Logfile of random's system information tool 1.10 (written by random/random)
Run by jiří mansfeld at 2016-04-16 11:56:50
Microsoft Windows 10 Home
System drive C: has 260 GB (56%) free of 466 GB
Total RAM: 8124 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:54, on 16.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jiří mansfeld.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\programy instalace\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Google Update] "C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem133.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15977 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-67e35034-5bcc-4dbb-be8b-2423a9c831ae -SystemEventPortName:HostProcess-a58506f3-0858-444a-a83a-0702596e3fe6 -IoCancelEventPortName:HostProcess-e1d7bb7c-47af-4fab-a347-d74ec012399a -NonStateChangingEventPortName:HostProcess-f4419c84-ed7b-4900-a659-538383d219cd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5665d7b1-257f-4c73-b2b5-b19771c216e5 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\AVG\Av\avgfws.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
dashost.exe {6f3b8b93-c8f9-45de-89bcc3a03489078c}
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-77d1-b1111fa6cb5f /binaryPath="C:\Program Files (x86)\AVG\Av\\"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\Av\avgrsa.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\HP SimplePass\TouchControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe" -ServerName:RemindersServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3660
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 7f270fd2-1374-4d3f-b0ca-51af34fa926c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
"C:\Program Files\IDT\WDM\sttray64.exe"
szndesktop.exe default start
"C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\System32\StikyNot.exe"
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_11960_0380CEE8_26087395 BT4823DF041B09 BitTorrent
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_11960_0380D570_1947300426 BT4823DF041B09 BitTorrent
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
/fmw.trayonly
/TRAYONLY
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"fontdrvhost.exe"
ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.112 --handshake-handle=0x1ac
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8284.0.1101665274\911530821" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:2
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8284.2.1213960059\2003347296" /prefetch:1
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8284.6.850477331\1071941171" /prefetch:1
"C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8284.12.1840973202\377104452" /prefetch:1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-760a9151-838f-4cb7-8cfb-6493940dc932 -SystemEventPortName:HostProcess-f1244979-6fd8-4859-bde2-78334b690a2a -IoCancelEventPortName:HostProcess-e9355c16-6036-494c-bb98-ae3159442624 -NonStateChangingEventPortName:HostProcess-2440668b-b3e0-4b16-8da1-b8bd00752df3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:725e8048-c60f-4298-ba21-1368cf0e1b51 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\WINDOWS\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\jiří mansfeld\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 604 608 616 8192 612
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@authentec.com/ffwloplugin]
"Description"=
"Path"=C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-12-19 402344]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1234120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-10-04 1710568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-04 2654512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-03-27 1703424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\programy instalace\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-06-10 456576]
"Google Update"=C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
"OneDrive"=C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11 551104]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2015-10-30 465920]
"BitTorrent"=C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-04-09 1963016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-07-24 77088]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-12-25 1045304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-03-23 186640]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-03-02 25512]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18 1085656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-16 11:31:52 ----HD---- C:\OneDriveTemp
2016-04-13 22:03:25 ----SHD---- C:\Config.Msi
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 08:54:41 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 08:54:37 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 08:54:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 08:54:22 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 08:54:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-04-13 08:54:19 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 08:54:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 08:54:15 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-04-13 08:54:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 08:54:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 08:54:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 08:54:10 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 08:54:07 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 08:54:03 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-04-13 08:54:02 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 08:53:54 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 08:53:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 08:53:33 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 08:53:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 08:53:17 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\wups.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 08:53:09 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
======List of files/folders modified in the last 1 month======
2016-04-16 11:56:52 ----D---- C:\Program Files\trend micro
2016-04-16 11:56:35 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent
2016-04-16 11:56:29 ----D---- C:\WINDOWS\Prefetch
2016-04-16 11:54:34 ----D---- C:\WINDOWS\System32
2016-04-16 11:54:34 ----D---- C:\WINDOWS\INF
2016-04-16 11:54:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-16 11:53:00 ----D---- C:\Windows
2016-04-16 11:51:32 ----D---- C:\WINDOWS\Temp
2016-04-16 11:38:39 ----HD---- C:\Program Files\WindowsApps
2016-04-16 11:38:33 ----D---- C:\WINDOWS\AppReadiness
2016-04-16 11:37:25 ----D---- C:\ProgramData\MFAData
2016-04-16 11:36:45 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2016-04-16 11:31:37 ----D---- C:\WINDOWS\system32\sru
2016-04-16 11:31:29 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-15 16:18:27 ----SHD---- C:\System Volume Information
2016-04-15 16:15:30 ----D---- C:\WINDOWS\system32\config
2016-04-15 16:15:05 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-14 21:42:48 ----D---- C:\WINDOWS\rescache
2016-04-14 20:03:11 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-14 20:03:08 ----D---- C:\WINDOWS\WinSxS
2016-04-14 20:02:18 ----RD---- C:\WINDOWS\assembly
2016-04-13 22:04:20 ----SHDC---- C:\WINDOWS\Installer
2016-04-13 22:01:52 ----D---- C:\WINDOWS\system32\drivers
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SysWOW64
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\Boot
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\appraiser
2016-04-13 21:08:42 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-13 21:08:41 ----D---- C:\WINDOWS\bcastdvr
2016-04-13 21:08:41 ----D---- C:\WINDOWS\AppPatch
2016-04-13 11:35:25 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 11:32:36 ----D---- C:\ProgramData\Microsoft Help
2016-04-13 11:31:42 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 09:14:38 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 08:40:20 ----D---- C:\WINDOWS\system32\catroot2
2016-04-06 20:32:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\wbem
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\migration
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\Dism
2016-03-31 10:06:46 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Media
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Fonts
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Portable Devices
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Media Player
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Journal
2016-03-31 10:06:44 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-31 10:06:43 ----D---- C:\Program Files\Internet Explorer
2016-03-29 12:06:18 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-03-29 11:53:26 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\system32\authuitu.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-03 378288]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-03-02 269232]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 hpdskflt;@oem133.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 Avgfwfd;@oem4.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-01-26 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-12-16 315840]
R1 dtsoftbus01;@oem87.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-22 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 Accelerometer;@oem133.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-07-23 43320]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-03-29 84992]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [2013-02-13 21048]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\imsevent.sys [2013-02-13 21048]
R3 irstrtdv;@oem100.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-12-12 43800]
R3 ISCT;@oem44.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-02-13 46568]
R3 iwdbus;@oem122.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem92.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-23 192312]
R3 netr28x;@oem52.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2015-06-12 2554528]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-11 11174544]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-04 19760]
R3 nvvad_WaveExtensible;@oem40.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 rtbth;@oem106.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-06-03 1219200]
R3 RTL8168;@oem26.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2012-12-28 760032]
R3 RTSPER;@oem90.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-12-09 71288]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-03-27 551936]
R3 SynTP;@oem34.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-12-09 862840]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-08-11 41592]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-03-29 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-06 117248]
S3 DxVGrb;DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [2012-01-10 222464]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-08-18 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-08-18 30424]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem24.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-11-27 113880]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-04-24 29424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-18 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2016-03-02 1580352]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-03-02 3934184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-03-23 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-03-02 561104]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-02-07 1641768]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-04 1155376]
R2 hpsrv;@oem133.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-07-23 43320]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-12-25 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-02-22 129848]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2013-02-07 668984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-22 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-22 364856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-04 1872688]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-04 5568816]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937776]
R2 OneSyncSvc_a03bfb;Hostitel synchronizace_a03bfb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-03-27 339456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-12-09 260216]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-11-05 1001376]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_a03bfb;Data kontaktů_a03bfb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_378d658;Hostitel synchronizace_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8d98a98;Hostitel synchronizace_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-03-02 604144]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_378d658;Služba zasílání zpráv_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8d98a98;Služba zasílání zpráv_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_a03bfb;Služba zasílání zpráv_a03bfb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-12 149160]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_378d658;Data kontaktů_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8d98a98;Data kontaktů_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
# AdwCleaner v5.013 - Logfile created 13/10/2015 at 16:06:07
# Updated 09/10/2015 by Xplode
# Database : 2015-10-09.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : jiří mansfeld - MANY
# Running from : C:\Users\jiří mansfeld\Downloads\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[!] Service Not Deleted : sp_rsdrv2
[-] Service Deleted : winzipersvc
[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[-] Folder Deleted : C:\Program Files (x86)\WinZipper
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\ytd video downloader
[-] Folder Deleted : C:\ProgramData\4WdsManPro4
[-] Folder Deleted : C:\ProgramData\OWdsManProO
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage-journal
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal
[-] File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\Desktop\Spouštěč aplikací Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\uus3url-pl
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\ParetoLogic
[!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
[!] Key Not Deleted : HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
***** [ Web browsers ] *****
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://search.delta-homes.com/webfavicon.ico
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://search.delta-homes.com/web/?type=ds&ts=1444635848&z=97e011b7d37a1773640ab9bg7zdz7zcqdcdw4bdzbo&from=wpm07163&uid=3219913727_198339_C8F2D239&q={searchTerms}
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9124 bytes] ##########
# AdwCleaner v5.112 - Log soubor vytvořen 18/04/2016 o 11:51:20
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-17.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Jméno uživatele : jiří mansfeld - MANY
# Spuštěno z : C:\Users\jiří mansfeld\Desktop\adwcleaner_5.112.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazáno : C:\Program Files (x86)\Picexa
[-] Složka smazáno : C:\ProgramData\Avg_Update_0316avz
[-] Složka smazáno : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Soubory ] *****
[-] Soubor smazáno : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Soubor smazáno : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk
***** [ DLLs ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKCU\Software\Conduit
[-] Klávesa smazáno : HKLM\SOFTWARE\hdcode
[-] Klávesa smazáno : HKLM\SOFTWARE\TSv
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Picexa
***** [ Webové prohlížeče ] *****
[-] [C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\prefs.js] smazáno : user_pref("browser.search.defaultenginename", "omniboxes");
[-] [C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\prefs.js] smazáno : user_pref("browser.search.selectedEngine", "omniboxes");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [11120 bytes] - [13/10/2015 16:06:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [11895 bytes] - [13/10/2015 16:04:01]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11268 bytes] ##########
# Updated 09/10/2015 by Xplode
# Database : 2015-10-09.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : jiří mansfeld - MANY
# Running from : C:\Users\jiří mansfeld\Downloads\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[!] Service Not Deleted : sp_rsdrv2
[-] Service Deleted : winzipersvc
[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[-] Folder Deleted : C:\Program Files (x86)\WinZipper
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\ytd video downloader
[-] Folder Deleted : C:\ProgramData\4WdsManPro4
[-] Folder Deleted : C:\ProgramData\OWdsManProO
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage-journal
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
[-] File Deleted : C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal
[-] File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\Desktop\Spouštěč aplikací Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\uus3url-pl
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\ParetoLogic
[!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
[!] Key Not Deleted : HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
***** [ Web browsers ] *****
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://search.delta-homes.com/webfavicon.ico
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://search.delta-homes.com/web/?type=ds&ts=1444635848&z=97e011b7d37a1773640ab9bg7zdz7zcqdcdw4bdzbo&from=wpm07163&uid=3219913727_198339_C8F2D239&q={searchTerms}
[-] [C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9124 bytes] ##########
# AdwCleaner v5.112 - Log soubor vytvořen 18/04/2016 o 11:51:20
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-17.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Jméno uživatele : jiří mansfeld - MANY
# Spuštěno z : C:\Users\jiří mansfeld\Desktop\adwcleaner_5.112.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazáno : C:\Program Files (x86)\Picexa
[-] Složka smazáno : C:\ProgramData\Avg_Update_0316avz
[-] Složka smazáno : C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Soubory ] *****
[-] Soubor smazáno : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Soubor smazáno : C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk
***** [ DLLs ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKCU\Software\Conduit
[-] Klávesa smazáno : HKLM\SOFTWARE\hdcode
[-] Klávesa smazáno : HKLM\SOFTWARE\TSv
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Picexa
***** [ Webové prohlížeče ] *****
[-] [C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\prefs.js] smazáno : user_pref("browser.search.defaultenginename", "omniboxes");
[-] [C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\prefs.js] smazáno : user_pref("browser.search.selectedEngine", "omniboxes");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [11120 bytes] - [13/10/2015 16:06:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [11895 bytes] - [13/10/2015 16:04:01]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11268 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by jiří mansfeld at 2016-04-19 10:45:41
Microsoft Windows 10 Home
System drive C: has 260 GB (56%) free of 466 GB
Total RAM: 8124 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:45:44, on 19.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\trend micro\jiří mansfeld.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\programy instalace\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Google Update] "C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem133.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15527 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0895c8a9-5985-43b7-8858-014d845a2906 -SystemEventPortName:HostProcess-afd1fe94-92f5-46d4-9a34-c3b80fcedc31 -IoCancelEventPortName:HostProcess-65949771-c44e-4b1e-9f80-eda3a0db0bea -NonStateChangingEventPortName:HostProcess-ace7fd40-e117-49ca-89b6-13cbf51afe9a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aee0bf86-f86a-4ef3-a33f-1398149471cc -DeviceGroupId:
"C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\AVG\Av\avgfws.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\valWBFPolicyService.exe
dashost.exe {ede9c6ea-4def-4a8d-89cf290dfa6e1bed}
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-f488-107611fd5c16 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Program Files (x86)\AVG\Av\avgrsa.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\HP SimplePass\TouchControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe" -ServerName:RemindersServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxTray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2784
"C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Windows\System32\StikyNot.exe"
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
szndesktop.exe default start
"C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_10032_03C2F420_554659513 BT4823DF041B09 BitTorrent
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_10032_03C2F7E8_1834561943 BT4823DF041B09 BitTorrent
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
/fmw.trayonly
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
/TRAYONLY
"fontdrvhost.exe"
ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\TEMP\irstrtsv\scrncap.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 7f270fd2-1374-4d3f-b0ca-51af34fa926c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\TEMP\575D994B-944F-436C-97C5-C18BD284F95F\dismhost.exe {C799FAFD-A9A0-44D2-BD0E-1554A8544971}
"C:\Users\jiří mansfeld\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@authentec.com/ffwloplugin]
"Description"=
"Path"=C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-12-19 402344]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1234120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-10-04 1710568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-04 2654512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-03-27 1703424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\programy instalace\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-06-10 456576]
"Google Update"=C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
"OneDrive"=C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11 551104]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2015-10-30 465920]
"BitTorrent"=C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-04-09 1963016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-07-24 77088]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-12-25 1045304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-03-02 25512]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18 1085656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-18 20:23:15 ----HD---- C:\OneDriveTemp
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 08:54:41 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 08:54:37 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 08:54:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 08:54:22 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 08:54:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-04-13 08:54:19 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 08:54:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 08:54:15 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-04-13 08:54:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 08:54:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 08:54:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 08:54:10 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 08:54:07 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 08:54:03 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-04-13 08:54:02 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 08:53:54 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 08:53:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 08:53:33 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 08:53:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 08:53:17 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\wups.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 08:53:09 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
======List of files/folders modified in the last 1 month======
2016-04-19 10:45:44 ----D---- C:\WINDOWS\Prefetch
2016-04-19 10:45:42 ----D---- C:\Program Files\trend micro
2016-04-19 10:45:35 ----D---- C:\WINDOWS\Temp
2016-04-19 10:45:34 ----D---- C:\WINDOWS\AppReadiness
2016-04-19 10:43:55 ----D---- C:\WINDOWS\system32\sru
2016-04-19 10:43:31 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent
2016-04-19 10:41:48 ----D---- C:\ProgramData\MFAData
2016-04-18 20:28:05 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2016-04-18 20:22:42 ----D---- C:\WINDOWS\System32
2016-04-18 20:22:42 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-18 12:39:07 ----AD---- C:\Program Files (x86)\Sigma Data Center 4.0
2016-04-18 12:09:17 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-18 11:57:43 ----D---- C:\WINDOWS\INF
2016-04-18 11:57:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 11:51:54 ----SHDC---- C:\WINDOWS\Installer
2016-04-18 11:51:38 ----SHD---- C:\System Volume Information
2016-04-18 11:51:26 ----HD---- C:\ProgramData
2016-04-18 11:51:20 ----RD---- C:\Program Files (x86)
2016-04-18 11:49:27 ----D---- C:\AdwCleaner
2016-04-17 12:42:24 ----HD---- C:\Program Files\WindowsApps
2016-04-16 11:53:00 ----D---- C:\Windows
2016-04-15 16:15:30 ----D---- C:\WINDOWS\system32\config
2016-04-14 21:42:48 ----D---- C:\WINDOWS\rescache
2016-04-14 20:03:11 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-14 20:03:08 ----D---- C:\WINDOWS\WinSxS
2016-04-14 20:02:18 ----RD---- C:\WINDOWS\assembly
2016-04-13 22:01:52 ----D---- C:\WINDOWS\system32\drivers
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SysWOW64
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\Boot
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\appraiser
2016-04-13 21:08:42 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-13 21:08:41 ----D---- C:\WINDOWS\bcastdvr
2016-04-13 21:08:41 ----D---- C:\WINDOWS\AppPatch
2016-04-13 11:35:25 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 11:32:36 ----D---- C:\ProgramData\Microsoft Help
2016-04-13 11:31:42 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 09:14:38 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 08:40:20 ----D---- C:\WINDOWS\system32\catroot2
2016-04-06 20:32:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\wbem
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\migration
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\Dism
2016-03-31 10:06:46 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Media
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Fonts
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Portable Devices
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Media Player
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Journal
2016-03-31 10:06:44 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-31 10:06:43 ----D---- C:\Program Files\Internet Explorer
2016-03-29 12:06:18 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-03-29 11:53:26 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\system32\authuitu.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-03 378288]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-03-02 269232]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 hpdskflt;@oem133.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 Avgfwfd;@oem4.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-01-26 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-12-16 315840]
R1 dtsoftbus01;@oem87.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-22 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 Accelerometer;@oem133.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-07-23 43320]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-03-29 84992]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [2013-02-13 21048]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\imsevent.sys [2013-02-13 21048]
R3 irstrtdv;@oem100.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-12-12 43800]
R3 ISCT;@oem44.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-02-13 46568]
R3 iwdbus;@oem122.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem92.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-23 192312]
R3 netr28x;@oem52.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2015-06-12 2554528]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-11 11174544]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-04 19760]
R3 nvvad_WaveExtensible;@oem40.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 rtbth;@oem106.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-06-03 1219200]
R3 RTL8168;@oem26.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2012-12-28 760032]
R3 RTSPER;@oem90.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-12-09 71288]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-03-27 551936]
R3 SynTP;@oem34.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-12-09 862840]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-08-11 41592]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-03-29 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-06 117248]
S3 DxVGrb;DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [2012-01-10 222464]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-08-18 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-08-18 30424]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem24.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-11-27 113880]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-04-24 29424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-18 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2016-03-02 1580352]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-03-02 3934184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-03-02 561104]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-02-07 1641768]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-04 1155376]
R2 hpsrv;@oem133.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-07-23 43320]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-12-25 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-02-22 129848]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2013-02-07 668984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-22 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-22 364856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-04 1872688]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-04 5568816]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937776]
R2 OneSyncSvc_97b855;Hostitel synchronizace_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-03-27 339456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-12-09 260216]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-11-05 1001376]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_97b855;Data kontaktů_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_378d658;Hostitel synchronizace_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8d98a98;Hostitel synchronizace_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-03-02 604144]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_378d658;Služba zasílání zpráv_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8d98a98;Služba zasílání zpráv_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_97b855;Služba zasílání zpráv_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-12 149160]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_378d658;Data kontaktů_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8d98a98;Data kontaktů_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Run by jiří mansfeld at 2016-04-19 10:45:41
Microsoft Windows 10 Home
System drive C: has 260 GB (56%) free of 466 GB
Total RAM: 8124 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:45:44, on 19.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\trend micro\jiří mansfeld.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\programy instalace\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Google Update] "C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem133.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15527 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0895c8a9-5985-43b7-8858-014d845a2906 -SystemEventPortName:HostProcess-afd1fe94-92f5-46d4-9a34-c3b80fcedc31 -IoCancelEventPortName:HostProcess-65949771-c44e-4b1e-9f80-eda3a0db0bea -NonStateChangingEventPortName:HostProcess-ace7fd40-e117-49ca-89b6-13cbf51afe9a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aee0bf86-f86a-4ef3-a33f-1398149471cc -DeviceGroupId:
"C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\AVG\Av\avgfws.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\valWBFPolicyService.exe
dashost.exe {ede9c6ea-4def-4a8d-89cf290dfa6e1bed}
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-f488-107611fd5c16 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Program Files (x86)\AVG\Av\avgrsa.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\HP SimplePass\TouchControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe" -ServerName:RemindersServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxTray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2784
"C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Windows\System32\StikyNot.exe"
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
szndesktop.exe default start
"C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_10032_03C2F420_554659513 BT4823DF041B09 BitTorrent
"C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe" BitTorrent_10032_03C2F7E8_1834561943 BT4823DF041B09 BitTorrent
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
/fmw.trayonly
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
/TRAYONLY
"fontdrvhost.exe"
ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\TEMP\irstrtsv\scrncap.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 7f270fd2-1374-4d3f-b0ca-51af34fa926c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\TEMP\575D994B-944F-436C-97C5-C18BD284F95F\dismhost.exe {C799FAFD-A9A0-44D2-BD0E-1554A8544971}
"C:\Users\jiří mansfeld\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job - C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@authentec.com/ffwloplugin]
"Description"=
"Path"=C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-12-19 402344]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1234120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-10-04 1710568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-04 2654512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-03-27 1703424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\programy instalace\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-06-10 456576]
"Google Update"=C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
"OneDrive"=C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11 551104]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2015-10-30 465920]
"BitTorrent"=C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-04-09 1963016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-07-24 77088]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-12-25 1045304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-03-02 25512]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18 1085656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-18 20:23:15 ----HD---- C:\OneDriveTemp
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-04-13 08:54:44 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 08:54:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-04-13 08:54:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-04-13 08:54:41 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 08:54:41 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 08:54:40 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 08:54:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 08:54:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 08:54:37 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 08:54:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 08:54:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 08:54:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 08:54:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 08:54:23 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 08:54:22 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 08:54:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-04-13 08:54:19 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 08:54:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 08:54:17 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 08:54:15 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-04-13 08:54:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 08:54:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 08:54:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 08:54:10 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 08:54:09 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 08:54:07 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 08:54:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 08:54:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 08:54:04 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 08:54:03 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-04-13 08:54:02 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 08:54:01 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 08:54:00 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 08:53:59 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 08:53:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 08:53:57 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 08:53:56 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 08:53:55 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 08:53:54 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 08:53:53 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-04-13 08:53:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 08:53:51 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 08:53:50 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 08:53:49 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-04-13 08:53:48 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 08:53:48 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 08:53:47 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 08:53:46 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:45 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 08:53:41 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 08:53:40 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 08:53:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 08:53:38 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 08:53:37 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 08:53:36 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 08:53:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 08:53:33 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 08:53:32 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 08:53:31 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 08:53:30 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 08:53:29 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 08:53:28 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 08:53:27 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 08:53:26 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 08:53:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 08:53:25 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 08:53:24 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 08:53:22 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 08:53:21 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 08:53:20 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 08:53:19 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 08:53:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 08:53:17 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 08:53:17 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\wups.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 08:53:16 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 08:53:15 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 08:53:14 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 08:53:13 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 08:53:12 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-04-13 08:53:11 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 08:53:10 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 08:53:09 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
======List of files/folders modified in the last 1 month======
2016-04-19 10:45:44 ----D---- C:\WINDOWS\Prefetch
2016-04-19 10:45:42 ----D---- C:\Program Files\trend micro
2016-04-19 10:45:35 ----D---- C:\WINDOWS\Temp
2016-04-19 10:45:34 ----D---- C:\WINDOWS\AppReadiness
2016-04-19 10:43:55 ----D---- C:\WINDOWS\system32\sru
2016-04-19 10:43:31 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent
2016-04-19 10:41:48 ----D---- C:\ProgramData\MFAData
2016-04-18 20:28:05 ----D---- C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2016-04-18 20:22:42 ----D---- C:\WINDOWS\System32
2016-04-18 20:22:42 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-18 12:39:07 ----AD---- C:\Program Files (x86)\Sigma Data Center 4.0
2016-04-18 12:09:17 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-18 11:57:43 ----D---- C:\WINDOWS\INF
2016-04-18 11:57:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 11:51:54 ----SHDC---- C:\WINDOWS\Installer
2016-04-18 11:51:38 ----SHD---- C:\System Volume Information
2016-04-18 11:51:26 ----HD---- C:\ProgramData
2016-04-18 11:51:20 ----RD---- C:\Program Files (x86)
2016-04-18 11:49:27 ----D---- C:\AdwCleaner
2016-04-17 12:42:24 ----HD---- C:\Program Files\WindowsApps
2016-04-16 11:53:00 ----D---- C:\Windows
2016-04-15 16:15:30 ----D---- C:\WINDOWS\system32\config
2016-04-14 21:42:48 ----D---- C:\WINDOWS\rescache
2016-04-14 20:03:11 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-14 20:03:08 ----D---- C:\WINDOWS\WinSxS
2016-04-14 20:02:18 ----RD---- C:\WINDOWS\assembly
2016-04-13 22:01:52 ----D---- C:\WINDOWS\system32\drivers
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-04-13 21:08:47 ----D---- C:\WINDOWS\SysWOW64
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\Boot
2016-04-13 21:08:45 ----D---- C:\WINDOWS\system32\appraiser
2016-04-13 21:08:42 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-13 21:08:41 ----D---- C:\WINDOWS\bcastdvr
2016-04-13 21:08:41 ----D---- C:\WINDOWS\AppPatch
2016-04-13 11:35:25 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 11:32:36 ----D---- C:\ProgramData\Microsoft Help
2016-04-13 11:31:42 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 09:14:38 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 08:40:20 ----D---- C:\WINDOWS\system32\catroot2
2016-04-06 20:32:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-31 10:06:55 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\wbem
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\migration
2016-03-31 10:06:51 ----D---- C:\WINDOWS\system32\Dism
2016-03-31 10:06:46 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Media
2016-03-31 10:06:45 ----RSD---- C:\WINDOWS\Fonts
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-31 10:06:45 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Portable Devices
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Media Player
2016-03-31 10:06:44 ----D---- C:\Program Files\Windows Journal
2016-03-31 10:06:44 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-31 10:06:43 ----D---- C:\Program Files\Internet Explorer
2016-03-29 12:06:18 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-03-29 11:53:26 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\uxtuneup.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2016-03-29 11:53:04 ----A---- C:\WINDOWS\system32\authuitu.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-03 378288]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-03-02 269232]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 hpdskflt;@oem133.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 Avgfwfd;@oem4.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-01-26 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-12-16 315840]
R1 dtsoftbus01;@oem87.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-22 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 Accelerometer;@oem133.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-07-23 43320]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-03-29 84992]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [2013-02-13 21048]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\imsevent.sys [2013-02-13 21048]
R3 irstrtdv;@oem100.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-12-12 43800]
R3 ISCT;@oem44.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-02-13 46568]
R3 iwdbus;@oem122.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem92.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-23 192312]
R3 netr28x;@oem52.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2015-06-12 2554528]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-11 11174544]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-04 19760]
R3 nvvad_WaveExtensible;@oem40.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 rtbth;@oem106.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-06-03 1219200]
R3 RTL8168;@oem26.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2012-12-28 760032]
R3 RTSPER;@oem90.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-12-09 71288]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-03-27 551936]
R3 SynTP;@oem34.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-12-09 862840]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-08-11 41592]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-03-29 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-06 117248]
S3 DxVGrb;DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [2012-01-10 222464]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-08-18 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-08-18 30424]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem24.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-11-27 113880]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-04-24 29424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-18 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2016-03-02 1580352]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-03-02 3934184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-03-02 561104]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-02-07 1641768]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-04 1155376]
R2 hpsrv;@oem133.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-07-23 43320]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-12-25 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-02-22 129848]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2013-02-07 668984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-22 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-22 364856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-04 1872688]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-04 5568816]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937776]
R2 OneSyncSvc_97b855;Hostitel synchronizace_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-03-27 339456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-12-09 260216]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-11-05 1001376]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_97b855;Data kontaktů_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_378d658;Hostitel synchronizace_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8d98a98;Hostitel synchronizace_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-03-02 604144]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_378d658;Služba zasílání zpráv_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8d98a98;Služba zasílání zpráv_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_97b855;Služba zasílání zpráv_97b855; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-12 149160]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_378d658;Data kontaktů_378d658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8d98a98;Data kontaktů_8d98a98; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Chtěl jsem FRST, ne RSIT. Ten se někdy k win 10 chová nekorektně.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by jiří mansfeld (2016-04-20 22:14:27)
Running from C:\Users\jiří mansfeld\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-06 21:13:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3882090170-638525116-1017874946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3882090170-638525116-1017874946-503 - Limited - Disabled)
Guest (S-1-5-21-3882090170-638525116-1017874946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3882090170-638525116-1017874946-1004 - Limited - Enabled)
jiří mansfeld (S-1-5-21-3882090170-638525116-1017874946-1002 - Administrator - Enabled) => C:\Users\jiří mansfeld
Lenka (S-1-5-21-3882090170-638525116-1017874946-1005 - Limited - Enabled) => C:\Users\Lenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee Pro 6 (HKLM\...\{CAF674E0-808C-4CF4-8868-A755EBABA228}) (Version: 6.3.221 - ACD Systems International Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.5.15.46 (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4556 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.32.2.3320 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.32.5 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (01/04/2013 5.1.2600.5512) (HKLM\...\08AE394D2BC5301A3A34A857B6DA63FB7C7B050A) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (HKLM\...\A4116E16EA28F359FEA424C9A3780F9D6A08961B) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (HKLM\...\DCCAC4C88E429408A2DDF8C0C5BAEB9187FA5713) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitTorrent (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\BitTorrent) (Version: 7.9.6.42095 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52bbf1751c6) (Version: 1.0.0.0 - Conexant Systems)
Cool Photo Transfer (HKLM-x32\...\{6BBA6CB2-B3B6-449F-8802-F2B537A2472A}) (Version: 1.0.0.0 - Kerim Kaynakci)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
GRID (HKLM-x32\...\{156C3E4C-4C12-4BD3-9CD4-F2F858A2458B}) (Version: 1.20.0000 - Codemasters)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{0FEE0C28-850D-4AC0-92E7-57D214134102}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{F971B444-C3D5-4AFD-A891-32B9DF79EBC7}) (Version: 4.0.41.2072 - Intel)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
PCM.daily Expansion Pack 2015 V1.6 (HKLM-x32\...\PCM.daily Expansion Pack 2015 V1.6) (Version: V1.6 - PCM.daily)
PCM.daily Expansion Pack V1.0 (HKLM-x32\...\PCM.daily Expansion Pack V1.0) (Version: V1.0 - PCM.daily)
Pesgalaxy.com Patch 2016 (HKLM-x32\...\Pesgalaxy.com Patch 2016 1.00) (Version: 1.00 - Pesgalaxy)
Pesgalaxy.com Patch 2016 DLC Installer (HKLM-x32\...\Pesgalaxy.com Patch 2016 DLC Installer 1.00) (Version: 1.00 - Pesgalaxy)
Pro Cycling Manager 2015 (HKLM-x32\...\Pro Cycling Manager 2015_is1) (Version: - )
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Ralink Bluetooth Stack (HKLM\...\{49AA3AFC-37F9-94C8-BFC6-43E7DCE88C77}) (Version: 11.0.752.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Seznam Software (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sigma Data Center 4.0 (HKLM-x32\...\Sigma Data Center4.0) (Version: 4.0 - Sigma Elektro GmbH)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.11.201408051401 - Sony Mobile Communications AB)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.4.5.2 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SuperBeam version 1.2.0 (HKLM-x32\...\{1E690789-503A-4733-B224-7FE1DA597F2A}_is1) (Version: 1.2.0 - MukaBits)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
This War of Mine verze 1.4.1 (HKLM-x32\...\This War of Mine_is1) (Version: 1.4.1 - 11 bit studios)
Ulož.to File Manager verze 1.7 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Video Grabber (HKLM\...\Uninstaller52bbf1762ff) (Version: 1.0.0.0 - Conexant Systems)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00B5551F-F79F-4F37-B310-E2D47C14E5A2} - System32\Tasks\Java Updater => C:\Users\jiří mansfeld\AppData\Roaming\nircmd.exe
Task: {2BB25024-3400-41E3-9495-51AEC2F1B612} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3082DD05-89A4-46D4-9E95-9720B3BE5946} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-03-29] (AVG Technologies CZ, s.r.o.)
Task: {3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {417B18C7-7C01-4582-B890-191968AFA8F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {458FD1C4-E33B-44D0-947B-1DF0825D3011} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {477B72EE-1B13-49DD-912A-E4183318E143} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: {4EE7E6D0-E2E8-4506-8A4F-530EB834B293} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18] (Adobe Systems Incorporated)
Task: {62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {642FFDC2-62E4-4357-B832-BCDE89CD5E92} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {700E46DB-18A0-4F9C-922C-FED117BDD162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {874CBD39-019B-458E-BB22-946FB842C1BE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-12-09] (Synaptics Incorporated)
Task: {87D74A9A-36D1-4334-BC12-47076C351F07} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90E2852C-B0FE-4FAF-B49D-DE9EE191B22F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A2278703-C982-420A-B798-94568ABDBAE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6B0AD59-187C-4C2F-8F59-BFA6714829BB} - System32\Tasks\Google Update => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E62781C5-04C7-434F-BDF8-79CFD2EDB905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F21F60EE-D2A0-452A-BB82-B14ACD814EF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F2930F32-E527-480C-9A90-44B37E0C7C8E} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-02-07] (Intel)
Task: {F3FE141F-7FE1-4255-8C1C-EC8F6456F9BC} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {F57B6619-6019-418D-B781-357B6EB0F150} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {FC1D03E5-C0BB-45A0-A440-8184977DA0EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-19 14:21 - 2013-03-19 14:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-06 22:44 - 2015-08-07 06:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-27 12:42 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\23776libfoxloader-x64.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-13 08:53 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-07 10:40 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2013-02-07 09:19 - 2013-02-07 09:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2016-04-13 08:53 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 08:54 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 08:54 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-24 15:06 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2013-09-24 15:06 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-04-19 10:46 - 2016-04-19 10:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-05 20:21 - 2016-03-05 20:22 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
2016-01-21 13:47 - 2016-01-21 13:47 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 12:48 - 2015-12-15 12:48 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-29 15:16 - 2016-03-29 15:16 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 15:16 - 2016-03-29 15:16 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 20:42 - 2016-03-03 20:43 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-17 12:42 - 2016-04-17 12:42 - 00016384 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe
2016-04-17 12:42 - 2016-04-17 12:42 - 14124032 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 02037760 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsApp.exe
2016-04-19 10:46 - 2016-04-19 10:46 - 03794432 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsCore.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 00318976 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsPresenters.dll
2016-03-17 09:04 - 2016-03-17 09:04 - 00335360 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll
2013-09-06 07:26 - 2013-02-16 02:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-14 21:31 - 2015-10-04 10:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 12:42 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\23776libfoxloader.dll
2013-09-24 15:06 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-04-13 22:02 - 2016-04-13 22:02 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-05 20:21 - 2016-03-05 20:22 - 11346944 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2016-03-05 20:21 - 2016-03-05 20:22 - 00938496 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-09-11 07:57 - 2015-09-11 08:02 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [242]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2015-10-19 08:42 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jiří mansfeld\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\space-expedition-1920x1080-wallpaper-5304.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\StartupApproved\Run: => "Sony PC Companion"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8627B829-2858-4E2F-B6A8-0CCE0A3CB1CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{5A90C0C4-9EF9-4440-AC05-BABAA30954D1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{E414EA4C-54EC-4345-A643-42FF994D2483}C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{6F396106-69DD-4242-AD62-4D135AE80200}C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{51B0E631-C038-4549-8497-54C29DD0CCAF}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{57C4CF1C-EC7E-4E2B-8662-7ADF7448CC49}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{C9EEA64B-B2C9-43C2-B2C9-88CFB4DE24E7}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe
FirewallRules: [{73B9BDC4-9700-47A5-B0BA-64D249CA397B}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe
FirewallRules: [UDP Query User{2E922A0A-F81E-4743-8343-B43BA3139342}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{E6B09D3C-18A8-4326-B167-2E13DB9319DD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{4E6994FB-B552-4DFB-A7D6-77C12098B92B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E793F007-35CE-45D5-A20B-FC3F1A50F17D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8C035B0D-B73D-44AC-872F-D1E975C0BFFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{838E7B67-C52E-426D-89AB-24D88DFC9DDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{77C80F48-4222-472B-BBE0-D2EFFDDD8A66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{C3672A1E-A6DA-4861-96D1-16550107FF91}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{8A4E4645-F337-491B-A86F-AF799C6923EC}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{C5B045B7-CD6F-4A92-A97C-09C5C5408B69}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{0243FD59-8FA7-47BC-A045-00C905D7F532}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8456A0CB-CBAB-49EE-9C67-EC92326E2CAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B899A689-6E41-4056-87E5-774BBDF8EC4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E755076E-A7AE-494B-9558-530F4B9454F3}C:\program files (x86)\cool photo transfer\coolphototransfer.exe] => (Allow) C:\program files (x86)\cool photo transfer\coolphototransfer.exe
FirewallRules: [TCP Query User{F1097E71-6A26-44D2-984D-385358E1AC9C}C:\program files (x86)\cool photo transfer\coolphototransfer.exe] => (Allow) C:\program files (x86)\cool photo transfer\coolphototransfer.exe
FirewallRules: [{74E9C9FC-0662-40AB-9F7E-44433181656E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FE82B5F0-F655-4362-8844-8BC70F167CD6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B748FBC1-153A-482C-9EC2-300A6181BE00}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A8067E92-45F4-4ECB-B3C1-59786FF60319}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95C31E89-1646-44BF-A0D2-D025343015FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0318CF2A-FCB1-459E-AE4E-4AB4CC447822}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8C814EA8-DC7A-4DE4-B5C4-700294A4A935}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9EE48123-478E-4D7E-8D5E-5B092A53DC09}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{2F3D3361-9F49-4FCE-8E2A-63CF091ED316}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{8C1500B3-6B86-4AAC-823F-FD4D4D701AF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96138CD4-4A8D-4C21-B477-703102FDFEFA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{DC83991F-8CD3-4705-A91D-273A2292D430}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DE3E7469-DC03-406B-9F39-2280106C3012}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{F432CAB6-DE86-42ED-B105-3A7A296D921B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FB8C1CF4-34F9-485F-AE37-1C89F61C8696}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FB273090-CDB6-4AF6-9B48-F06E7D6CDE11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525047D7-578E-422B-8B34-15740AF2C5E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B93EDA0-56E7-46C5-B4A4-53D05AE5A14E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{15BB120C-DAA9-44E6-A7FA-CB802D3E14D7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F09ED86B-99DF-4924-BD0C-D85F42565463}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9816EAAD-21D8-43ED-A543-1A736FDA67FD}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{E8CD16A7-8414-4029-B56B-0F4D360FBAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C380475-1FAA-42A4-8480-F6B9C88BB3EF}] => (Allow) LPort=2869
FirewallRules: [{9AD3BD4B-A1C4-4211-A60B-C9C2D21E36F6}] => (Allow) LPort=1900
FirewallRules: [{CD9663A1-B4A3-485E-9E69-6339945D10AC}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BC278179-0FBF-44F2-89D2-6A6788948E34}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E448590C-8999-40F3-9355-7DADADCADE61}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{91E452FB-CA32-4CDD-AB60-78C8A6C635A8}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B38E120D-07A5-45C1-A0F4-64910E7C942B}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C8E90840-3B7C-4A72-87F4-80609CDABB53}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{84518207-9535-4E12-89B7-85C8F655B8FE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E9EE200A-7147-483D-A18E-E8AC819CF0BA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{6C0EC599-FF44-4BCC-B645-70A65DC12604}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D6321C6F-27E6-4CB9-98CF-26F183B46EA1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E7AE36C7-C3DA-478E-B10A-E0F2EAD88F31}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{148207E0-4C30-4EA4-BBAE-4CE7D429FA74}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Restore Points =========================
05-04-2016 19:41:35 Windows Update
13-04-2016 09:12:44 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/20/2016 10:01:48 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: MANY)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/19/2016 02:40:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamNetworkService.exe, verze: 4.1.2002.3517, časové razítko: 0x56108262
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.122, časové razítko: 0x56cbf9dd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ee6dc
ID chybujícího procesu: 0x3928
Čas spuštění chybující aplikace: 0xNvStreamNetworkService.exe0
Cesta k chybující aplikaci: NvStreamNetworkService.exe1
Cesta k chybujícímu modulu: NvStreamNetworkService.exe2
ID zprávy: NvStreamNetworkService.exe3
Úplný název chybujícího balíčku: NvStreamNetworkService.exe4
ID aplikace související s chybujícím balíčkem: NvStreamNetworkService.exe5
Error: (04/18/2016 08:22:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x2f40
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/18/2016 12:22:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeHost.exe, verze: 10.1.2123.10, časové razítko: 0x569054dc
Název chybujícího modulu: SkyWrap.dll, verze: 10.1.2123.10, časové razítko: 0x569054c9
Kód výjimky: 0xc0000005
Posun chyby: 0x00ac6197
ID chybujícího procesu: 0x188c
Čas spuštění chybující aplikace: 0xSkypeHost.exe0
Cesta k chybující aplikaci: SkypeHost.exe1
Cesta k chybujícímu modulu: SkypeHost.exe2
ID zprávy: SkypeHost.exe3
Úplný název chybujícího balíčku: SkypeHost.exe4
ID aplikace související s chybujícím balíčkem: SkypeHost.exe5
Error: (04/18/2016 11:53:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x1bec
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/18/2016 11:44:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x1acc
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/17/2016 12:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x250c
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
System errors:
=============
Error: (04/18/2016 08:25:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/18/2016 03:21:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avgsvc bylo dosaženo časového limitu (30000 ms).
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (04/18/2016 11:55:57 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/18/2016 11:51:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Úložiště uživatelských dat_1129c37 bylo dosaženo časového limitu (30000 ms).
Error: (04/18/2016 11:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_1129c37 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-04-20 22:13:35.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:13:35.505
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:01:42.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:01:42.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 19:22:10.587
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 19:22:10.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 15:04:20.423
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 15:04:20.413
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 14:41:33.127
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 14:41:33.116
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8124.02 MB
Available physical RAM: 4926.21 MB
Total Virtual: 9404.02 MB
Available Virtual: 6308.05 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:455.42 GB) (Free:253.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.23 GB) (Free:1.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (space) (Fixed) (Total:454.86 GB) (Free:227.58 GB) NTFS
Drive f: (Pro Cycling Manager 2015) (CDROM) (Total:6.93 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 19C63C3C)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by jiří mansfeld (2016-04-20 22:14:27)
Running from C:\Users\jiří mansfeld\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-06 21:13:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3882090170-638525116-1017874946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3882090170-638525116-1017874946-503 - Limited - Disabled)
Guest (S-1-5-21-3882090170-638525116-1017874946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3882090170-638525116-1017874946-1004 - Limited - Enabled)
jiří mansfeld (S-1-5-21-3882090170-638525116-1017874946-1002 - Administrator - Enabled) => C:\Users\jiří mansfeld
Lenka (S-1-5-21-3882090170-638525116-1017874946-1005 - Limited - Enabled) => C:\Users\Lenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee Pro 6 (HKLM\...\{CAF674E0-808C-4CF4-8868-A755EBABA228}) (Version: 6.3.221 - ACD Systems International Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.5.15.46 (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4556 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.32.2.3320 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.32.5 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (01/04/2013 5.1.2600.5512) (HKLM\...\08AE394D2BC5301A3A34A857B6DA63FB7C7B050A) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (HKLM\...\A4116E16EA28F359FEA424C9A3780F9D6A08961B) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (HKLM\...\DCCAC4C88E429408A2DDF8C0C5BAEB9187FA5713) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitTorrent (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\BitTorrent) (Version: 7.9.6.42095 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52bbf1751c6) (Version: 1.0.0.0 - Conexant Systems)
Cool Photo Transfer (HKLM-x32\...\{6BBA6CB2-B3B6-449F-8802-F2B537A2472A}) (Version: 1.0.0.0 - Kerim Kaynakci)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
GRID (HKLM-x32\...\{156C3E4C-4C12-4BD3-9CD4-F2F858A2458B}) (Version: 1.20.0000 - Codemasters)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{0FEE0C28-850D-4AC0-92E7-57D214134102}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{F971B444-C3D5-4AFD-A891-32B9DF79EBC7}) (Version: 4.0.41.2072 - Intel)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
PCM.daily Expansion Pack 2015 V1.6 (HKLM-x32\...\PCM.daily Expansion Pack 2015 V1.6) (Version: V1.6 - PCM.daily)
PCM.daily Expansion Pack V1.0 (HKLM-x32\...\PCM.daily Expansion Pack V1.0) (Version: V1.0 - PCM.daily)
Pesgalaxy.com Patch 2016 (HKLM-x32\...\Pesgalaxy.com Patch 2016 1.00) (Version: 1.00 - Pesgalaxy)
Pesgalaxy.com Patch 2016 DLC Installer (HKLM-x32\...\Pesgalaxy.com Patch 2016 DLC Installer 1.00) (Version: 1.00 - Pesgalaxy)
Pro Cycling Manager 2015 (HKLM-x32\...\Pro Cycling Manager 2015_is1) (Version: - )
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Ralink Bluetooth Stack (HKLM\...\{49AA3AFC-37F9-94C8-BFC6-43E7DCE88C77}) (Version: 11.0.752.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Seznam Software (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sigma Data Center 4.0 (HKLM-x32\...\Sigma Data Center4.0) (Version: 4.0 - Sigma Elektro GmbH)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.11.201408051401 - Sony Mobile Communications AB)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.4.5.2 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SuperBeam version 1.2.0 (HKLM-x32\...\{1E690789-503A-4733-B224-7FE1DA597F2A}_is1) (Version: 1.2.0 - MukaBits)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
This War of Mine verze 1.4.1 (HKLM-x32\...\This War of Mine_is1) (Version: 1.4.1 - 11 bit studios)
Ulož.to File Manager verze 1.7 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Video Grabber (HKLM\...\Uninstaller52bbf1762ff) (Version: 1.0.0.0 - Conexant Systems)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3882090170-638525116-1017874946-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00B5551F-F79F-4F37-B310-E2D47C14E5A2} - System32\Tasks\Java Updater => C:\Users\jiří mansfeld\AppData\Roaming\nircmd.exe
Task: {2BB25024-3400-41E3-9495-51AEC2F1B612} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3082DD05-89A4-46D4-9E95-9720B3BE5946} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-03-29] (AVG Technologies CZ, s.r.o.)
Task: {3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {417B18C7-7C01-4582-B890-191968AFA8F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {458FD1C4-E33B-44D0-947B-1DF0825D3011} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {477B72EE-1B13-49DD-912A-E4183318E143} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: {4EE7E6D0-E2E8-4506-8A4F-530EB834B293} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18] (Adobe Systems Incorporated)
Task: {62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {642FFDC2-62E4-4357-B832-BCDE89CD5E92} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {700E46DB-18A0-4F9C-922C-FED117BDD162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {874CBD39-019B-458E-BB22-946FB842C1BE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-12-09] (Synaptics Incorporated)
Task: {87D74A9A-36D1-4334-BC12-47076C351F07} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90E2852C-B0FE-4FAF-B49D-DE9EE191B22F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A2278703-C982-420A-B798-94568ABDBAE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6B0AD59-187C-4C2F-8F59-BFA6714829BB} - System32\Tasks\Google Update => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E62781C5-04C7-434F-BDF8-79CFD2EDB905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F21F60EE-D2A0-452A-BB82-B14ACD814EF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F2930F32-E527-480C-9A90-44B37E0C7C8E} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-02-07] (Intel)
Task: {F3FE141F-7FE1-4255-8C1C-EC8F6456F9BC} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {F57B6619-6019-418D-B781-357B6EB0F150} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {FC1D03E5-C0BB-45A0-A440-8184977DA0EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-19 14:21 - 2013-03-19 14:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-06 22:44 - 2015-08-07 06:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-27 12:42 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\23776libfoxloader-x64.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-13 08:53 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-07 10:40 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2013-02-07 09:19 - 2013-02-07 09:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2016-04-13 08:53 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 08:54 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 08:54 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-24 15:06 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2013-09-24 15:06 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-04-19 10:46 - 2016-04-19 10:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-05 20:21 - 2016-03-05 20:22 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
2016-01-21 13:47 - 2016-01-21 13:47 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 12:48 - 2015-12-15 12:48 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-29 15:16 - 2016-03-29 15:16 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 15:16 - 2016-03-29 15:16 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 20:42 - 2016-03-03 20:43 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-17 12:42 - 2016-04-17 12:42 - 00016384 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe
2016-04-17 12:42 - 2016-04-17 12:42 - 14124032 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 02037760 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsApp.exe
2016-04-19 10:46 - 2016-04-19 10:46 - 03794432 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsCore.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 00318976 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsPresenters.dll
2016-03-17 09:04 - 2016-03-17 09:04 - 00335360 _____ () C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll
2013-09-06 07:26 - 2013-02-16 02:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-14 21:31 - 2015-10-04 10:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 12:42 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\23776libfoxloader.dll
2013-09-24 15:06 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-04-13 22:02 - 2016-04-13 22:02 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 10:46 - 2016-04-19 10:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-05 20:21 - 2016-03-05 20:22 - 11346944 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2016-03-05 20:21 - 2016-03-05 20:22 - 00938496 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-09-11 07:57 - 2015-09-11 08:02 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [242]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2015-10-19 08:42 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jiří mansfeld\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\space-expedition-1920x1080-wallpaper-5304.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\StartupApproved\Run: => "Sony PC Companion"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8627B829-2858-4E2F-B6A8-0CCE0A3CB1CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{5A90C0C4-9EF9-4440-AC05-BABAA30954D1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{E414EA4C-54EC-4345-A643-42FF994D2483}C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{6F396106-69DD-4242-AD62-4D135AE80200}C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) C:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{51B0E631-C038-4549-8497-54C29DD0CCAF}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{57C4CF1C-EC7E-4E2B-8662-7ADF7448CC49}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{C9EEA64B-B2C9-43C2-B2C9-88CFB4DE24E7}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe
FirewallRules: [{73B9BDC4-9700-47A5-B0BA-64D249CA397B}] => (Allow) C:\Program Files (x86)\Codemasters\GRID\GRID.exe
FirewallRules: [UDP Query User{2E922A0A-F81E-4743-8343-B43BA3139342}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{E6B09D3C-18A8-4326-B167-2E13DB9319DD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{4E6994FB-B552-4DFB-A7D6-77C12098B92B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E793F007-35CE-45D5-A20B-FC3F1A50F17D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8C035B0D-B73D-44AC-872F-D1E975C0BFFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{838E7B67-C52E-426D-89AB-24D88DFC9DDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{77C80F48-4222-472B-BBE0-D2EFFDDD8A66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{C3672A1E-A6DA-4861-96D1-16550107FF91}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{8A4E4645-F337-491B-A86F-AF799C6923EC}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{C5B045B7-CD6F-4A92-A97C-09C5C5408B69}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{0243FD59-8FA7-47BC-A045-00C905D7F532}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8456A0CB-CBAB-49EE-9C67-EC92326E2CAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B899A689-6E41-4056-87E5-774BBDF8EC4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E755076E-A7AE-494B-9558-530F4B9454F3}C:\program files (x86)\cool photo transfer\coolphototransfer.exe] => (Allow) C:\program files (x86)\cool photo transfer\coolphototransfer.exe
FirewallRules: [TCP Query User{F1097E71-6A26-44D2-984D-385358E1AC9C}C:\program files (x86)\cool photo transfer\coolphototransfer.exe] => (Allow) C:\program files (x86)\cool photo transfer\coolphototransfer.exe
FirewallRules: [{74E9C9FC-0662-40AB-9F7E-44433181656E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FE82B5F0-F655-4362-8844-8BC70F167CD6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B748FBC1-153A-482C-9EC2-300A6181BE00}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A8067E92-45F4-4ECB-B3C1-59786FF60319}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95C31E89-1646-44BF-A0D2-D025343015FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0318CF2A-FCB1-459E-AE4E-4AB4CC447822}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8C814EA8-DC7A-4DE4-B5C4-700294A4A935}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9EE48123-478E-4D7E-8D5E-5B092A53DC09}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{2F3D3361-9F49-4FCE-8E2A-63CF091ED316}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{8C1500B3-6B86-4AAC-823F-FD4D4D701AF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96138CD4-4A8D-4C21-B477-703102FDFEFA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{DC83991F-8CD3-4705-A91D-273A2292D430}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DE3E7469-DC03-406B-9F39-2280106C3012}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{F432CAB6-DE86-42ED-B105-3A7A296D921B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FB8C1CF4-34F9-485F-AE37-1C89F61C8696}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FB273090-CDB6-4AF6-9B48-F06E7D6CDE11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525047D7-578E-422B-8B34-15740AF2C5E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B93EDA0-56E7-46C5-B4A4-53D05AE5A14E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{15BB120C-DAA9-44E6-A7FA-CB802D3E14D7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F09ED86B-99DF-4924-BD0C-D85F42565463}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9816EAAD-21D8-43ED-A543-1A736FDA67FD}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{E8CD16A7-8414-4029-B56B-0F4D360FBAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C380475-1FAA-42A4-8480-F6B9C88BB3EF}] => (Allow) LPort=2869
FirewallRules: [{9AD3BD4B-A1C4-4211-A60B-C9C2D21E36F6}] => (Allow) LPort=1900
FirewallRules: [{CD9663A1-B4A3-485E-9E69-6339945D10AC}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BC278179-0FBF-44F2-89D2-6A6788948E34}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E448590C-8999-40F3-9355-7DADADCADE61}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{91E452FB-CA32-4CDD-AB60-78C8A6C635A8}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B38E120D-07A5-45C1-A0F4-64910E7C942B}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C8E90840-3B7C-4A72-87F4-80609CDABB53}] => (Allow) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{84518207-9535-4E12-89B7-85C8F655B8FE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E9EE200A-7147-483D-A18E-E8AC819CF0BA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{6C0EC599-FF44-4BCC-B645-70A65DC12604}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D6321C6F-27E6-4CB9-98CF-26F183B46EA1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E7AE36C7-C3DA-478E-B10A-E0F2EAD88F31}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{148207E0-4C30-4EA4-BBAE-4CE7D429FA74}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Restore Points =========================
05-04-2016 19:41:35 Windows Update
13-04-2016 09:12:44 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/20/2016 10:01:48 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: MANY)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141
Error: (04/19/2016 07:39:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/19/2016 02:40:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamNetworkService.exe, verze: 4.1.2002.3517, časové razítko: 0x56108262
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.122, časové razítko: 0x56cbf9dd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ee6dc
ID chybujícího procesu: 0x3928
Čas spuštění chybující aplikace: 0xNvStreamNetworkService.exe0
Cesta k chybující aplikaci: NvStreamNetworkService.exe1
Cesta k chybujícímu modulu: NvStreamNetworkService.exe2
ID zprávy: NvStreamNetworkService.exe3
Úplný název chybujícího balíčku: NvStreamNetworkService.exe4
ID aplikace související s chybujícím balíčkem: NvStreamNetworkService.exe5
Error: (04/18/2016 08:22:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x2f40
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/18/2016 12:22:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeHost.exe, verze: 10.1.2123.10, časové razítko: 0x569054dc
Název chybujícího modulu: SkyWrap.dll, verze: 10.1.2123.10, časové razítko: 0x569054c9
Kód výjimky: 0xc0000005
Posun chyby: 0x00ac6197
ID chybujícího procesu: 0x188c
Čas spuštění chybující aplikace: 0xSkypeHost.exe0
Cesta k chybující aplikaci: SkypeHost.exe1
Cesta k chybujícímu modulu: SkypeHost.exe2
ID zprávy: SkypeHost.exe3
Úplný název chybujícího balíčku: SkypeHost.exe4
ID aplikace související s chybujícím balíčkem: SkypeHost.exe5
Error: (04/18/2016 11:53:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x1bec
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/18/2016 11:44:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x1acc
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
Error: (04/17/2016 12:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4331, časové razítko: 0x564cc83e
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x250c
Čas spuštění chybující aplikace: 0xigfxHK.exe0
Cesta k chybující aplikaci: igfxHK.exe1
Cesta k chybujícímu modulu: igfxHK.exe2
ID zprávy: igfxHK.exe3
Úplný název chybujícího balíčku: igfxHK.exe4
ID aplikace související s chybujícím balíčkem: igfxHK.exe5
System errors:
=============
Error: (04/18/2016 08:25:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/18/2016 03:21:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avgsvc bylo dosaženo časového limitu (30000 ms).
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_755f5 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/18/2016 03:21:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (04/18/2016 11:55:57 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/18/2016 11:51:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Úložiště uživatelských dat_1129c37 bylo dosaženo časového limitu (30000 ms).
Error: (04/18/2016 11:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_1129c37 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-04-20 22:13:35.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:13:35.505
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:01:42.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-20 22:01:42.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 19:22:10.587
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 19:22:10.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 15:04:20.423
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 15:04:20.413
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 14:41:33.127
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 14:41:33.116
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8124.02 MB
Available physical RAM: 4926.21 MB
Total Virtual: 9404.02 MB
Available Virtual: 6308.05 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:455.42 GB) (Free:253.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.23 GB) (Free:1.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (space) (Fixed) (Total:454.86 GB) (Free:227.58 GB) NTFS
Drive f: (Pro Cycling Manager 2015) (CDROM) (Total:6.93 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 19C63C3C)
Partition: GPT.
==================== End of Addition.txt ============================
Re: prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jiří mansfeld (administrator) on MANY (20-04-2016 22:13:47)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe
() C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxTsr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-03-27] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [DAEMON Tools Lite] => C:\programy instalace\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Google Update] => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [BitTorrent] => C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe [1963016 2016-04-09] (BitTorrent Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [232960 2015-10-30] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2015-10-12] [not signed]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.omniboxes.com/?type=hp&ts=144862075 ... 9_C8F2D239
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1580352 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2014-03-27] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4584208 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [49424 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71288 2015-12-09] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-20 22:13 - 2016-04-20 22:14 - 00029460 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2016-04-20 22:11 - 2016-04-20 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\jiří mansfeld\Downloads\Nepotvrzeno 330631.crdownload
2016-04-20 22:09 - 2016-04-20 22:13 - 02375680 _____ (Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe
2016-04-19 10:48 - 2016-04-19 10:48 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\win7
2016-04-18 20:23 - 2016-04-18 20:23 - 00000000 ___HD C:\OneDriveTemp
2016-04-18 12:37 - 2016-04-18 12:38 - 46585520 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-4.0.11-021.exe
2016-04-18 11:47 - 2016-04-18 11:49 - 03683904 _____ C:\Users\jiří mansfeld\Desktop\adwcleaner_5.112.exe
2016-04-16 11:51 - 2016-04-16 11:56 - 01222144 _____ C:\Users\jiří mansfeld\Desktop\RSITx64.exe
2016-04-16 11:51 - 2016-04-16 11:51 - 01107968 _____ C:\Users\jiří mansfeld\Desktop\RSIT.exe
2016-04-13 16:15 - 2016-04-18 20:23 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\BitTorrent
2016-04-13 11:27 - 2016-04-13 11:27 - 00217190 _____ C:\Users\jiří mansfeld\Downloads\mseno-dobrovice-bakov-mb-mseno.gpx
2016-04-13 08:54 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 08:54 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 08:54 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 08:54 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 08:54 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 08:54 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 08:54 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 08:54 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 08:54 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 08:54 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 08:54 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 08:54 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 08:54 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 08:54 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 08:54 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 08:54 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 08:54 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 08:54 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 08:54 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 08:54 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 08:54 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 08:54 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 08:54 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 08:54 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 08:54 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 08:54 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 08:54 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 08:54 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 08:54 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 08:54 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 08:54 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 08:54 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 08:54 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 08:54 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 08:54 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 08:54 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 08:54 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 08:54 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 08:54 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 08:54 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 08:54 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 08:54 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 08:54 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 08:54 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 08:54 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 08:54 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 08:54 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 08:54 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 08:54 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 08:54 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 08:54 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 08:54 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 08:54 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 08:54 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 08:54 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 08:54 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 08:54 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 08:54 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 08:54 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 08:54 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 08:54 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 08:54 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 08:54 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 08:54 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 08:54 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 08:53 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 08:53 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 08:53 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 08:53 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 08:53 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 08:53 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 08:53 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 08:53 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 08:53 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 08:53 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 08:53 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 08:53 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 08:53 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 08:53 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 08:53 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 08:53 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 08:53 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 08:53 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 08:53 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 08:53 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 08:53 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 08:53 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 08:53 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 08:53 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 08:53 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 08:53 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 08:53 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 08:53 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 08:53 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 08:53 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 08:53 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 08:53 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 08:53 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 08:53 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 08:53 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 08:53 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 08:53 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 08:53 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 08:53 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 08:53 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 08:53 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 08:53 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 08:53 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 08:53 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 08:53 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 08:53 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 08:53 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 08:53 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 08:53 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 08:53 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 08:53 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 08:53 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 08:53 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 08:53 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 08:53 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 08:53 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 08:53 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 08:53 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 08:53 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 08:53 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 08:53 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 08:53 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 08:53 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 08:53 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 08:53 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 08:53 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 08:53 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 08:53 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 08:53 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 08:53 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 08:53 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 08:53 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 08:53 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 08:53 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 08:53 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 08:53 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 08:53 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 08:53 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 08:53 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 08:53 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 08:53 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 08:53 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 08:53 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 08:53 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 08:53 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 08:53 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 08:53 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 08:53 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 08:53 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 08:53 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 08:53 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 08:53 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 08:53 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 08:53 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 08:53 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 08:53 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 08:53 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 08:53 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 08:53 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 08:53 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 08:53 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 08:53 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 08:53 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 08:53 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 08:53 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 08:53 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 08:53 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 08:53 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 08:53 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 08:53 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 08:53 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 08:53 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 08:53 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 08:53 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 08:53 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 08:53 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 08:53 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 08:53 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 08:53 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 08:53 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 08:53 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 08:53 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 08:53 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 08:53 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 08:53 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 08:53 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 08:53 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 08:53 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 08:53 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 08:53 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 08:53 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 08:53 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 08:53 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 08:53 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 08:53 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 08:53 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 08:53 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 08:53 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 08:53 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 08:53 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 08:53 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 08:53 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 08:53 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 08:53 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 08:53 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 08:53 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 08:53 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 08:53 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 08:53 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 08:53 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 08:53 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 08:53 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 08:53 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 08:53 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 08:53 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 08:53 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 08:53 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 08:53 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 08:53 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 08:53 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 08:53 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-03-28 15:42 - 2016-03-28 15:42 - 00099538 _____ C:\Users\jiří mansfeld\Desktop\zásuvka spínací.pdf
2016-03-24 21:02 - 2016-03-24 21:02 - 00261526 _____ C:\Users\jiří mansfeld\Downloads\mseno-okor-dolina-mseno.gpx
2016-03-24 21:02 - 2016-03-24 21:02 - 00253774 _____ C:\Users\jiří mansfeld\Downloads\mseno-okor-mseno.gpx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-20 22:13 - 2016-02-08 19:08 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent
2016-04-20 22:13 - 2015-10-20 18:59 - 00000000 ____D C:\FRST
2016-04-20 22:07 - 2016-01-01 13:14 - 00000000 ____D C:\ProgramData\MFAData
2016-04-20 22:07 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-20 22:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-20 22:06 - 2013-09-24 11:04 - 00001004 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job
2016-04-20 22:04 - 2014-12-16 10:42 - 00004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F3025CBB-7345-4401-A7CE-791ADEF185AD}
2016-04-19 18:58 - 2014-07-24 20:35 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-19 10:45 - 2015-10-13 15:11 - 00000000 ____D C:\Program Files\trend micro
2016-04-18 20:28 - 2013-09-24 15:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2016-04-18 20:23 - 2014-01-03 19:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2016-04-18 20:22 - 2016-01-06 22:45 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-18 20:22 - 2015-08-02 18:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2016-04-18 20:22 - 2013-09-24 10:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2016-04-18 12:39 - 2015-12-19 19:42 - 00002171 _____ C:\Users\jiří mansfeld\Desktop\Sigma Data Center 4.0.lnk
2016-04-18 12:39 - 2014-12-16 19:05 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center 4.0
2016-04-18 12:39 - 2014-12-16 19:05 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center 4.0
2016-04-18 11:57 - 2016-01-06 22:48 - 01963958 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 11:57 - 2015-10-30 20:31 - 00814592 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-18 11:57 - 2015-10-30 20:31 - 00183486 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-18 11:57 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-18 11:52 - 2016-01-06 23:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-18 11:52 - 2015-10-30 08:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-04-18 11:49 - 2015-10-13 16:03 - 00000000 ____D C:\AdwCleaner
2016-04-14 21:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 16:37 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-14 09:41 - 2016-01-06 22:49 - 00000000 ____D C:\Users\jiří mansfeld
2016-04-13 22:04 - 2016-01-01 13:14 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk
2016-04-13 22:04 - 2016-01-01 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-04-13 22:02 - 2016-01-06 22:40 - 04974608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 11:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 11:31 - 2013-09-25 21:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 09:14 - 2013-09-25 21:41 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 09:07 - 2013-09-24 11:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-13 08:56 - 2013-09-24 10:25 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\Packages
2016-04-11 21:00 - 2015-09-30 20:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2016-04-10 14:06 - 2013-09-24 11:04 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job
2016-04-08 14:58 - 2014-07-24 20:35 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-31 20:32 - 2014-05-20 09:48 - 00097936 _____ C:\Users\jiří mansfeld\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-31 10:52 - 2013-09-24 10:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-31 10:06 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-31 10:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-31 10:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-31 09:36 - 2016-01-07 13:01 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-03-29 15:04 - 2016-02-17 20:59 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-03-29 15:04 - 2016-02-08 19:10 - 00002857 _____ C:\Users\jiří mansfeld\Desktop\BitTorrent.lnk
2016-03-29 12:06 - 2016-01-07 13:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-03-29 11:53 - 2016-02-18 23:19 - 00056080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-03-29 11:53 - 2016-02-18 23:19 - 00049424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-03-29 11:53 - 2016-01-07 13:01 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-03-29 11:53 - 2016-01-07 13:01 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-03-27 21:09 - 2015-05-17 16:16 - 00003396 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2016-03-26 11:03 - 2016-01-01 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
==================== Files in the root of some directories =======
2014-03-17 20:44 - 2016-03-09 11:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 12:23 - 2014-10-01 12:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 12:22 - 2016-03-09 11:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 21:48 - 2016-02-12 21:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 20:17 - 2014-03-14 22:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 21:18 - 2014-03-14 22:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast
2013-12-09 11:15 - 2013-12-09 11:15 - 0000008 __RSH () C:\ProgramData\3043C5CE01.sys
2013-12-09 11:15 - 2015-11-16 09:24 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\jiří mansfeld\AppData\Local\Temp\avguirn_082041126320.exe
C:\Users\jiří mansfeld\AppData\Local\Temp\libeay32.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\msvcr120.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole4944045917672667912.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole6615721981955494029.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole8212304110667944865.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-14 20:00
==================== End of FRST.txt ============================
Ran by jiří mansfeld (administrator) on MANY (20-04-2016 22:13:47)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
(BitTorrent Inc.) C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2016.326.7.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe
() C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe\CallsApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxTsr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-03-27] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [DAEMON Tools Lite] => C:\programy instalace\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Google Update] => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [BitTorrent] => C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent\BitTorrent.exe [1963016 2016-04-09] (BitTorrent Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\RunOnce: [Uninstall C:\Users\jiY� mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [232960 2015-10-30] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2015-10-12] [not signed]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.omniboxes.com/?type=hp&ts=144862075 ... 9_C8F2D239
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1580352 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2014-03-27] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4584208 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [49424 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71288 2015-12-09] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-20 22:13 - 2016-04-20 22:14 - 00029460 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2016-04-20 22:11 - 2016-04-20 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\jiří mansfeld\Downloads\Nepotvrzeno 330631.crdownload
2016-04-20 22:09 - 2016-04-20 22:13 - 02375680 _____ (Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe
2016-04-19 10:48 - 2016-04-19 10:48 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\win7
2016-04-18 20:23 - 2016-04-18 20:23 - 00000000 ___HD C:\OneDriveTemp
2016-04-18 12:37 - 2016-04-18 12:38 - 46585520 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-4.0.11-021.exe
2016-04-18 11:47 - 2016-04-18 11:49 - 03683904 _____ C:\Users\jiří mansfeld\Desktop\adwcleaner_5.112.exe
2016-04-16 11:51 - 2016-04-16 11:56 - 01222144 _____ C:\Users\jiří mansfeld\Desktop\RSITx64.exe
2016-04-16 11:51 - 2016-04-16 11:51 - 01107968 _____ C:\Users\jiří mansfeld\Desktop\RSIT.exe
2016-04-13 16:15 - 2016-04-18 20:23 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\BitTorrent
2016-04-13 11:27 - 2016-04-13 11:27 - 00217190 _____ C:\Users\jiří mansfeld\Downloads\mseno-dobrovice-bakov-mb-mseno.gpx
2016-04-13 08:54 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 08:54 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 08:54 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 08:54 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 08:54 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 08:54 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 08:54 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 08:54 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 08:54 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 08:54 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 08:54 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 08:54 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 08:54 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 08:54 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 08:54 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 08:54 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 08:54 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 08:54 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 08:54 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 08:54 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 08:54 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 08:54 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 08:54 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 08:54 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 08:54 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 08:54 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 08:54 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 08:54 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 08:54 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 08:54 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 08:54 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 08:54 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 08:54 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 08:54 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 08:54 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 08:54 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 08:54 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 08:54 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 08:54 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 08:54 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 08:54 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 08:54 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 08:54 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 08:54 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 08:54 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 08:54 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 08:54 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 08:54 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 08:54 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 08:54 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 08:54 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 08:54 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 08:54 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 08:54 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 08:54 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 08:54 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 08:54 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 08:54 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 08:54 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 08:54 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 08:54 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 08:54 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 08:54 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 08:54 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 08:54 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 08:54 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 08:54 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 08:54 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 08:53 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 08:53 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 08:53 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 08:53 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 08:53 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 08:53 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 08:53 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 08:53 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 08:53 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 08:53 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 08:53 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 08:53 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 08:53 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 08:53 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 08:53 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 08:53 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 08:53 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 08:53 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 08:53 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 08:53 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 08:53 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 08:53 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 08:53 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 08:53 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 08:53 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 08:53 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 08:53 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 08:53 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 08:53 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 08:53 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 08:53 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 08:53 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 08:53 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 08:53 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 08:53 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 08:53 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 08:53 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 08:53 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 08:53 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 08:53 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 08:53 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 08:53 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 08:53 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 08:53 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 08:53 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 08:53 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 08:53 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 08:53 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 08:53 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 08:53 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 08:53 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 08:53 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 08:53 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 08:53 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 08:53 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 08:53 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 08:53 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 08:53 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 08:53 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 08:53 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 08:53 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 08:53 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 08:53 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 08:53 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 08:53 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 08:53 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 08:53 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 08:53 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 08:53 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 08:53 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 08:53 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 08:53 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 08:53 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 08:53 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 08:53 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 08:53 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 08:53 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 08:53 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 08:53 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 08:53 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 08:53 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 08:53 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 08:53 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 08:53 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 08:53 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 08:53 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 08:53 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 08:53 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 08:53 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 08:53 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 08:53 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 08:53 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 08:53 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 08:53 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 08:53 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 08:53 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 08:53 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 08:53 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 08:53 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 08:53 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 08:53 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 08:53 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 08:53 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 08:53 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 08:53 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 08:53 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 08:53 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 08:53 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 08:53 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 08:53 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 08:53 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 08:53 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 08:53 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 08:53 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 08:53 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 08:53 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 08:53 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 08:53 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 08:53 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 08:53 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 08:53 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 08:53 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 08:53 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 08:53 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 08:53 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 08:53 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 08:53 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 08:53 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 08:53 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 08:53 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 08:53 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 08:53 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 08:53 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 08:53 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 08:53 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 08:53 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 08:53 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 08:53 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 08:53 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 08:53 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 08:53 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 08:53 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 08:53 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 08:53 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 08:53 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 08:53 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 08:53 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 08:53 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 08:53 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 08:53 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 08:53 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 08:53 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 08:53 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 08:53 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 08:53 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 08:53 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 08:53 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 08:53 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 08:53 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 08:53 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 08:53 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 08:53 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 08:53 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 08:53 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 08:53 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 08:53 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 08:53 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 08:53 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 08:53 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 08:53 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 08:53 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 08:53 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 08:53 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 08:53 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 08:53 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 08:53 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-03-28 15:42 - 2016-03-28 15:42 - 00099538 _____ C:\Users\jiří mansfeld\Desktop\zásuvka spínací.pdf
2016-03-24 21:02 - 2016-03-24 21:02 - 00261526 _____ C:\Users\jiří mansfeld\Downloads\mseno-okor-dolina-mseno.gpx
2016-03-24 21:02 - 2016-03-24 21:02 - 00253774 _____ C:\Users\jiří mansfeld\Downloads\mseno-okor-mseno.gpx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-20 22:13 - 2016-02-08 19:08 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\BitTorrent
2016-04-20 22:13 - 2015-10-20 18:59 - 00000000 ____D C:\FRST
2016-04-20 22:07 - 2016-01-01 13:14 - 00000000 ____D C:\ProgramData\MFAData
2016-04-20 22:07 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-20 22:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-20 22:06 - 2013-09-24 11:04 - 00001004 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA.job
2016-04-20 22:04 - 2014-12-16 10:42 - 00004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F3025CBB-7345-4401-A7CE-791ADEF185AD}
2016-04-19 18:58 - 2014-07-24 20:35 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-19 10:45 - 2015-10-13 15:11 - 00000000 ____D C:\Program Files\trend micro
2016-04-18 20:28 - 2013-09-24 15:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2016-04-18 20:23 - 2014-01-03 19:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2016-04-18 20:22 - 2016-01-06 22:45 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-18 20:22 - 2015-08-02 18:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2016-04-18 20:22 - 2013-09-24 10:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2016-04-18 12:39 - 2015-12-19 19:42 - 00002171 _____ C:\Users\jiří mansfeld\Desktop\Sigma Data Center 4.0.lnk
2016-04-18 12:39 - 2014-12-16 19:05 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center 4.0
2016-04-18 12:39 - 2014-12-16 19:05 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center 4.0
2016-04-18 11:57 - 2016-01-06 22:48 - 01963958 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 11:57 - 2015-10-30 20:31 - 00814592 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-18 11:57 - 2015-10-30 20:31 - 00183486 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-18 11:57 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-18 11:52 - 2016-01-06 23:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-18 11:52 - 2015-10-30 08:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-04-18 11:49 - 2015-10-13 16:03 - 00000000 ____D C:\AdwCleaner
2016-04-14 21:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 16:37 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-14 09:41 - 2016-01-06 22:49 - 00000000 ____D C:\Users\jiří mansfeld
2016-04-13 22:04 - 2016-01-01 13:14 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk
2016-04-13 22:04 - 2016-01-01 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-04-13 22:02 - 2016-01-06 22:40 - 04974608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 21:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 11:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 11:31 - 2013-09-25 21:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 09:14 - 2013-09-25 21:41 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 09:07 - 2013-09-24 11:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-13 08:56 - 2013-09-24 10:25 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\Packages
2016-04-11 21:00 - 2015-09-30 20:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2016-04-10 14:06 - 2013-09-24 11:04 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core.job
2016-04-08 14:58 - 2014-07-24 20:35 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-31 20:32 - 2014-05-20 09:48 - 00097936 _____ C:\Users\jiří mansfeld\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-31 10:52 - 2013-09-24 10:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-31 10:06 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-31 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-31 10:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-31 10:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-31 09:36 - 2016-01-07 13:01 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-03-29 15:04 - 2016-02-17 20:59 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-03-29 15:04 - 2016-02-08 19:10 - 00002857 _____ C:\Users\jiří mansfeld\Desktop\BitTorrent.lnk
2016-03-29 12:06 - 2016-01-07 13:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-03-29 11:53 - 2016-02-18 23:19 - 00056080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-03-29 11:53 - 2016-02-18 23:19 - 00049424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-03-29 11:53 - 2016-01-07 13:01 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-03-29 11:53 - 2016-01-07 13:01 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-03-27 21:09 - 2015-05-17 16:16 - 00003396 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2016-03-26 11:03 - 2016-01-01 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
==================== Files in the root of some directories =======
2014-03-17 20:44 - 2016-03-09 11:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 12:23 - 2014-10-01 12:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 12:22 - 2016-03-09 11:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 21:48 - 2016-02-12 21:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 20:17 - 2014-03-14 22:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 21:18 - 2014-03-14 22:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast
2013-12-09 11:15 - 2013-12-09 11:15 - 0000008 __RSH () C:\ProgramData\3043C5CE01.sys
2013-12-09 11:15 - 2015-11-16 09:24 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\jiří mansfeld\AppData\Local\Temp\avguirn_082041126320.exe
C:\Users\jiří mansfeld\AppData\Local\Temp\libeay32.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\msvcr120.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole4944045917672667912.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole6615721981955494029.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\proxy_vole8212304110667944865.dll
C:\Users\jiří mansfeld\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-14 20:00
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\3043C5CE01.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\jiří mansfeld\AppData\Local\Temp
Task: {2BB25024-3400-41E3-9495-51AEC2F1B612} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {417B18C7-7C01-4582-B890-191968AFA8F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {642FFDC2-62E4-4357-B832-BCDE89CD5E92} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {700E46DB-18A0-4F9C-922C-FED117BDD162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87D74A9A-36D1-4334-BC12-47076C351F07} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90E2852C-B0FE-4FAF-B49D-DE9EE191B22F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A2278703-C982-420A-B798-94568ABDBAE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6B0AD59-187C-4C2F-8F59-BFA6714829BB} - System32\Tasks\Google Update => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E62781C5-04C7-434F-BDF8-79CFD2EDB905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F21F60EE-D2A0-452A-BB82-B14ACD814EF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FC1D03E5-C0BB-45A0-A440-8184977DA0EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [242]
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by jiří mansfeld (2016-04-21 21:15:17) Run:1
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\3043C5CE01.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\jiří mansfeld\AppData\Local\Temp
Task: {2BB25024-3400-41E3-9495-51AEC2F1B612} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {417B18C7-7C01-4582-B890-191968AFA8F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {642FFDC2-62E4-4357-B832-BCDE89CD5E92} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {700E46DB-18A0-4F9C-922C-FED117BDD162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87D74A9A-36D1-4334-BC12-47076C351F07} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90E2852C-B0FE-4FAF-B49D-DE9EE191B22F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A2278703-C982-420A-B798-94568ABDBAE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6B0AD59-187C-4C2F-8F59-BFA6714829BB} - System32\Tasks\Google Update => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E62781C5-04C7-434F-BDF8-79CFD2EDB905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F21F60EE-D2A0-452A-BB82-B14ACD814EF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FC1D03E5-C0BB-45A0-A440-8184977DA0EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [242]
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\3043C5CE01.sys => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\Users\jiří mansfeld\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BB25024-3400-41E3-9495-51AEC2F1B612}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BB25024-3400-41E3-9495-51AEC2F1B612}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{417B18C7-7C01-4582-B890-191968AFA8F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{417B18C7-7C01-4582-B890-191968AFA8F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{642FFDC2-62E4-4357-B832-BCDE89CD5E92}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{642FFDC2-62E4-4357-B832-BCDE89CD5E92}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{700E46DB-18A0-4F9C-922C-FED117BDD162}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{700E46DB-18A0-4F9C-922C-FED117BDD162}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87D74A9A-36D1-4334-BC12-47076C351F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87D74A9A-36D1-4334-BC12-47076C351F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90E2852C-B0FE-4FAF-B49D-DE9EE191B22F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90E2852C-B0FE-4FAF-B49D-DE9EE191B22F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2278703-C982-420A-B798-94568ABDBAE4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2278703-C982-420A-B798-94568ABDBAE4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6B0AD59-187C-4C2F-8F59-BFA6714829BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6B0AD59-187C-4C2F-8F59-BFA6714829BB}" => key removed successfully
C:\WINDOWS\System32\Tasks\Google Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E62781C5-04C7-434F-BDF8-79CFD2EDB905}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E62781C5-04C7-434F-BDF8-79CFD2EDB905}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F21F60EE-D2A0-452A-BB82-B14ACD814EF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F21F60EE-D2A0-452A-BB82-B14ACD814EF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC1D03E5-C0BB-45A0-A440-8184977DA0EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC1D03E5-C0BB-45A0-A440-8184977DA0EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
==== End of Fixlog 21:15:19 ====
Ran by jiří mansfeld (2016-04-21 21:15:17) Run:1
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\3043C5CE01.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\jiří mansfeld\AppData\Local\Temp
Task: {2BB25024-3400-41E3-9495-51AEC2F1B612} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {417B18C7-7C01-4582-B890-191968AFA8F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {642FFDC2-62E4-4357-B832-BCDE89CD5E92} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {700E46DB-18A0-4F9C-922C-FED117BDD162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87D74A9A-36D1-4334-BC12-47076C351F07} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90E2852C-B0FE-4FAF-B49D-DE9EE191B22F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A2278703-C982-420A-B798-94568ABDBAE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6B0AD59-187C-4C2F-8F59-BFA6714829BB} - System32\Tasks\Google Update => C:\Users\jiří mansfeld\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E62781C5-04C7-434F-BDF8-79CFD2EDB905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F21F60EE-D2A0-452A-BB82-B14ACD814EF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FC1D03E5-C0BB-45A0-A440-8184977DA0EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [242]
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\3043C5CE01.sys => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\Users\jiří mansfeld\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BB25024-3400-41E3-9495-51AEC2F1B612}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BB25024-3400-41E3-9495-51AEC2F1B612}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CCA7DAD-B1DB-4DBD-8E20-3C3386F18B52}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{417B18C7-7C01-4582-B890-191968AFA8F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{417B18C7-7C01-4582-B890-191968AFA8F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62BE63EC-CC8F-4A6C-BD59-B74DEEDD54F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{642FFDC2-62E4-4357-B832-BCDE89CD5E92}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{642FFDC2-62E4-4357-B832-BCDE89CD5E92}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{700E46DB-18A0-4F9C-922C-FED117BDD162}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{700E46DB-18A0-4F9C-922C-FED117BDD162}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3882090170-638525116-1017874946-1002Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D1DD5D1-C0AC-4FBA-B39A-77C5EAB98982}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87D74A9A-36D1-4334-BC12-47076C351F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87D74A9A-36D1-4334-BC12-47076C351F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90E2852C-B0FE-4FAF-B49D-DE9EE191B22F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90E2852C-B0FE-4FAF-B49D-DE9EE191B22F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2278703-C982-420A-B798-94568ABDBAE4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2278703-C982-420A-B798-94568ABDBAE4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6B0AD59-187C-4C2F-8F59-BFA6714829BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6B0AD59-187C-4C2F-8F59-BFA6714829BB}" => key removed successfully
C:\WINDOWS\System32\Tasks\Google Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E62781C5-04C7-434F-BDF8-79CFD2EDB905}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E62781C5-04C7-434F-BDF8-79CFD2EDB905}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAE20E8-95AD-4FD4-83F3-62F865D8CC8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F21F60EE-D2A0-452A-BB82-B14ACD814EF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F21F60EE-D2A0-452A-BB82-B14ACD814EF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC1D03E5-C0BB-45A0-A440-8184977DA0EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC1D03E5-C0BB-45A0-A440-8184977DA0EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
==== End of Fixlog 21:15:19 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
Děkuji moc
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?