-9196-4194-A495-4D93B7AC8D71} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E078E2BF-9196-4194-A495-4D93B7AC8D71} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully

========= dir "C:\PROGRA~1" =========

Volume in drive C is Acer
Volume Serial Number is 34F0-07E7

Directory of C:\PROGRA~1

30.08.2017 11:38 <DIR> .
30.08.2017 11:38 <DIR> ..
29.09.2015 09:48 <DIR> Acer
01.10.2015 17:58 <DIR> Adobe
16.03.2016 20:57 <DIR> Angry IP Scanner
01.10.2016 21:16 <DIR> Avidemux 2.6 - 64 bits
22.08.2016 08:43 <DIR> Classic Shell
19.06.2017 22:08 <DIR> Common Files
27.06.2017 22:34 <DIR> CyberLink
11.05.2015 13:21 <DIR> DAUM
07.07.2015 13:41 <DIR> Fotolab
25.03.2016 22:52 <DIR> Google
19.06.2017 22:08 <DIR> Intel
21.09.2015 16:55 <DIR> Intel Corporation
19.06.2017 22:08 <DIR> Internet Explorer
28.08.2017 09:43 <DIR> Java
11.07.2014 17:14 <DIR> Kolor
18.02.2014 19:44 <DIR> Microsoft Office
14.06.2017 23:47 <DIR> Microsoft Silverlight
19.06.2017 22:56 <DIR> MSBuild
27.06.2017 22:35 <DIR> NewBlue
05.05.2015 19:01 <DIR> proDAD
28.08.2014 10:36 <DIR> PTGui
19.06.2017 22:06 <DIR> Realtek
19.06.2017 22:56 <DIR> Reference Assemblies
18.12.2016 21:44 <DIR> Serviio
19.06.2017 22:06 <DIR> Synaptics
16.04.2017 20:44 <DIR> UNP
28.06.2017 23:07 <DIR> Windows Defender
19.06.2017 22:08 <DIR> Windows Mail
19.06.2017 22:08 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
09.08.2017 22:03 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
18.02.2014 20:43 <DIR> WinRAR
0 File(s) 0 bytes
38 Dir(s) 6˙814˙973˙952 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C is Acer
Volume Serial Number is 34F0-07E7

Directory of C:\PROGRA~2

30.08.2017 11:38 <DIR> .
30.08.2017 11:38 <DIR> ..
01.01.2017 22:05 <DIR> 7-Zip
09.04.2014 13:39 <DIR> Acer
12.06.2013 10:15 <DIR> Acer Incorporated
14.07.2017 11:27 <DIR> Adobe
16.03.2016 22:12 <DIR> Advanced IP Scanner
10.05.2015 13:37 <DIR> Apple Software Update
24.08.2014 11:24 <DIR> Art D
27.08.2017 23:55 <DIR> AVG
18.02.2014 20:12 <DIR> AXSVision
18.02.2014 20:12 502˙313 AXSVision_Client_InstallLog.log
17.12.2016 21:26 <DIR> Cisco
08.11.2016 20:14 <DIR> CollageIt
28.08.2017 09:42 <DIR> Common Files
27.06.2017 22:35 <DIR> CyberLink
11.12.2014 19:27 <DIR> DVDFilmot‚ka
13.10.2016 06:13 <DIR> FileZilla FTP Client
11.12.2014 19:21 <DIR> Filmy
22.08.2014 13:31 <DIR> Fotolab
12.06.2016 13:39 <DIR> Free IP Switcher
26.10.2014 11:46 <DIR> GalaxyClient
19.03.2014 22:45 <DIR> Google
25.03.2016 22:52 <DIR> GUM230.tmp
04.03.2014 21:01 <DIR> GvNPRT
19.10.2015 17:45 <DIR> HappyFoto-Designer
29.07.2015 19:47 <DIR> Hewlett-Packard
15.08.2016 10:44 <DIR> HP
27.06.2017 11:57 <DIR> Intel
02.10.2015 22:08 <DIR> Intel Driver Update Utility
08.08.2017 19:14 <DIR> Internet Explorer
28.08.2017 09:41 <DIR> Java
24.03.2014 18:39 <DIR> KeePass Password Safe 2
18.03.2017 14:57 <DIR> Kuki
18.02.2014 21:24 <DIR> Mapedit
29.09.2015 09:48 <DIR> Microsoft
04.04.2015 19:35 <DIR> Microsoft Office
14.06.2017 23:47 <DIR> Microsoft Silverlight
06.07.2016 14:05 <DIR> Microsoft SQL Server Compact Edition
18.02.2014 19:46 <DIR> Microsoft Visual Studio
04.03.2014 19:52 <DIR> Microsoft Windows 7 Upgrade Advisor
19.02.2014 17:12 <DIR> Microsoft Works
19.06.2017 22:08 <DIR> Microsoft.NET
30.08.2017 11:38 <DIR> Mozilla Firefox
27.08.2017 23:30 <DIR> Mozilla Maintenance Service
19.06.2017 22:56 <DIR> MSBuild
03.10.2015 08:52 <DIR> NewBlue
19.10.2016 20:03 <DIR> NortonInstaller
27.06.2017 22:35 <DIR> NSIS Uninstall Information
27.03.2014 19:56 <DIR> OpenXML-ODF Translator
27.08.2017 23:40 <DIR> Opera
22.02.2014 17:20 <DIR> Photodex
20.06.2015 16:40 <DIR> Photodex Presenter
20.06.2014 12:22 <DIR> Picture Collage Maker Pro
18.11.2015 19:45 <DIR> PSPad editor
13.03.2014 19:22 <DIR> Putty
28.08.2017 09:42 <DIR> QuickTime
12.06.2013 10:35 <DIR> Realtek
19.06.2017 22:56 <DIR> Reference Assemblies
13.11.2016 00:23 <DIR> Samsung
19.06.2016 09:58 <DIR> Simple IP Config
03.12.2016 20:30 <DIR> Smart View
18.02.2014 20:24 <DIR> sms
27.08.2017 23:30 <DIR> SpyHunter Malware Security Suite
29.08.2017 10:27 <DIR> TeamViewer
21.02.2015 19:33 <DIR> TechSmith
03.05.2015 23:36 <DIR> Thunder Network
18.02.2014 21:00 <DIR> VideoLAN
18.02.2014 18:59 <DIR> WildTangent Games
16.05.2016 19:05 <DIR> Winbox
28.06.2017 23:07 <DIR> Windows Defender
06.07.2016 14:05 <DIR> Windows Live
19.06.2017 22:08 <DIR> Windows Mail
19.06.2017 22:08 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
09.08.2017 22:03 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
17.04.2017 07:44 <DIR> WinHTTrack
01.10.2016 21:32 <DIR> Wondershare
12.08.2016 22:52 <DIR> XYplorer
1 File(s) 502˙313 bytes
81 Dir(s) 6˙814˙965˙760 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C is Acer
Volume Serial Number is 34F0-07E7

Directory of C:\PROGRA~3

09.04.2014 13:39 <DIR> Acer
27.07.2017 20:24 <DIR> Adobe
10.05.2015 13:37 <DIR> Apple
10.05.2015 13:37 <DIR> Apple Computer
28.08.2017 01:42 <DIR> AVG
12.06.2013 10:49 <DIR> boost_interprocess
11.02.2016 23:00 <DIR> Canon_Inc_IC
24.05.2016 23:36 <DIR> ClassicShell
23.05.2015 13:48 <DIR> CLSK
16.07.2016 13:47 <DIR> Comms
02.10.2016 21:57 <DIR> CyberLink
13.05.2015 16:16 <DIR> eSellerate
26.10.2014 11:46 <DIR> GalaxyClient
16.07.2014 18:07 <DIR> Geovision
25.03.2016 22:53 <DIR> Google
19.10.2015 11:56 <DIR> HappyFoto-Designer
04.02.2016 21:17 <DIR> Hewlett-Packard
15.08.2016 10:43 <DIR> HP
22.08.2014 14:59 <DIR> hps
27.06.2017 22:36 <DIR> install_backup
17.12.2016 21:27 <DIR> Intel
12.06.2013 10:39 <DIR> Intel(R) Update Manager
02.10.2015 22:12 <DIR> IntelDLM
23.08.2014 11:24 <DIR> M-Photo
18.02.2014 19:28 <DIR> McAfee
27.07.2017 19:15 <DIR> Microsoft Help
19.06.2017 22:38 <DIR> Microsoft OneDrive
01.10.2016 20:53 16 mntemp
01.10.2016 20:54 <DIR> Movavi
01.10.2016 20:53 <DIR> Movavi Video Converter 16
18.02.2014 19:29 <DIR> Mozilla
18.02.2014 18:56 <DIR> Nero
29.10.2016 02:07 <DIR> Norton
19.10.2016 20:04 <DIR> NortonInstaller
29.09.2015 09:48 <DIR> OEM
18.02.2014 18:39 <DIR> OEM_YAHOO
21.06.2017 21:24 <DIR> Oracle
29.09.2015 09:50 <DIR> Origin
14.07.2017 11:28 <DIR> Package Cache
08.11.2016 20:14 <DIR> PearlMountain
18.02.2014 21:35 <DIR> Photodex
21.09.2015 16:55 <DIR> PRICache
05.05.2015 19:01 <DIR> proDAD
19.06.2017 22:12 <DIR> regid.1986-12.com.adobe
18.03.2017 23:03 <DIR> regid.1991-06.com.microsoft
19.06.2017 22:12 <DIR> regid.1995-08.com.techsmith
12.06.2013 10:26 <DIR> Roaming
13.11.2016 00:24 <DIR> Samsung
05.05.2015 19:01 <DIR> SmartSound Software Inc
18.03.2017 23:03 <DIR> SoftwareDistribution
27.08.2017 22:37 <DIR> Start Menu
04.12.2014 15:59 <DIR> Sun
27.06.2017 22:36 <DIR> SUPPORTDIR
12.06.2013 10:49 <DIR> Symantec
04.04.2017 12:11 <DIR> Synaptics
21.02.2015 19:33 <DIR> TechSmith
28.08.2017 08:15 <DIR> Temp
18.03.2016 23:10 <DIR> tmp
02.02.2015 21:45 <DIR> unifi-video
19.06.2017 22:37 <DIR> USOPrivate
19.06.2017 22:37 <DIR> USOShared
12.06.2013 10:05 <DIR> WildTangent
12.06.2013 10:05 <DIR> WildTangentUninstall324081
20.03.2017 06:46 <DIR> WindowsHolographicDevices
01.10.2016 21:45 <DIR> Wondershare
12.06.2017 09:33 <DIR> Wondershare Video Converter Ultimate
1 File(s) 16 bytes
65 Dir(s) 6˙814˙965˙760 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C is Acer
Volume Serial Number is 34F0-07E7

Directory of C:\Users\Ann\AppData\Local

28.08.2017 22:56 <DIR> .
28.08.2017 22:56 <DIR> ..
15.11.2015 11:30 <DIR> ActiveSync
14.07.2017 11:25 <DIR> Adobe
21.07.2015 14:08 1˙480 Adobe Ulo§it pro web 13.0 Prefs
10.05.2015 13:37 <DIR> Apple
18.02.2014 20:35 <DIR> Apps
27.07.2017 20:23 <DIR> assembly
27.08.2017 23:55 <DIR> Avg
27.08.2017 23:55 <DIR> AvgSetupLog
11.02.2016 23:08 <DIR> CANON_INC
06.11.2015 22:56 <DIR> CEF
28.08.2017 22:32 <DIR> ClassicShell
09.04.2014 13:39 <DIR> clear.fi
21.09.2015 17:07 <DIR> Comms
19.06.2017 22:37 <DIR> ConnectedDevicesPlatform
01.10.2016 20:54 <DIR> converter
17.06.2017 13:11 <DIR> CrashDumps
26.10.2014 10:42 <DIR> CrashRpt
23.05.2015 15:32 <DIR> CyberLink
23.06.2017 22:28 <DIR> DBG
22.06.2016 14:46 4˙608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
20.08.2017 21:13 <DIR> Deployment
30.12.2016 16:03 <DIR> Diagnostics
14.08.2017 20:48 <DIR> ElevatedDiagnostics
26.08.2017 20:06 <DIR> ESET
15.11.2016 08:36 83˙864 GDIPFONTCACHEV1.DAT
26.10.2014 11:48 <DIR> GOG.com
28.08.2017 08:15 <DIR> Google
02.06.2015 08:14 <DIR> GWX
19.10.2015 12:05 <DIR> HappyFoto-Designer
29.07.2015 20:56 <DIR> Hewlett-Packard
14.05.2016 18:18 <DIR> Hisuite
02.10.2015 22:08 <DIR> Intel
18.02.2014 21:16 <DIR> Intel_Corporation
02.07.2014 07:53 <DIR> KeePass
11.07.2014 17:15 <DIR> Kolor
24.08.2014 12:05 <DIR> M-Photo_Ltd
18.02.2014 20:36 <DIR> Macromedia
26.06.2017 15:20 <DIR> Microsoft
04.03.2014 19:52 <DIR> Microsoft Corporation
28.08.2017 08:15 <DIR> Microsoft Help
21.09.2015 17:13 <DIR> MicrosoftEdge
01.10.2016 20:54 <DIR> Movavi
18.02.2014 19:36 <DIR> Mozilla
21.09.2015 17:07 <DIR> NetworkTiles
03.04.2014 19:59 <DIR> Opera Software
19.06.2017 22:53 <DIR> Packages
18.12.2016 20:37 <DIR> Plex Media Server
21.02.2014 15:39 <DIR> Programs
21.09.2015 17:05 <DIR> Publishers
27.08.2017 13:34 600 PUTTY.RND
26.10.2014 11:03 <DIR> Rebellion
28.08.2017 20:45 <DIR> Recovery
03.12.2016 20:41 <DIR> SmartView2
10.06.2014 14:41 <DIR> Software Statistics Service
18.12.2014 16:42 <DIR> TeamViewer
21.02.2015 19:47 <DIR> TechSmith
30.08.2017 11:38 <DIR> Temp
21.09.2015 17:05 <DIR> TileDataLayer
16.04.2017 20:58 <DIR> UNP
04.04.2017 12:48 <DIR> VirtualStore
29.08.2016 20:13 <DIR> Windows Live
01.10.2016 21:44 <DIR> Wondershare
18.03.2014 21:13 <DIR> ZJMedia
4 File(s) 90˙552 bytes
61 Dir(s) 6˙814˙965˙760 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C is Acer
Volume Serial Number is 34F0-07E7

Directory of C:\Users\Ann\AppData\Roaming

30.08.2017 11:38 <DIR> .
30.08.2017 11:38 <DIR> ..
27.07.2017 20:35 <DIR> Adobe
28.09.2015 19:21 132 Adobe Form t PNG CS6 - pýedvolby
11.05.2015 22:36 <DIR> Apple Computer
27.08.2017 23:55 <DIR> AVG
28.08.2017 08:15 <DIR> avidemux
18.02.2014 21:24 <DIR> BoutellDotCom
11.02.2016 23:01 <DIR> Canon_Inc_IC
20.09.2015 22:27 <DIR> ClassicShell
02.05.2014 10:20 9˙707 ContactSheetII.log
03.10.2015 10:23 <DIR> CyberLink
11.12.2014 19:32 <DIR> DVD Filmot‚ka
11.06.2016 22:42 <DIR> Eusing
24.08.2017 09:51 <DIR> FileZilla
16.12.2014 14:23 <DIR> GHISLER
10.05.2016 21:52 <DIR> Google
30.06.2017 07:31 <DIR> Hewlett-Packard
22.07.2014 19:21 <DIR> HP
08.12.2015 00:08 <DIR> Identities
18.02.2014 18:38 <DIR> Intel
10.06.2016 15:11 <DIR> IPChangeEasy
26.08.2017 23:43 <DIR> KeePass
18.08.2017 23:27 <DIR> Kuki
24.08.2014 11:33 <DIR> M-Photo
18.02.2014 18:42 <DIR> Macromedia
18.02.2014 20:22 <DIR> Mikrotik
18.02.2014 21:35 <DIR> Mozilla
18.02.2014 21:35 <DIR> Netscape
03.04.2014 19:59 <DIR> Opera Software
01.07.2014 18:29 <DIR> Origin
08.11.2016 20:14 <DIR> PearlMountain
18.02.2014 21:34 <DIR> Photodex
11.05.2015 13:23 <DIR> PotPlayerMini64
05.05.2015 19:01 <DIR> proDAD
27.07.2017 20:44 6˙484 PS13_panel.log
22.02.2014 12:13 <DIR> PSpad
29.08.2014 21:58 <DIR> PTGui
13.11.2016 00:23 <DIR> Samsung
10.12.2016 21:49 <DIR> Serviio-Console-Wrapper
18.03.2014 21:34 <DIR> Seznam.cz
23.06.2017 07:18 <DIR> Skype
22.02.2014 10:56 <DIR> StageManager.BD092818F67280F4B42B04877600987F0111B594.1
02.05.2014 10:19 728 Str nka miniatur II.xml
09.03.2017 22:29 <DIR> Sun
28.03.2017 20:10 <DIR> Synaptics
28.08.2017 08:15 <DIR> TeamViewer
21.02.2015 19:43 <DIR> TechSmith
05.05.2015 19:03 <DIR> Titler
06.05.2016 10:06 <DIR> Ulozto File Manager
23.06.2017 09:07 <DIR> vlc
21.09.2015 20:12 <DIR> W10LogonChanger
18.02.2014 21:25 <DIR> WinRAR
24.03.2014 18:36 12˙187 WinSCP.ini
24.03.2014 18:36 600 winscp.rnd
01.10.2016 21:34 <DIR> Wondershare Video Converter Ultimate
12.08.2016 23:11 <DIR> XYplorer
18.03.2014 21:13 <DIR> ZJMedia
01.10.2016 21:34 <DIR> {950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
6 File(s) 29˙838 bytes
53 Dir(s) 6˙814˙961˙664 bytes free

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21718067 B
Java, Flash, Steam htmlcache => 78414 B
Windows/system/drivers => 260645107 B
Edge => 2074021 B
Chrome => 10519086 B
Firefox => 409743896 B
Opera => 51165328 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 24662 B
NetworkService => 0 B
Ann => 948082036 B

RecycleBin => 1288283423 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:40:09 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Přesměrování webu

#9 Příspěvek od altrok »

To bude dle meho zpusobene obsahem souboru:
C:\Program Files (x86)\mozilla firefox\defaults\pref\12939359.js
ktery odkazoval na
C:\Program Files (x86)\mozilla firefox\12939359.cfg
a ktery jsme ted smazali.

Na zkousku otevrete v poznamkovem bloku prvni zmineny soubor (obsahuje jeden radek) a tento radek zakomentujte - vlozte dve lomitka na zacatek radku a soubor ulozte

Kód: Vybrat vše

//

Na plose dale vznikl soubor 30.08.2017_11.38.38.zip, ktery smazte.

V Chromu zustala dve rozsireni, o jejichz legitimnosti mam pochybnosti - Tables a Quick Searcher. Spustte Chrome a pokud tato rozsireni nepouzivate, odstrante je.

Pokud bude vse v poradku, uz jen uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“