VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Reklamní havěť

https://forum.viry.cz:443/viewtopic.php?t=150925

Stránka 1 z 1

Reklamní havěť

Napsal: 22 pro 2016 23:08
od Jirka K.
Zdravím, 20. prosince se do počítače z nějakých pochybných stránek natahala havěť, změnila výchozí prohlížeč a Chrome se nedaří nastavit zpět (ani jeho domovská stránka), samovolně se stahují různé aplikace atd. Poprosím další postupy popisovat co možná nejnávodněji, zkusím to nechat dořešit otce. Přikládám logy z FRST a děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jana (administrator) on KŘIVÁNEK-PC (22-12-2016 22:51:43)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Křivánek & Jana (Available Profiles: Křivánek & Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alza.cz a.s.) C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(深圳市猫哈网络科技发展有限公司) C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe
() C:\ProgramData\NetworkPacketManitor\Nettrans.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Windows\Temp\g7E55.tmp.exe
() C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\UCAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\UCAgent.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Search Module Ltd.) C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKU\S-1-5-21-3406515104-517183750-3566915376-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
IFEO\MRT.exe: [Debugger] C:\Program Files (x86)\Vulatcerfck\_ALLOWDEL_37192de\Gubed.exe -Yrrehs
ShellExecuteHooks: No Name - {212EB874-B064-11E6-8412-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Fegghgradoing\Anunaly.dll -> No File
ShellExecuteHooks: No Name - {344E022C-B058-11E6-BC7C-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Mtispplaperk\Reukatyherradom.dll [146432 2016-12-21] ()
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll [2016-12-20] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{582E5871-F563-4527-9641-23675C37B3F1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3406515104-517183750-3566915376-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
HKU\S-1-5-21-3406515104-517183750-3566915376-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19zGLhM6-rpGNpRcwPlO2hMTDMY1Z6kCyHW0huynkhQxcwUoib4ZgfBKjWvYzZnQT17Dzbg_DGT8sz6Qpw-MU-bHFE1D
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=GCLzamobl20564BU,70401e53-6567-42f5-a14f-5c3acc8a6cd6,&vp=ch&prd=set_ie
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406515104-517183750-3566915376-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406515104-517183750-3566915376-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406515104-517183750-3566915376-1002 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406515104-517183750-3566915376-1002 -> {283CE0A6-870C-45BC-BDC0-788DEB3B1B95} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=GCLzamobl20564BU,70401e53-6567-42f5-a14f-5c3acc8a6cd6,
SearchScopes: HKU\S-1-5-21-3406515104-517183750-3566915376-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2Vokgs3TzVhcPT4GL6TGneyezj8AtkZeBLqueIlXYoCVMyhlPJr0kPXGCrwYQZF19APxbomln6J7qhHhLrBDLDnhHI3gB9a14vdQF4Hvf9feTgAQaubnY6HBiFDeT9yZBt1DtE25teeDJNDOPSlXmA_Q_yu&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3406515104-517183750-3566915376-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: [main]
current=0
[users]
0=Jana
[not found]
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://www-searching.com/?pid=s&s=gclzamobl20564bu,70401e53-6567-42f5-a14f-5c3acc8a6cd6,
CHR StartupUrls: Profile 2 -> "hxxp://www-searching.com/?pid=s&s=gclzamobl20564bu,70401e53-6567-42f5-a14f-5c3acc8a6cd6,"
CHR DefaultSearchURL: Profile 2 -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=gclzamobl20564bu,70401e53-6567-42f5-a14f-5c3acc8a6cd6,
CHR DefaultSearchKeyword: Profile 2 -> www-searching.com
CHR DefaultSuggestURL: Profile 2 -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-22] <==== ATTENTION
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-22]
CHR Extension: (Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-22]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-22]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-22]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-22]
CHR HKU\S-1-5-21-3406515104-517183750-3566915376-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AlzaMedia-Autoupdate; C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe [48000 2014-10-03] (Alza.cz a.s.) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [784384 2016-12-21] (Fun Dw) [File not signed]
S2 backlh; C:\ProgramData\Logic Handler\set.exe [3786752 2016-12-20] () [File not signed]
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [312320 2016-11-06] () [File not signed] <==== ATTENTION
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2016-12-20] () [File not signed] <==== ATTENTION
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [557056 2016-12-21] () [File not signed] <==== ATTENTION
R2 KuaizipUpdateChecker; C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll [219032 2016-12-20] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MaohaWifiSvr; C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe [168992 2016-11-26] (深圳市猫哈网络科技发展有限公司)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R2 Nettrans; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [57856 2016-09-28] () [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
R2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3109888 2016-12-19] (Search Module Ltd.) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [935312 2016-12-13] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [258048 2016-12-21] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-29] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-20] (REALiX(tm))
R2 KuaiZipDrive; C:\Windows\system32\drivers\KuaiZipDrive.sys [92832 2016-12-20] (WinMount International Inc)
R1 MaohaWifiNetPro; C:\Program Files (x86)\Maoha\MaohaAP\MaoHaWiFiNet64.sys [1030496 2016-11-26] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S4 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] () [File not signed]
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-12-19] ()
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S3 ALSysIO; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-22 22:51 - 2016-12-22 22:52 - 00017143 _____ C:\Users\Jana\Downloads\FRST.txt
2016-12-22 22:49 - 2016-12-22 22:49 - 02420736 _____ (Farbar) C:\Users\Jana\Downloads\FRST64.exe
2016-12-22 21:51 - 2016-12-22 21:51 - 01065376 _____ (Google Inc.) C:\Users\Jana\Downloads\ChromeSetup.exe
2016-12-22 20:25 - 2016-12-22 20:26 - 00000000 ____D C:\Program Files\Reimage
2016-12-22 20:24 - 2016-12-22 20:27 - 00000140 _____ C:\Windows\Reimage.ini
2016-12-22 20:23 - 2016-12-22 20:23 - 00589144 _____ (Reimage) C:\Users\Jana\Downloads\ReimageRepair.exe
2016-12-22 19:16 - 2016-12-22 22:36 - 00000000 ____D C:\Users\Jana\AppData\Local\BrowserAir
2016-12-22 19:16 - 2016-12-22 22:05 - 00003250 _____ C:\Windows\System32\Tasks\IBUpd2
2016-12-22 19:15 - 2016-12-22 19:15 - 00004242 _____ C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3934383839323339312d375055574132506c572a4a45
2016-12-22 19:15 - 2016-12-22 19:15 - 00004162 _____ C:\Windows\System32\Tasks\SMW_P
2016-12-21 22:38 - 2016-12-22 22:01 - 00002580 _____ C:\Windows\System32\Tasks\UCBrowserUpdaterCore
2016-12-21 22:38 - 2016-12-22 22:01 - 00000294 _____ C:\Windows\Tasks\UCBrowserUpdaterCore.job
2016-12-21 20:20 - 2016-12-22 21:53 - 00000000 ____D C:\Program Files\Common Files\zm32ncdb
2016-12-21 20:07 - 2016-12-21 20:07 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mtispplaperk
2016-12-21 19:22 - 2016-12-21 19:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\VDI
2016-12-21 19:21 - 2016-12-22 19:15 - 00439808 _____ C:\ProgramData\smp2.exe
2016-12-21 19:21 - 2016-12-21 19:21 - 00000000 ____D C:\ProgramData\SearchModule
2016-12-21 19:21 - 2016-12-21 19:21 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2016-12-21 19:20 - 2016-12-21 19:20 - 00041472 _____ C:\Users\Jana\AppData\Local\jaytechno.dat
2016-12-21 19:20 - 2016-12-21 19:20 - 00000187 _____ C:\Users\Jana\AppData\Local\jaytechno.exe.config
2016-12-21 19:20 - 2016-12-21 19:20 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mozilla
2016-12-21 19:20 - 2016-12-21 19:20 - 00000000 ____D C:\Program Files\BitTorrent
2016-12-21 19:19 - 2016-12-21 19:20 - 00000000 ____D C:\ProgramData\Ronzaps
2016-12-21 19:19 - 2016-12-21 19:19 - 07316480 _____ C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 01938532 _____ C:\Users\Jana\AppData\Roaming\Nimsuntom.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 01907196 _____ C:\Users\Jana\AppData\Roaming\Silphase.tst
2016-12-21 19:19 - 2016-12-21 19:19 - 01051136 _____ C:\Users\Jana\AppData\Roaming\Silphase.exe
2016-12-21 19:19 - 2016-12-21 19:19 - 00190394 _____ C:\Users\Jana\AppData\Roaming\Damity.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 00140288 _____ C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00136827 _____ () C:\Users\Jana\AppData\Roaming\Daltdex.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 00126464 _____ C:\Users\Jana\AppData\Roaming\noah.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00070704 _____ C:\Users\Jana\AppData\Roaming\Config.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00019104 _____ C:\Users\Jana\AppData\Roaming\InstallationConfiguration.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00018432 _____ C:\Users\Jana\AppData\Roaming\Main.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00005568 _____ C:\Users\Jana\AppData\Roaming\md.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00002397 _____ C:\Windows\SysWOW64\findit.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2016-12-21 19:19 - 2016-12-21 19:19 - 00000000 ____D C:\ProgramData\Logic Handler
2016-12-21 19:16 - 2016-12-21 21:08 - 00000000 ____D C:\Program Files (x86)\Droationaruak
2016-12-21 19:16 - 2016-12-21 19:17 - 00000000 ____D C:\Users\Jana\AppData\Local\Ghoteghdeqert
2016-12-21 19:16 - 2016-12-21 19:16 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mtispplaperk
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\MUpdater.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameXP.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameCenter.exe.config
2016-12-21 12:33 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\WinArcher
2016-12-21 12:33 - 2016-12-21 12:33 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-12-21 12:30 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\yywemi8q
2016-12-21 11:55 - 2016-12-21 11:55 - 00404480 _____ C:\Windows\system32\bi3.exe
2016-12-20 18:53 - 2016-12-21 07:04 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\KuaiZip
2016-12-20 18:51 - 2016-12-20 18:51 - 00000000 ____D C:\Users\Křivánek\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Chromium
2016-12-20 18:18 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-12-20 18:18 - 2016-12-21 12:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\KuaiZip
2016-12-20 18:18 - 2016-12-20 18:19 - 00000000 __SHD C:\ProgramData\WindowsMsg
2016-12-20 18:18 - 2016-12-20 18:18 - 00000000 ____D C:\ProgramData\ProductData
2016-12-20 18:18 - 2016-12-20 18:17 - 00092832 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 __SHD C:\Users\Jana\AppData\Local\svchost
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Softlink
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 ____D C:\Program Files\żěŃą
2016-12-20 18:16 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\Maoha
2016-12-20 18:16 - 2016-12-20 18:16 - 01620992 _____ C:\ProgramData\service.exe
2016-12-20 18:16 - 2016-12-20 18:16 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Windows\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\ProgramData\IObit
2016-12-20 18:15 - 2016-12-22 22:52 - 00016722 _____ C:\Windows\System32\Tasks\815330987d79t6315439
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ___HD C:\ProgramData\815330987d79t6315439
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Public\Thunder Network
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\IObit
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\ProgramData\Thunder Network
2016-12-20 18:14 - 2016-12-21 21:18 - 00000000 ____D C:\Program Files (x86)\Vulatcerfck
2016-12-20 18:14 - 2016-12-20 20:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Fegghgradoing
2016-12-20 18:14 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Fueryphijing
2016-12-20 18:13 - 2016-12-20 18:14 - 02395802 _____ C:\Users\Jana\Downloads\The_Forest_Public_Alpha_v0_51b.zip
2016-12-14 08:50 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 08:50 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 08:50 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 08:50 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 08:50 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 08:50 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 08:50 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 08:50 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 08:50 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 08:50 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 08:50 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 08:50 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 08:50 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 08:50 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 08:50 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 08:50 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 08:50 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 08:50 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 08:50 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 08:50 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 08:50 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 08:50 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 08:50 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 08:50 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 08:50 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 08:50 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 08:50 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 08:50 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 08:50 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 08:50 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 08:50 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 08:50 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 08:50 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 08:50 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 08:50 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 08:50 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 08:50 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 08:50 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 08:50 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 08:49 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 08:49 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 08:49 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 08:49 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 08:49 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 08:49 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 08:49 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 08:49 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 08:49 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 08:49 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 08:49 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 08:49 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 08:49 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 08:49 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 08:49 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 08:49 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 08:49 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 08:49 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 08:49 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 08:49 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 08:49 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 08:49 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 08:49 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 22:29 - 2016-12-13 22:29 - 00050176 _____ C:\Users\Jana\Downloads\Kopie - vykaz prosinec 2016.xls
2016-12-13 07:49 - 2016-12-13 07:49 - 00261376 _____ C:\Users\Křivánek\Downloads\prilohy_7732.zip
2016-12-12 20:21 - 2016-12-12 20:21 - 00000222 _____ C:\Users\Jana\Downloads\bawKk5v9oc_WsvTHz-3ANQc7INGjUmq_DxKTuJi8Rcp-165_HLX2v1CHEZlcEyZLWZ8yIUA
2016-12-07 09:36 - 2016-12-07 09:36 - 00088658 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201612_8012919549.pdf
2016-12-05 20:18 - 2016-12-05 20:18 - 00119401 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201608_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00114026 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201609_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00096535 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201610_8012919549.pdf
2016-12-05 20:16 - 2016-12-05 20:16 - 00121732 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201611_8012919549.pdf
2016-11-30 09:21 - 2016-11-30 09:21 - 01009408 _____ C:\Users\Křivánek\Downloads\schemasitelinek_plakat.pdf
2016-11-30 09:04 - 2016-11-30 09:04 - 00122817 _____ C:\Users\Křivánek\Downloads\042_151213.pdf
2016-11-30 09:04 - 2016-11-30 09:04 - 00122817 _____ C:\Users\Křivánek\Downloads\042_151213 (1).pdf
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:17 - 2016-11-28 21:17 - 07865175 _____ C:\Users\Jana\Downloads\Un-petit-bain1 (1).mp4
2016-11-28 21:16 - 2016-11-28 21:16 - 07865175 _____ C:\Users\Jana\Downloads\Un-petit-bain1.mp4
2016-11-28 21:08 - 2016-11-28 21:08 - 00030715 _____ C:\Users\Jana\Downloads\Dozor jídelna (1).xlsx
2016-11-27 18:49 - 2016-11-27 18:49 - 01704095 _____ C:\Users\Křivánek\Downloads\grundig-sonoclock-890-navod-k-obsluze.pdf
2016-11-26 17:40 - 2016-11-26 17:40 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-26 17:40 - 2016-11-26 17:37 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-11-26 17:39 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-26 17:38 - 2016-11-26 17:38 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-11-26 17:37 - 2016-11-26 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-26 17:37 - 2016-11-26 17:38 - 56134208 _____ (Oracle Corporation) C:\Users\Jana\Downloads\jre-8u111-windows-i586.exe
2016-11-26 17:37 - 2016-11-26 17:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-11-26 17:36 - 2016-11-26 17:40 - 00000000 ____D C:\ProgramData\Oracle
2016-11-26 17:36 - 2016-11-26 17:36 - 00000000 ____D C:\Program Files\Java
2016-11-26 17:34 - 2016-11-26 17:35 - 63235648 _____ (Oracle Corporation) C:\Users\Jana\Downloads\jre-8u111-windows-x64.exe
2016-11-23 19:26 - 2016-11-23 19:26 - 08270712 _____ (Piriform Ltd) C:\Users\Křivánek\Downloads\ccsetup523 (1).exe
2016-11-23 19:09 - 2016-11-23 17:12 - 00001244 _____ C:\Users\Jana\Desktop\Slabikář se Samem.lnk
2016-11-23 18:44 - 2016-11-23 18:44 - 08270712 _____ (Piriform Ltd) C:\Users\Křivánek\Downloads\ccsetup523.exe
2016-11-23 16:41 - 2016-11-23 16:49 - 470253438 _____ (Igor Pavlov) C:\Users\Jana\Downloads\11-90-v3.2-slabikar-se-Samem.exe
2016-11-22 08:30 - 2016-11-22 08:30 - 00413197 _____ C:\Users\Křivánek\Downloads\005_160901 (2).pdf
2016-11-22 08:01 - 2016-11-22 08:01 - 00413197 _____ C:\Users\Křivánek\Downloads\005_160901.pdf
2016-11-22 08:01 - 2016-11-22 08:01 - 00413197 _____ C:\Users\Křivánek\Downloads\005_160901 (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-22 22:51 - 2016-09-01 10:59 - 00000000 ____D C:\FRST
2016-12-22 19:10 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-22 19:10 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-22 19:02 - 2016-09-04 08:24 - 00000000 ____D C:\Users\Křivánek\AppData\Local\LogMeIn Hamachi
2016-12-22 19:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-21 21:38 - 2016-09-04 00:18 - 00000000 ____D C:\Users\Jana\AppData\Local\LogMeIn Hamachi
2016-12-21 21:26 - 2011-04-12 09:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-21 21:26 - 2011-04-12 09:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-21 21:26 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-21 21:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-21 21:13 - 2016-06-21 12:35 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mozilla
2016-12-21 19:20 - 2013-07-17 13:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-21 19:17 - 2016-11-20 11:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-21 19:17 - 2016-02-16 16:03 - 00000000 ____D C:\Program Files (x86)\Terasoft
2016-12-21 19:17 - 2015-11-06 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-21 19:17 - 2015-08-27 18:15 - 00000000 ____D C:\Program Files (x86)\Codec Pack - All In 1
2016-12-21 19:17 - 2015-05-18 23:26 - 00000000 ____D C:\Program Files (x86)\ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO
2016-12-21 19:17 - 2015-01-22 00:13 - 00000000 ____D C:\Program Files (x86)\Alza Media
2016-12-21 19:17 - 2014-10-10 13:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-21 19:17 - 2014-09-16 16:46 - 00000000 ____D C:\Program Files (x86)\Activ Software
2016-12-21 19:17 - 2014-08-26 16:38 - 00000000 ____D C:\Program Files (x86)\Nakladatelství Nová Škola Brno
2016-12-21 19:17 - 2014-06-07 12:22 - 00000000 ____D C:\Program Files (x86)\Nová škola Brno
2016-12-21 19:17 - 2014-05-11 15:41 - 00000000 ____D C:\Program Files (x86)\MarkAny
2016-12-21 19:17 - 2014-05-11 15:21 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-12-21 19:17 - 2013-12-15 13:27 - 00000000 ____D C:\Program Files (x86)\Interplay
2016-12-21 19:17 - 2013-08-22 21:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-21 19:17 - 2013-08-02 18:57 - 00000000 ____D C:\Program Files (x86)\3DO
2016-12-21 19:17 - 2013-07-17 13:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-21 19:17 - 2013-04-28 18:26 - 00000000 ____D C:\Program Files (x86)\Kalypso
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD APP
2016-12-21 19:17 - 2013-02-07 13:36 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2016-12-21 19:17 - 2012-09-16 02:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\OscarX7Editor5Mode
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\5-Mode Oscar Editor
2016-12-21 19:17 - 2012-06-29 20:53 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-21 19:17 - 2012-05-21 00:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-21 19:17 - 2012-04-26 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-21 19:17 - 2012-04-26 11:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-21 19:17 - 2012-04-05 19:18 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2016-12-21 19:17 - 2012-04-05 19:17 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2016-12-21 19:17 - 2012-04-05 19:14 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-21 19:17 - 2012-04-05 19:09 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-12-21 19:17 - 2012-04-05 19:06 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-12-21 19:17 - 2012-04-03 19:14 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-12-21 19:17 - 2012-04-03 19:04 - 00000000 ____D C:\Program Files (x86)\GIGABYTE
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-21 19:17 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-20 18:15 - 2012-04-24 17:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-12-15 08:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-14 19:54 - 2009-07-14 05:45 - 00306536 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 19:37 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 19:34 - 2012-04-03 19:31 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 19:32 - 2012-04-03 20:07 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 19:03 - 2014-08-04 15:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-12-13 15:30 - 2012-04-24 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 15:30 - 2012-04-24 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 15:30 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 15:30 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-10 22:58 - 2016-06-21 18:24 - 00000000 ____D C:\Users\Jana\Desktop\Erbenova - náměty
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-12-01 03:02 - 2012-04-03 20:07 - 00002155 _____ C:\Windows\epplauncher.mif
2016-12-01 03:02 - 2012-04-03 20:07 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-11-23 17:25 - 2014-09-16 16:49 - 00000000 ____D C:\Users\Jana\Documents\Activprimary3
2016-11-23 17:12 - 2014-06-07 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nová škola Brno

==================== Files in the root of some directories =======

2016-12-21 19:19 - 2016-12-21 19:19 - 7316480 _____ () C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0070704 _____ () C:\Users\Jana\AppData\Roaming\Config.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 0136827 _____ () C:\Users\Jana\AppData\Roaming\Daltdex.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0190394 _____ () C:\Users\Jana\AppData\Roaming\Damity.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0019104 _____ () C:\Users\Jana\AppData\Roaming\InstallationConfiguration.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 0140288 _____ () C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0018432 _____ () C:\Users\Jana\AppData\Roaming\Main.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0005568 _____ () C:\Users\Jana\AppData\Roaming\md.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 1938532 _____ () C:\Users\Jana\AppData\Roaming\Nimsuntom.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0126464 _____ () C:\Users\Jana\AppData\Roaming\noah.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 1051136 _____ () C:\Users\Jana\AppData\Roaming\Silphase.exe
2016-12-21 19:19 - 2016-12-21 19:19 - 1907196 _____ () C:\Users\Jana\AppData\Roaming\Silphase.tst
2016-12-21 19:20 - 2016-12-21 19:20 - 0001150 _____ () C:\Users\Jana\AppData\Roaming\uninstall_temp.ico
2015-02-20 00:17 - 2015-02-20 00:18 - 0003072 _____ () C:\Users\Jana\AppData\Local\file__0.localstorage
2016-12-21 19:20 - 2016-12-21 19:20 - 0041472 _____ () C:\Users\Jana\AppData\Local\jaytechno.dat
2016-12-21 19:20 - 2016-12-21 19:20 - 0000187 _____ () C:\Users\Jana\AppData\Local\jaytechno.exe.config
2015-09-06 22:23 - 2015-09-06 22:23 - 0032038 _____ () C:\Users\Jana\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2016-02-07 11:45 - 2016-02-07 11:45 - 0000000 _____ () C:\Users\Jana\AppData\Local\{7D8FAFCB-BA39-4421-BF23-A10C978EB026}
2016-12-20 18:16 - 2016-12-20 18:16 - 1620992 _____ () C:\ProgramData\service.exe
2016-12-21 19:21 - 2016-12-22 19:15 - 0439808 _____ () C:\ProgramData\smp2.exe

Files to move or delete:
====================
C:\ProgramData\service.exe
C:\ProgramData\smp2.exe


Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\3gs_lj.exe
C:\Users\Jana\AppData\Local\Temp\794F.tmp.exe
C:\Users\Jana\AppData\Local\Temp\7A85.tmp.exe
C:\Users\Jana\AppData\Local\Temp\8BCB.tmp.exe
C:\Users\Jana\AppData\Local\Temp\AutoTime51495.exe
C:\Users\Jana\AppData\Local\Temp\brastub6ab_amobl_inst.exe
C:\Users\Jana\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Jana\AppData\Local\Temp\fhfshffsf99udau.exe
C:\Users\Jana\AppData\Local\Temp\gD3C3.tmp.exe
C:\Users\Jana\AppData\Local\Temp\gF365.tmp.exe
C:\Users\Jana\AppData\Local\Temp\linker.exe
C:\Users\Jana\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Jana\AppData\Local\Temp\nss945D.exe
C:\Users\Jana\AppData\Local\Temp\prepreinstaller_win.exe
C:\Users\Jana\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\Trotux.exe
C:\Users\Jana\AppData\Local\Temp\vlngp.exe
C:\Users\Jana\AppData\Local\Temp\Zone5.exe
C:\Users\Křivánek\AppData\Local\Temp\mininewsrepair.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-14 00:40

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jana (22-12-2016 22:53:21)
Running from C:\Users\Jana\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-03 17:55:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3406515104-517183750-3566915376-500 - Administrator - Disabled)
Guest (S-1-5-21-3406515104-517183750-3566915376-501 - Limited - Disabled)
Jana (S-1-5-21-3406515104-517183750-3566915376-1002 - Administrator - Enabled) => C:\Users\Jana
Křivánek (S-1-5-21-3406515104-517183750-3566915376-1000 - Administrator - Enabled) => C:\Users\Křivánek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
5-Mode Oscar Editor (HKLM-x32\...\OscarX7Mouse5Mode) (Version: 11.10.0001 - A4Tech)
Activprimary Viewer v3.6 (HKLM-x32\...\{919A356C-8FC7-49E2-91C4-66D25AE35121}) (Version: 3.6.22 - Promethean Ltd.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO (HKLM-x32\...\ALTERCJ2PPD_is1) (Version: 1.0 - Nakladatelství ALTER, s.r.o.)
Alza Media (HKLM-x32\...\cae43f19-b904-445a-8d22-0bf7c177726b_is1) (Version: 1.0.27.39844 - Alza.cz a.s.)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Banished v1.0.0 32-bit (HKLM-x32\...\{2AB66B5F-2613-477F-A4B1-CB2E8C7A2943}) (Version: 1.0.0 - Shining Rock Software LLC)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Český Jazyk 2 verze 2.30 (HKLM-x32\...\{84649EB1-E7CC-4CE7-A4CE-D0113D9B75C9}_is1) (Version: 2.30 - Nakladatelství Nová Škola)
Český jazyk 6 (instalace na disk) (HKLM-x32\...\Český jazyk 6 (instalace na disk)) (Version: - )
ČJ4 - Pravopisná cvičení (doporučená instalace) (HKLM-x32\...\ČJ4 - Pravopisná cvičení (doporučená instalace)) (Version: - )
Fallout Collection (HKLM-x32\...\Fallout Collection) (Version: - )
FlexiBooks (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\eaadb22a7fda717f) (Version: 3.0.5.17 - Fraus Media spol. s r.o.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
Geeks3D.com FurMark 1.9.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (x32 Version: 1.00.0000 - CD Projekt) Hidden
Já a můj svět 1 (HKLM-x32\...\Já a můj svět 1) (Version: - )
Já a můj svět 3 (HKLM-x32\...\Já a můj svět 3) (Version: - )
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Prvouka 2 verze 2.25 (HKLM-x32\...\{D3DEEB20-6BA0-458C-A619-0D7C0B240818}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Prvouka 3 verze 2.25 (HKLM-x32\...\{AC52D51B-92CB-4D1C-8F6F-242578B0CB4D}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6358 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Search module (HKLM-x32\...\Search module) (Version: - Goobzo) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Slabikář se Samem verze 3.2 (HKLM-x32\...\{770E3496-387C-4BE7-A2A3-10142ED83A68}_is1) (Version: 3.2 - Nakladatelství Nová Škola)
StrongholdCrusader (HKLM\...\{5a56ddf5-f2fd-4a53-b852-909002f9df30}.sdb) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tropico 3 (HKLM-x32\...\{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}) (Version: 1.00.0000 - Kalypso)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\Warcraft III) (Version: - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Živá Abeceda verze 2.25 (HKLM-x32\...\{968A4FBF-C1CE-4CC6-8BD2-0949BD9DD816}_is1) (Version: 2.25 - Nakladatelství Nová Škola)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AC7D0A8-ADD8-4C1B-8EC3-C1EB7131F865} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Jana\AppData\Roaming\Adobe\Manager.exe [2016-12-20] ()
Task: {21F97E2B-3F9C-425D-862D-5F9C18DBCD06} - System32\Tasks\IBUpd2 => C:\Users\Jana\AppData\Local\BrowserAir\48.0.0.0\updater.exe <==== ATTENTION
Task: {37A8DE78-F1A4-4296-866A-08ED470E112F} - System32\Tasks\815330987d79t6315439 => Rundll32.exe "C:\ProgramData\815330987d79t6315439\815330987d79t6315439.dll",DMT <==== ATTENTION
Task: {4AD2938E-287C-4E0B-80E5-3CA0D8C6FA31} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-12-22] () <==== ATTENTION
Task: {8A8978B2-265D-4FA1-A94D-A4D50B5AF0BD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {C2D7AE54-60CD-4720-8E2B-343A690DF66B} - System32\Tasks\SMW_UpdateTask_Time_3934383839323339312d375055574132506c572a4a45 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {DA9CB1F4-1F4B-4EE7-AA4F-08DCB39EE642} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ED1B910B-DDBD-4D8C-B7A0-D0862E4E5413} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-12-13] (UCWeb Inc) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2016-12-20 18:15 - 2014-03-22 22:46 - 03117056 _____ () C:\ProgramData\815330987d79t6315439\815330987d79t6315439.dll
2012-12-19 15:32 - 2012-12-19 15:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-09-26 08:00 - 2016-09-28 09:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-12-20 18:17 - 2016-12-20 18:17 - 00524696 _____ () C:\Program Files\żěŃą\X64\KZipShell.dll
2016-12-20 18:19 - 2016-12-13 11:43 - 00935312 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe
2016-12-20 20:29 - 2016-12-22 19:02 - 00252416 _____ () C:\Windows\TEMP\g7E55.tmp.exe
2016-12-20 19:15 - 2016-12-13 11:51 - 02147216 _____ () C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\UCAgent.exe
2012-04-05 19:14 - 2005-06-07 11:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-11-06 09:21 - 2016-11-06 09:21 - 00312320 _____ () C:\Program Files\BitTorrent\BitTorrent.exe
2016-12-20 20:29 - 2016-12-22 19:03 - 03662848 _____ () C:\Windows\TEMP\gC90B.tmp
2016-12-14 23:34 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 23:34 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-21 12:33 - 2016-12-21 12:33 - 00557056 _____ () C:\Program Files (x86)\Common Files\Services\iThemes.dll
2016-12-20 18:17 - 2016-12-20 18:17 - 00219032 _____ () c:\program files\żěńą\x86\kuaizipupdatechecker.dll
2016-12-20 18:17 - 2016-11-26 06:52 - 00256032 _____ () C:\Program Files (x86)\Maoha\MaohaAP\Updater\CheckUpdate.dll
2016-12-20 18:17 - 2016-11-26 06:52 - 00237088 _____ () C:\Program Files (x86)\Maoha\MaohaAP\tipsdll.dll
2016-12-21 12:33 - 2016-12-21 12:33 - 00258048 _____ () c:\programdata\winsapsvc\winsap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\Windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\Jana\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Jana\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Jana\AppData\Local\History:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-20 18:14 - 00000918 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3406515104-517183750-3566915376-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Křivánek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D107AF7D-7077-45B1-83BD-260C88FEC108}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{13431BE2-1DB9-46A4-8F65-63E036578312}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C0DDB5CE-73B7-4F74-BE55-9016E5FC05C0}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DF21D50A-9EC0-4137-AB20-221DCEE103A4}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A82D9573-8E35-4D16-85A0-BDFE0BC72E0A}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [{7D375474-4B2E-403C-8D27-099C590F989E}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [TCP Query User{0DA9CB13-C48C-4B05-800B-DB189FF8DB2E}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{623F7E40-9EDE-4237-B257-DB5F18886FBA}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{74CD1556-A74B-4CFB-96F9-BDE93F8C7508}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A09D1CB-BE52-4AF6-B250-E13F804A7CAA}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12A91C44-17F1-49C9-9C1B-564ED13D5A64}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A17A2C1B-EF95-482F-89EF-0BCCE15E49C5}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [UDP Query User{BF1D4493-C5D8-43EF-A924-697D300B1A7C}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [{46F68C8D-BA19-47E9-9008-4A1B1A39031D}] => %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{257D2795-1CF3-4A91-9323-C7C91B704C19}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2783318E-99CA-4020-A3D6-B3A0CF6EC2D5}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E69E3881-4D01-476B-917E-3535A9C51FC9}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [UDP Query User{EAF305FB-98EF-4FFA-9794-2AA506009568}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [{C19C0F3A-0F6A-49D8-9A1A-EE5FBAB93265}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD51BCB0-DC7F-4CB3-8987-B09B90B2F4D1}] => C:\Windows\system32\rundll32.exe
FirewallRules: [TCP Query User{842BF3CE-BE8D-488D-9D42-53FE2BEF3E1C}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{D5845059-05E3-4AD9-A52B-E0D275F302B2}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [{870C6416-6602-4E2A-BFF9-061224FD3C84}] => C:\Users\Jana\AppData\Local\Temp\is-V60S4.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{D9460726-053A-4C94-8AEC-FB444D505136}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{6A0BC5FC-638E-4562-9CFE-363200B38AD6}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{1FC91994-A48E-4F72-98A3-F60C264470EA}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{1D7A9ACB-FEB6-4CE6-982E-EC375E7CF597}] => C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe

==================== Restore Points =========================

17-12-2016 20:06:57 Windows Update
20-12-2016 20:40:31 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/22/2016 10:45:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0651
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000004f2fa
ID chybujícího procesu: 0x17a0
Čas spuštění chybující aplikace: 0x01d25c9cbeaca804
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: fde91a12-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:44:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0651
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000006c8cc
ID chybujícího procesu: 0x438
Čas spuštění chybující aplikace: 0x01d25c9c7e3a4686
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: c0befe54-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:44:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.23537, časové razítko: 0x57c45548
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000080988
ID chybujícího procesu: 0x1634
Čas spuštění chybující aplikace: 0x01d25c9c7df07bde
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\SHELL32.dll
ID zprávy: c0302bc4-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744, časové razítko: 0x4eeb033f
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000002dc4
ID chybujícího procesu: 0x1444
Čas spuštění chybující aplikace: 0x01d25c9c7db29817
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID zprávy: bfdcdb9b-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:44:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0695
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000000136b8
ID chybujícího procesu: 0x15a0
Čas spuštění chybující aplikace: 0x01d25c9c7d7e39d1
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\kernel32.dll
ID zprávy: befab8e1-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:43:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744, časové razítko: 0x4eeb033f
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000002dc4
ID chybujícího procesu: 0x174c
Čas spuštění chybující aplikace: 0x01d25c9c79ee8ac9
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID zprávy: b9be9228-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:41:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0651
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000004dd43
ID chybujícího procesu: 0x12cc
Čas spuštění chybující aplikace: 0x01d25c9c1941c7dd
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 58fa0179-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744, časové razítko: 0x4eeb033f
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000002dc4
ID chybujícího procesu: 0x1118
Čas spuštění chybující aplikace: 0x01d25c9c1908a6d6
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID zprávy: 58be7f12-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.23537, časové razítko: 0x57c45548
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000008070d
ID chybujícího procesu: 0x151c
Čas spuštění chybující aplikace: 0x01d25c9c02138157
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\system32\SHELL32.dll
ID zprávy: 41466de4-c88f-11e6-b88c-50e54955b81b

Error: (12/22/2016 10:39:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5a
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0651
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000004f2ec
ID chybujícího procesu: 0x15a8
Čas spuštění chybující aplikace: 0x01d25c9bee324351
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2dc6c849-c88f-11e6-b88c-50e54955b81b


System errors:
=============
Error: (12/22/2016 08:30:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba BitTorrent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/22/2016 08:27:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GoogleChromeUpService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/22/2016 08:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba BitTorrent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/21/2016 09:37:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BitTorrent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/21/2016 09:37:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby BitTorrent bylo dosaženo časového limitu (30000 ms).

Error: (12/21/2016 09:17:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (12/21/2016 09:07:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Strongla byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2016 03:07:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/21/2016 12:33:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba iThemes5 je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/21/2016 12:31:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Antimalware Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Spustit nakonfigurovaný program pro obnovení.

Re: Reklamní havěť

Napsal: 23 pro 2016 10:14
od JaRon
ahoj,
no je to zas**** naskrz
1. vycisti PC s ADWCleanerom
restart
2. vycisti PC s MBAM
restart
ak budu problemy vloz log FRST, ak nebudu nemusis

Re: Reklamní havěť

Napsal: 24 pro 2016 20:51
od Jirka K.
AdwCleaner něco našel a vyčistil, při opakovaném spuštění ale vždy najde něco dalšího (zkoušel jsem opakovaně, logy kdyžtak mám uložený). MBAM taky něco našel, ale pokaždé se během skenování zasekne (na různých souborech), takže ani jednou nedoběhnul do konce, zkoušel jsem asi 5×. Problémy víceméně přetvávají. Přikládám aktuální log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jana (administrator) on KŘIVÁNEK-PC (24-12-2016 20:42:35)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Křivánek & Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alza.cz a.s.) C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Windows\Temp\g7E55.tmp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\RunOnce: [wd] => C:\Windows\TEMP\g7E55.tmp.exe [252416 2016-12-24] () <===== ATTENTION
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
IFEO\MRT.exe: [Debugger] C:\Program Files (x86)\Vulatcerfck\_ALLOWDEL_37192de\Gubed.exe -Yrrehs
ShellExecuteHooks: No Name - {212EB874-B064-11E6-8412-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Fegghgradoing\Anunaly.dll -> No File
ShellExecuteHooks: No Name - {344E022C-B058-11E6-BC7C-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Mtispplaperk\Reukatyherradom.dll -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{582E5871-F563-4527-9641-23675C37B3F1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: [main]
current=0
[users]
0=Jana
[not found]
FF DefaultProfile: d5oxsyb1.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\d5oxsyb1.default [2016-12-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-23] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=gclzamobl20564bu,70401e53-6567-42f5-a14f-5c3acc8a6cd6,
CHR DefaultSearchKeyword: ChromeDefaultData -> www-searching.com
CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-23] <==== ATTENTION
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-23]
CHR Extension: (Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-22]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-22]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-22]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AlzaMedia-Autoupdate; C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe [48000 2014-10-03] (Alza.cz a.s.) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 BitTorrent; "C:\Program Files\BitTorrent\BitTorrent.exe" /s iid=9371275 did=APSnapdoAMRev sid=3 ref=e8c92417-763b-431f-3364-ef7835acd4da-PolicyMac id=5f7e1e189414dbf8174f22d27798f8f33ab8c0e73a28b7682228633ad21e6af0 [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-29] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-20] (REALiX(tm))
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-23] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-24] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S4 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] () [File not signed]
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S3 ALSysIO; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-24 13:19 - 2016-12-24 14:12 - 00000000 ____D C:\Users\Křivánek\AppData\LocalLow\Mozilla
2016-12-24 13:19 - 2016-12-24 13:25 - 00000000 ____D C:\Users\Křivánek\AppData\Local\Mozilla
2016-12-24 12:51 - 2016-12-24 12:51 - 00002065 _____ C:\Users\Jana\Desktop\AdwCleaner[C6].txt
2016-12-24 09:25 - 2016-12-24 09:25 - 00003044 _____ C:\Users\Jana\Desktop\AdwCleaner[C5].txt
2016-12-24 00:06 - 2016-12-24 00:06 - 00003991 _____ C:\Users\Jana\Desktop\AdwCleaner[C4].txt
2016-12-23 22:46 - 2016-12-24 20:37 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2016-12-23 22:45 - 2016-12-23 22:52 - 00000000 ____D C:\Users\Jana\AppData\Local\Mozilla
2016-12-23 22:44 - 2016-12-24 00:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-23 22:44 - 2016-12-24 00:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-23 22:44 - 2016-12-23 22:44 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-23 22:44 - 2016-12-23 22:44 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-23 22:06 - 2016-12-23 22:06 - 00005232 _____ C:\Users\Jana\Desktop\AdwCleaner[C3].txt
2016-12-23 21:35 - 2016-12-24 20:26 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-23 21:35 - 2016-12-23 21:36 - 00003956 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-23 21:06 - 2016-12-23 21:06 - 00000896 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2016-12-23 21:06 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Local\Seznam.cz
2016-12-23 21:06 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Local\Crashpad
2016-12-23 21:04 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Seznam Browser
2016-12-23 20:59 - 2016-12-23 20:59 - 44478408 _____ C:\Users\Jana\Desktop\Firefox Setup 50.0.exe
2016-12-23 19:59 - 2016-12-23 19:59 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-23 19:56 - 2016-12-24 20:39 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-23 19:56 - 2016-12-24 20:39 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-23 19:56 - 2016-12-24 20:37 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-23 19:56 - 2016-12-24 20:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-23 19:56 - 2016-12-23 19:56 - 00001873 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-23 19:56 - 2016-12-23 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-23 19:56 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-23 19:55 - 2016-12-23 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-23 19:55 - 2016-12-23 19:55 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-23 19:47 - 2016-12-23 19:47 - 54199488 _____ (Malwarebytes ) C:\Users\Jana\Desktop\mb3-setup-consumer-3.0.5.1299.exe
2016-12-23 19:40 - 2016-12-24 20:36 - 00003476 _____ C:\Windows\System32\Tasks\UCBrowserSecureUpdater
2016-12-23 19:25 - 2016-12-23 19:25 - 03977168 _____ C:\Users\Jana\Desktop\adwcleaner_6.041.exe
2016-12-22 22:53 - 2016-12-22 22:54 - 00033996 _____ C:\Users\Jana\Downloads\Addition.txt
2016-12-22 22:51 - 2016-12-24 20:43 - 00011949 _____ C:\Users\Jana\Downloads\FRST.txt
2016-12-22 22:49 - 2016-12-22 22:49 - 02420736 _____ (Farbar) C:\Users\Jana\Downloads\FRST64.exe
2016-12-22 21:51 - 2016-12-22 21:51 - 01065376 _____ (Google Inc.) C:\Users\Jana\Downloads\ChromeSetup.exe
2016-12-22 20:23 - 2016-12-22 20:23 - 00589144 _____ (Reimage) C:\Users\Jana\Downloads\ReimageRepair.exe
2016-12-22 19:15 - 2016-12-22 19:15 - 00004242 _____ C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3934383839323339312d375055574132506c572a4a45
2016-12-21 20:20 - 2016-12-22 21:53 - 00000000 ____D C:\Program Files\Common Files\zm32ncdb
2016-12-21 20:07 - 2016-12-21 20:07 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mtispplaperk
2016-12-21 19:20 - 2016-12-24 13:19 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mozilla
2016-12-21 19:20 - 2016-12-23 22:20 - 00000000 ____D C:\Program Files\BitTorrent
2016-12-21 19:20 - 2016-12-21 19:20 - 00041472 _____ C:\Users\Jana\AppData\Local\jaytechno.dat
2016-12-21 19:20 - 2016-12-21 19:20 - 00000187 _____ C:\Users\Jana\AppData\Local\jaytechno.exe.config
2016-12-21 19:19 - 2016-12-21 19:19 - 07316480 _____ C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 01938532 _____ C:\Users\Jana\AppData\Roaming\Nimsuntom.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 01907196 _____ C:\Users\Jana\AppData\Roaming\Silphase.tst
2016-12-21 19:19 - 2016-12-21 19:19 - 00190394 _____ C:\Users\Jana\AppData\Roaming\Damity.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 00140288 _____ C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00136827 _____ () C:\Users\Jana\AppData\Roaming\Daltdex.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 00126464 _____ C:\Users\Jana\AppData\Roaming\noah.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00070704 _____ C:\Users\Jana\AppData\Roaming\Config.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00019104 _____ C:\Users\Jana\AppData\Roaming\InstallationConfiguration.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 00018432 _____ C:\Users\Jana\AppData\Roaming\Main.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00005568 _____ C:\Users\Jana\AppData\Roaming\md.xml
2016-12-21 19:16 - 2016-12-24 09:18 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mtispplaperk
2016-12-21 19:16 - 2016-12-21 21:08 - 00000000 ____D C:\Program Files (x86)\Droationaruak
2016-12-21 19:16 - 2016-12-21 19:17 - 00000000 ____D C:\Users\Jana\AppData\Local\Ghoteghdeqert
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\MUpdater.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameXP.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameCenter.exe.config
2016-12-21 12:30 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\yywemi8q
2016-12-20 18:51 - 2016-12-20 18:51 - 00000000 ____D C:\Users\Křivánek\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Chromium
2016-12-20 18:18 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-12-20 18:18 - 2016-12-20 18:18 - 00000000 ____D C:\ProgramData\ProductData
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 __SHD C:\Users\Jana\AppData\Local\svchost
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 ____D C:\Program Files\żěŃą
2016-12-20 18:16 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\Maoha
2016-12-20 18:16 - 2016-12-20 18:16 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Windows\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\ProgramData\IObit
2016-12-20 18:15 - 2016-12-24 20:44 - 00016722 _____ C:\Windows\System32\Tasks\815330987d79t6315439
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ___HD C:\ProgramData\815330987d79t6315439
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Public\Thunder Network
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\IObit
2016-12-20 18:14 - 2016-12-21 21:18 - 00000000 ____D C:\Program Files (x86)\Vulatcerfck
2016-12-20 18:14 - 2016-12-20 20:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Fegghgradoing
2016-12-20 18:14 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Fueryphijing
2016-12-20 18:13 - 2016-12-20 18:14 - 02395802 _____ C:\Users\Jana\Downloads\The_Forest_Public_Alpha_v0_51b.zip
2016-12-14 08:50 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 08:50 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 08:50 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 08:50 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 08:50 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 08:50 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 08:50 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 08:50 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 08:50 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 08:50 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 08:50 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 08:50 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 08:50 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 08:50 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 08:50 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 08:50 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 08:50 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 08:50 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 08:50 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 08:50 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 08:50 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 08:50 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 08:50 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 08:50 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 08:50 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 08:50 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 08:50 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 08:50 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 08:50 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 08:50 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 08:50 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 08:50 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 08:50 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 08:50 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 08:50 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 08:50 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 08:50 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 08:50 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 08:50 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 08:49 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 08:49 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 08:49 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 08:49 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 08:49 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 08:49 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 08:49 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 08:49 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 08:49 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 08:49 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 08:49 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 08:49 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 08:49 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 08:49 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 08:49 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 08:49 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 08:49 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 08:49 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 08:49 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 08:49 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 08:49 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 08:49 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 08:49 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 22:29 - 2016-12-13 22:29 - 00050176 _____ C:\Users\Jana\Downloads\Kopie - vykaz prosinec 2016.xls
2016-12-13 07:49 - 2016-12-13 07:49 - 00261376 _____ C:\Users\Křivánek\Downloads\prilohy_7732.zip
2016-12-12 20:21 - 2016-12-12 20:21 - 00000222 _____ C:\Users\Jana\Downloads\bawKk5v9oc_WsvTHz-3ANQc7INGjUmq_DxKTuJi8Rcp-165_HLX2v1CHEZlcEyZLWZ8yIUA
2016-12-07 09:36 - 2016-12-07 09:36 - 00088658 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201612_8012919549.pdf
2016-12-05 20:18 - 2016-12-05 20:18 - 00119401 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201608_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00114026 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201609_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00096535 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201610_8012919549.pdf
2016-12-05 20:16 - 2016-12-05 20:16 - 00121732 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201611_8012919549.pdf
2016-11-30 09:21 - 2016-11-30 09:21 - 01009408 _____ C:\Users\Křivánek\Downloads\schemasitelinek_plakat.pdf
2016-11-30 09:04 - 2016-11-30 09:04 - 00122817 _____ C:\Users\Křivánek\Downloads\042_151213.pdf
2016-11-30 09:04 - 2016-11-30 09:04 - 00122817 _____ C:\Users\Křivánek\Downloads\042_151213 (1).pdf
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:17 - 2016-11-28 21:17 - 07865175 _____ C:\Users\Jana\Downloads\Un-petit-bain1 (1).mp4
2016-11-28 21:16 - 2016-11-28 21:16 - 07865175 _____ C:\Users\Jana\Downloads\Un-petit-bain1.mp4
2016-11-28 21:08 - 2016-11-28 21:08 - 00030715 _____ C:\Users\Jana\Downloads\Dozor jídelna (1).xlsx
2016-11-27 18:49 - 2016-11-27 18:49 - 01704095 _____ C:\Users\Křivánek\Downloads\grundig-sonoclock-890-navod-k-obsluze.pdf
2016-11-26 17:40 - 2016-11-26 17:40 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-26 17:40 - 2016-11-26 17:37 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-11-26 17:39 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-26 17:38 - 2016-11-26 17:38 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-11-26 17:37 - 2016-11-26 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-26 17:37 - 2016-11-26 17:38 - 56134208 _____ (Oracle Corporation) C:\Users\Jana\Downloads\jre-8u111-windows-i586.exe
2016-11-26 17:37 - 2016-11-26 17:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-11-26 17:36 - 2016-11-26 17:40 - 00000000 ____D C:\ProgramData\Oracle
2016-11-26 17:36 - 2016-11-26 17:36 - 00000000 ____D C:\Program Files\Java
2016-11-26 17:34 - 2016-11-26 17:35 - 63235648 _____ (Oracle Corporation) C:\Users\Jana\Downloads\jre-8u111-windows-x64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-24 20:42 - 2016-09-01 10:59 - 00000000 ____D C:\FRST
2016-12-24 20:36 - 2016-09-04 00:18 - 00000000 ____D C:\Users\Jana\AppData\Local\LogMeIn Hamachi
2016-12-24 20:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-24 20:30 - 2016-09-03 12:49 - 00000000 ____D C:\AdwCleaner
2016-12-24 12:14 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-24 12:14 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-24 09:18 - 2012-04-24 17:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-12-23 23:53 - 2014-08-04 15:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-12-23 22:52 - 2014-08-17 13:08 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-12-23 22:51 - 2012-04-24 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-23 22:51 - 2012-04-24 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-23 22:51 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-23 22:51 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-23 22:46 - 2016-06-21 12:35 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mozilla
2016-12-23 22:02 - 2014-10-10 13:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-23 22:01 - 2014-08-04 15:06 - 00000000 ____D C:\ProgramData\Skype
2016-12-23 19:31 - 2013-07-17 13:31 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-23 19:31 - 2012-04-24 11:22 - 00000973 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-23 18:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-22 19:02 - 2016-09-04 08:24 - 00000000 ____D C:\Users\Křivánek\AppData\Local\LogMeIn Hamachi
2016-12-21 21:26 - 2011-04-12 09:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-21 21:26 - 2011-04-12 09:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-21 21:26 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-21 21:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-21 19:17 - 2016-11-20 11:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-21 19:17 - 2016-02-16 16:03 - 00000000 ____D C:\Program Files (x86)\Terasoft
2016-12-21 19:17 - 2015-11-06 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-21 19:17 - 2015-08-27 18:15 - 00000000 ____D C:\Program Files (x86)\Codec Pack - All In 1
2016-12-21 19:17 - 2015-05-18 23:26 - 00000000 ____D C:\Program Files (x86)\ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO
2016-12-21 19:17 - 2015-01-22 00:13 - 00000000 ____D C:\Program Files (x86)\Alza Media
2016-12-21 19:17 - 2014-09-16 16:46 - 00000000 ____D C:\Program Files (x86)\Activ Software
2016-12-21 19:17 - 2014-08-26 16:38 - 00000000 ____D C:\Program Files (x86)\Nakladatelství Nová Škola Brno
2016-12-21 19:17 - 2014-06-07 12:22 - 00000000 ____D C:\Program Files (x86)\Nová škola Brno
2016-12-21 19:17 - 2014-05-11 15:41 - 00000000 ____D C:\Program Files (x86)\MarkAny
2016-12-21 19:17 - 2014-05-11 15:21 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-12-21 19:17 - 2013-12-15 13:27 - 00000000 ____D C:\Program Files (x86)\Interplay
2016-12-21 19:17 - 2013-08-22 21:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-21 19:17 - 2013-08-02 18:57 - 00000000 ____D C:\Program Files (x86)\3DO
2016-12-21 19:17 - 2013-07-17 13:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-21 19:17 - 2013-04-28 18:26 - 00000000 ____D C:\Program Files (x86)\Kalypso
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD APP
2016-12-21 19:17 - 2013-02-07 13:36 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2016-12-21 19:17 - 2012-09-16 02:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\OscarX7Editor5Mode
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\5-Mode Oscar Editor
2016-12-21 19:17 - 2012-06-29 20:53 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-21 19:17 - 2012-05-21 00:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-21 19:17 - 2012-04-26 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-21 19:17 - 2012-04-26 11:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-21 19:17 - 2012-04-05 19:18 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2016-12-21 19:17 - 2012-04-05 19:17 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2016-12-21 19:17 - 2012-04-05 19:14 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-21 19:17 - 2012-04-05 19:09 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-12-21 19:17 - 2012-04-05 19:06 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-12-21 19:17 - 2012-04-03 19:14 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-12-21 19:17 - 2012-04-03 19:04 - 00000000 ____D C:\Program Files (x86)\GIGABYTE
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-21 19:17 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-15 08:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-14 19:54 - 2009-07-14 05:45 - 00306536 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 19:37 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 19:34 - 2012-04-03 19:31 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 19:32 - 2012-04-03 20:07 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-10 22:58 - 2016-06-21 18:24 - 00000000 ____D C:\Users\Jana\Desktop\Erbenova - náměty
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-12-01 03:02 - 2012-04-03 20:07 - 00002155 _____ C:\Windows\epplauncher.mif
2016-12-01 03:02 - 2012-04-03 20:07 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2016-12-21 19:19 - 2016-12-21 19:19 - 7316480 _____ () C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0070704 _____ () C:\Users\Jana\AppData\Roaming\Config.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 0136827 _____ () C:\Users\Jana\AppData\Roaming\Daltdex.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0190394 _____ () C:\Users\Jana\AppData\Roaming\Damity.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0019104 _____ () C:\Users\Jana\AppData\Roaming\InstallationConfiguration.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 0140288 _____ () C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0018432 _____ () C:\Users\Jana\AppData\Roaming\Main.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0005568 _____ () C:\Users\Jana\AppData\Roaming\md.xml
2016-12-21 19:19 - 2016-12-21 19:19 - 1938532 _____ () C:\Users\Jana\AppData\Roaming\Nimsuntom.bin
2016-12-21 19:19 - 2016-12-21 19:19 - 0126464 _____ () C:\Users\Jana\AppData\Roaming\noah.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 1907196 _____ () C:\Users\Jana\AppData\Roaming\Silphase.tst
2016-12-21 19:20 - 2016-12-21 19:20 - 0001150 _____ () C:\Users\Jana\AppData\Roaming\uninstall_temp.ico
2015-02-20 00:17 - 2015-02-20 00:18 - 0003072 _____ () C:\Users\Jana\AppData\Local\file__0.localstorage
2016-12-21 19:20 - 2016-12-21 19:20 - 0041472 _____ () C:\Users\Jana\AppData\Local\jaytechno.dat
2016-12-21 19:20 - 2016-12-21 19:20 - 0000187 _____ () C:\Users\Jana\AppData\Local\jaytechno.exe.config
2015-09-06 22:23 - 2015-09-06 22:23 - 0032038 _____ () C:\Users\Jana\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2016-02-07 11:45 - 2016-02-07 11:45 - 0000000 _____ () C:\Users\Jana\AppData\Local\{7D8FAFCB-BA39-4421-BF23-A10C978EB026}

Files to move or delete:
====================
C:\Windows\TEMP\g7E55.tmp.exe


Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\3gs_lj.exe
C:\Users\Jana\AppData\Local\Temp\794F.tmp.exe
C:\Users\Jana\AppData\Local\Temp\7A85.tmp.exe
C:\Users\Jana\AppData\Local\Temp\8BCB.tmp.exe
C:\Users\Jana\AppData\Local\Temp\AutoTime51495.exe
C:\Users\Jana\AppData\Local\Temp\brastub6ab_amobl_inst.exe
C:\Users\Jana\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Jana\AppData\Local\Temp\fhfshffsf99udau.exe
C:\Users\Jana\AppData\Local\Temp\gD3C3.tmp.exe
C:\Users\Jana\AppData\Local\Temp\gF365.tmp.exe
C:\Users\Jana\AppData\Local\Temp\libeay32.dll
C:\Users\Jana\AppData\Local\Temp\linker.exe
C:\Users\Jana\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Jana\AppData\Local\Temp\msvcr120.dll
C:\Users\Jana\AppData\Local\Temp\nss945D.exe
C:\Users\Jana\AppData\Local\Temp\prepreinstaller_win.exe
C:\Users\Jana\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
C:\Users\Jana\AppData\Local\Temp\Trotux.exe
C:\Users\Jana\AppData\Local\Temp\vlngp.exe
C:\Users\Jana\AppData\Local\Temp\Zone5.exe
C:\Users\Křivánek\AppData\Local\Temp\mininewsrepair.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-24 00:53

==================== End of FRST.txt ============================

Re: Reklamní havěť

Napsal: 24 pro 2016 20:52
od Jirka K.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jana (24-12-2016 20:44:38)
Running from C:\Users\Jana\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-03 17:55:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3406515104-517183750-3566915376-500 - Administrator - Disabled)
Guest (S-1-5-21-3406515104-517183750-3566915376-501 - Limited - Disabled)
Jana (S-1-5-21-3406515104-517183750-3566915376-1002 - Administrator - Enabled) => C:\Users\Jana
Křivánek (S-1-5-21-3406515104-517183750-3566915376-1000 - Administrator - Enabled) => C:\Users\Křivánek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
5-Mode Oscar Editor (HKLM-x32\...\OscarX7Mouse5Mode) (Version: 11.10.0001 - A4Tech)
Activprimary Viewer v3.6 (HKLM-x32\...\{919A356C-8FC7-49E2-91C4-66D25AE35121}) (Version: 3.6.22 - Promethean Ltd.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO (HKLM-x32\...\ALTERCJ2PPD_is1) (Version: 1.0 - Nakladatelství ALTER, s.r.o.)
Alza Media (HKLM-x32\...\cae43f19-b904-445a-8d22-0bf7c177726b_is1) (Version: 1.0.27.39844 - Alza.cz a.s.)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Banished v1.0.0 32-bit (HKLM-x32\...\{2AB66B5F-2613-477F-A4B1-CB2E8C7A2943}) (Version: 1.0.0 - Shining Rock Software LLC)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Český Jazyk 2 verze 2.30 (HKLM-x32\...\{84649EB1-E7CC-4CE7-A4CE-D0113D9B75C9}_is1) (Version: 2.30 - Nakladatelství Nová Škola)
Český jazyk 6 (instalace na disk) (HKLM-x32\...\Český jazyk 6 (instalace na disk)) (Version: - )
ČJ4 - Pravopisná cvičení (doporučená instalace) (HKLM-x32\...\ČJ4 - Pravopisná cvičení (doporučená instalace)) (Version: - )
Fallout Collection (HKLM-x32\...\Fallout Collection) (Version: - )
FlexiBooks (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\eaadb22a7fda717f) (Version: 3.0.5.17 - Fraus Media spol. s r.o.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
Geeks3D.com FurMark 1.9.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (x32 Version: 1.00.0000 - CD Projekt) Hidden
Já a můj svět 1 (HKLM-x32\...\Já a můj svět 1) (Version: - )
Já a můj svět 3 (HKLM-x32\...\Já a můj svět 3) (Version: - )
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Prohlížeč Seznam.cz (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\Seznam Browser) (Version: 3.6.0 - Seznam.cz a.s.)
Prvouka 2 verze 2.25 (HKLM-x32\...\{D3DEEB20-6BA0-458C-A619-0D7C0B240818}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Prvouka 3 verze 2.25 (HKLM-x32\...\{AC52D51B-92CB-4D1C-8F6F-242578B0CB4D}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6358 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Slabikář se Samem verze 3.2 (HKLM-x32\...\{770E3496-387C-4BE7-A2A3-10142ED83A68}_is1) (Version: 3.2 - Nakladatelství Nová Škola)
StrongholdCrusader (HKLM\...\{5a56ddf5-f2fd-4a53-b852-909002f9df30}.sdb) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tropico 3 (HKLM-x32\...\{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}) (Version: 1.00.0000 - Kalypso)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\Warcraft III) (Version: - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Živá Abeceda verze 2.25 (HKLM-x32\...\{968A4FBF-C1CE-4CC6-8BD2-0949BD9DD816}_is1) (Version: 2.25 - Nakladatelství Nová Škola)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AC7D0A8-ADD8-4C1B-8EC3-C1EB7131F865} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Jana\AppData\Roaming\Adobe\Manager.exe
Task: {3201B6CE-43A6-4E95-839A-BA1152CF4DC9} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2016-12-20] (UC Web Inc.) <==== ATTENTION
Task: {37A8DE78-F1A4-4296-866A-08ED470E112F} - System32\Tasks\815330987d79t6315439 => Rundll32.exe "C:\ProgramData\815330987d79t6315439\815330987d79t6315439.dll",DMT <==== ATTENTION
Task: {416EE22A-EBF7-462D-8CC0-77D6C809FFC5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-23] (Adobe Systems Incorporated)
Task: {4CBE1F36-B884-4A24-A947-567438E0DA98} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {C2D7AE54-60CD-4720-8E2B-343A690DF66B} - System32\Tasks\SMW_UpdateTask_Time_3934383839323339312d375055574132506c572a4a45 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-12-20 18:15 - 2014-03-22 22:46 - 03117056 _____ () C:\ProgramData\815330987d79t6315439\815330987d79t6315439.dll
2012-12-19 15:32 - 2012-12-19 15:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-20 20:29 - 2016-12-24 20:36 - 00252416 _____ () C:\Windows\TEMP\g7E55.tmp.exe
2016-12-20 20:28 - 2016-12-24 20:36 - 03780096 _____ () C:\Windows\TEMP\g4F57.tmp

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\Windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\Jana\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Jana\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Jana\AppData\Local\History:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-20 18:14 - 00000918 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D107AF7D-7077-45B1-83BD-260C88FEC108}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{13431BE2-1DB9-46A4-8F65-63E036578312}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C0DDB5CE-73B7-4F74-BE55-9016E5FC05C0}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DF21D50A-9EC0-4137-AB20-221DCEE103A4}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A82D9573-8E35-4D16-85A0-BDFE0BC72E0A}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [{7D375474-4B2E-403C-8D27-099C590F989E}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [TCP Query User{0DA9CB13-C48C-4B05-800B-DB189FF8DB2E}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{623F7E40-9EDE-4237-B257-DB5F18886FBA}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{74CD1556-A74B-4CFB-96F9-BDE93F8C7508}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A09D1CB-BE52-4AF6-B250-E13F804A7CAA}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12A91C44-17F1-49C9-9C1B-564ED13D5A64}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A17A2C1B-EF95-482F-89EF-0BCCE15E49C5}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [UDP Query User{BF1D4493-C5D8-43EF-A924-697D300B1A7C}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [{46F68C8D-BA19-47E9-9008-4A1B1A39031D}] => %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{257D2795-1CF3-4A91-9323-C7C91B704C19}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2783318E-99CA-4020-A3D6-B3A0CF6EC2D5}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E69E3881-4D01-476B-917E-3535A9C51FC9}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [UDP Query User{EAF305FB-98EF-4FFA-9794-2AA506009568}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [{C19C0F3A-0F6A-49D8-9A1A-EE5FBAB93265}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD51BCB0-DC7F-4CB3-8987-B09B90B2F4D1}] => C:\Windows\system32\rundll32.exe
FirewallRules: [TCP Query User{842BF3CE-BE8D-488D-9D42-53FE2BEF3E1C}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{D5845059-05E3-4AD9-A52B-E0D275F302B2}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [{870C6416-6602-4E2A-BFF9-061224FD3C84}] => C:\Users\Jana\AppData\Local\Temp\is-V60S4.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{D9460726-053A-4C94-8AEC-FB444D505136}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{B6340011-6B78-4E22-B6BC-51E9D8F0498F}] => C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe
FirewallRules: [{90FC8C2B-49DF-4F61-8923-817652FC2369}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C534A6BB-67FC-42BA-8D43-89569B2B372D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A61E6E18-3119-42E1-B323-F2EDDC62B697}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{891451B6-6D11-422A-BDE6-49A37011038B}] => C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

17-12-2016 20:06:57 Windows Update
20-12-2016 20:40:31 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/24/2016 08:37:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 01:20:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/24/2016 12:52:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/24/2016 12:06:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 09:37:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/24/2016 09:25:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/24/2016 09:09:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 12:20:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.388, časové razítko: 0x58320f73
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23572, časové razítko: 0x57fd0651
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000000528f6
ID chybujícího procesu: 0xb58
Čas spuštění chybující aplikace: 0x01d25d70e7c510d3
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 5b282315-c966-11e6-841e-50e54955b81b

Error: (12/24/2016 12:10:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/24/2016 12:04:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (12/24/2016 08:36:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BitTorrent neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/24/2016 08:35:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AlzaMedia-Autoupdate neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (12/24/2016 08:35:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (12/24/2016 08:32:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Winmgmt bylo dosaženo časového limitu (30000 ms).

Error: (12/24/2016 08:31:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby MBAMService bylo dosaženo časového limitu (30000 ms).

Error: (12/24/2016 08:31:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/24/2016 08:31:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/24/2016 08:30:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/24/2016 08:30:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/24/2016 08:30:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PMBDeviceInfoProvider byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-12-24 20:37:17.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 20:37:17.742
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 20:37:17.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 20:37:17.352
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 12:06:25.377
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 12:06:25.236
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 12:06:25.127
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 12:06:24.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 09:09:31.103
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-24 09:09:30.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 631 Quad-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 4093.37 MB
Available physical RAM: 2197.95 MB
Total Virtual: 8184.92 MB
Available Virtual: 6085.76 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:114.16 GB) (Free:19.3 GB) NTFS
Drive d: (Data) (Fixed) (Total:118.63 GB) (Free:52.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: A7A4F9B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=114.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=118.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Reklamní havěť

Napsal: 25 pro 2016 11:47
od JaRon
Restartuj PC do nudxoveho rezimu a tam vycisti s MBAM

Re: Reklamní havěť

Napsal: 28 pro 2016 19:32
od Jirka K.
Tak MBAM se nakonec podařilo dokončit i v běžném režimu, vyčistil, co mohl (při opakovaném spuštění už nic dalšího nenachází). ADW Cleaner při opakovaném spuštění vždy najde další. Přikládám oba logy z FRST a poslední log z ADW Cleaneru.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jana (administrator) on KŘIVÁNEK-PC (28-12-2016 19:26:47)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Křivánek & Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Alza.cz a.s.) C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellExecuteHooks: No Name - {212EB874-B064-11E6-8412-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Fegghgradoing\Anunaly.dll -> No File
ShellExecuteHooks: No Name - {344E022C-B058-11E6-BC7C-64006A5CFC23} - C:\Users\Jana\AppData\Roaming\Mtispplaperk\Reukatyherradom.dll -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{582E5871-F563-4527-9641-23675C37B3F1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: [main]
current=0
[users]
0=Jana
[not found]
FF DefaultProfile: d5oxsyb1.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\d5oxsyb1.default [2016-12-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-23] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=gclzamobl20564bu,70401e53-6567-42f5-a14f-5c3acc8a6cd6,
CHR DefaultSearchKeyword: ChromeDefaultData -> www-searching.com
CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-23] <==== ATTENTION
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-23]
CHR Extension: (Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-22]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-22]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-22]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AlzaMedia-Autoupdate; C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe [48000 2014-10-03] (Alza.cz a.s.) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 BitTorrent; "C:\Program Files\BitTorrent\BitTorrent.exe" /s iid=9371275 did=APSnapdoAMRev sid=3 ref=e8c92417-763b-431f-3364-ef7835acd4da-PolicyMac id=5f7e1e189414dbf8174f22d27798f8f33ab8c0e73a28b7682228633ad21e6af0 [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-29] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-20] (REALiX(tm))
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-23] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-28] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-28] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-28] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S4 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] () [File not signed]
U1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S3 ALSysIO; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-28 19:26 - 2016-12-28 19:27 - 00011523 _____ C:\Users\Jana\Downloads\FRST.txt
2016-12-28 19:25 - 2016-12-28 19:25 - 02420736 _____ (Farbar) C:\Users\Jana\Downloads\FRST64.exe
2016-12-28 15:59 - 2016-12-28 15:59 - 00002998 _____ C:\Users\Jana\Desktop\AdwCleaner[C12].txt
2016-12-26 22:45 - 2016-12-26 22:45 - 00002673 _____ C:\Users\Jana\Desktop\AdwCleaner[C10].txt
2016-12-26 20:13 - 2016-12-26 20:13 - 02816696 _____ C:\Users\Křivánek\Downloads\Seznam.cz.exe
2016-12-25 19:10 - 2016-12-25 19:10 - 00000000 ____D C:\Users\Křivánek\AppData\Local\Macromedia
2016-12-24 13:19 - 2016-12-27 21:40 - 00000000 ____D C:\Users\Křivánek\AppData\LocalLow\Mozilla
2016-12-24 13:19 - 2016-12-24 13:25 - 00000000 ____D C:\Users\Křivánek\AppData\Local\Mozilla
2016-12-24 12:51 - 2016-12-24 12:51 - 00002065 _____ C:\Users\Jana\Desktop\AdwCleaner[C6].txt
2016-12-24 09:25 - 2016-12-24 09:25 - 00003044 _____ C:\Users\Jana\Desktop\AdwCleaner[C5].txt
2016-12-24 00:06 - 2016-12-24 00:06 - 00003991 _____ C:\Users\Jana\Desktop\AdwCleaner[C4].txt
2016-12-23 22:46 - 2016-12-28 19:26 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2016-12-23 22:45 - 2016-12-23 22:52 - 00000000 ____D C:\Users\Jana\AppData\Local\Mozilla
2016-12-23 22:44 - 2016-12-24 00:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-23 22:44 - 2016-12-24 00:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-23 22:44 - 2016-12-23 22:44 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-23 22:06 - 2016-12-23 22:06 - 00005232 _____ C:\Users\Jana\Desktop\AdwCleaner[C3].txt
2016-12-23 21:35 - 2016-12-25 01:26 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-23 21:35 - 2016-12-23 21:36 - 00003956 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-23 21:06 - 2016-12-23 21:06 - 00000896 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2016-12-23 21:06 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Local\Seznam.cz
2016-12-23 21:06 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Local\Crashpad
2016-12-23 21:04 - 2016-12-23 21:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Seznam Browser
2016-12-23 19:59 - 2016-12-23 19:59 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-23 19:56 - 2016-12-28 19:02 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-23 19:56 - 2016-12-28 16:01 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-23 19:56 - 2016-12-28 15:59 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-23 19:56 - 2016-12-28 15:59 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-23 19:56 - 2016-12-23 19:56 - 00001873 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-23 19:56 - 2016-12-23 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-23 19:56 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-23 19:55 - 2016-12-23 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-23 19:55 - 2016-12-23 19:55 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-23 19:40 - 2016-12-28 17:53 - 00003476 _____ C:\Windows\System32\Tasks\UCBrowserSecureUpdater
2016-12-23 19:25 - 2016-12-23 19:25 - 03977168 _____ C:\Users\Jana\Desktop\adwcleaner_6.041.exe
2016-12-21 20:20 - 2016-12-22 21:53 - 00000000 ____D C:\Program Files\Common Files\zm32ncdb
2016-12-21 20:07 - 2016-12-21 20:07 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mtispplaperk
2016-12-21 19:20 - 2016-12-24 13:19 - 00000000 ____D C:\Users\Křivánek\AppData\Roaming\Mozilla
2016-12-21 19:20 - 2016-12-23 22:20 - 00000000 ____D C:\Program Files\BitTorrent
2016-12-21 19:19 - 2016-12-21 19:19 - 07316480 _____ C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00140288 _____ C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 00018432 _____ C:\Users\Jana\AppData\Roaming\Main.dat
2016-12-21 19:16 - 2016-12-24 09:18 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mtispplaperk
2016-12-21 19:16 - 2016-12-21 21:08 - 00000000 ____D C:\Program Files (x86)\Droationaruak
2016-12-21 19:16 - 2016-12-21 19:17 - 00000000 ____D C:\Users\Jana\AppData\Local\Ghoteghdeqert
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\MUpdater.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameXP.exe.config
2016-12-21 19:15 - 2016-12-21 19:15 - 00000165 _____ C:\Windows\SysWOW64\GameCenter.exe.config
2016-12-21 12:30 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\yywemi8q
2016-12-20 18:51 - 2016-12-20 18:51 - 00000000 ____D C:\Users\Křivánek\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\UCBrowser
2016-12-20 18:19 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Chromium
2016-12-20 18:18 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-12-20 18:18 - 2016-12-20 18:18 - 00000000 ____D C:\ProgramData\ProductData
2016-12-20 18:17 - 2016-12-20 18:17 - 00000000 __SHD C:\Users\Jana\AppData\Local\svchost
2016-12-20 18:16 - 2016-12-21 19:17 - 00000000 ____D C:\Program Files (x86)\Maoha
2016-12-20 18:16 - 2016-12-20 18:16 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Windows\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\IObit
2016-12-20 18:16 - 2016-12-20 18:16 - 00000000 ____D C:\ProgramData\IObit
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Public\Thunder Network
2016-12-20 18:15 - 2016-12-20 18:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\IObit
2016-12-20 18:14 - 2016-12-21 21:18 - 00000000 ____D C:\Program Files (x86)\Vulatcerfck
2016-12-20 18:14 - 2016-12-20 20:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Fegghgradoing
2016-12-20 18:14 - 2016-12-20 18:19 - 00000000 ____D C:\Users\Jana\AppData\Local\Fueryphijing
2016-12-14 08:50 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 08:50 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 08:50 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 08:50 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 08:50 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 08:50 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 08:50 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 08:50 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 08:50 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 08:50 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 08:50 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 08:50 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 08:50 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 08:50 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 08:50 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 08:50 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 08:50 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 08:50 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 08:50 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 08:50 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 08:50 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 08:50 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 08:50 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 08:50 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 08:50 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 08:50 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 08:50 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 08:50 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 08:50 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 08:50 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 08:50 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 08:50 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 08:50 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 08:50 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 08:50 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 08:50 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 08:50 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 08:50 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 08:50 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 08:50 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 08:50 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 08:50 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 08:50 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 08:50 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 08:50 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 08:50 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 08:50 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 08:50 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 08:50 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 08:50 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 08:50 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 08:50 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 08:50 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 08:50 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 08:49 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 08:49 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 08:49 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 08:49 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 08:49 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 08:49 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 08:49 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 08:49 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 08:49 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 08:49 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 08:49 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 08:49 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 08:49 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 08:49 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 08:49 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 08:49 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 08:49 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 08:49 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 08:49 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 08:49 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 08:49 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 08:49 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 08:49 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 08:49 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 08:49 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 08:49 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 08:49 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 08:49 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 08:49 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 08:49 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 08:49 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 08:49 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 08:49 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 08:49 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 08:49 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 08:49 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 08:49 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 08:49 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 08:49 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 08:49 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 08:49 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 08:49 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 22:29 - 2016-12-13 22:29 - 00050176 _____ C:\Users\Jana\Downloads\Kopie - vykaz prosinec 2016.xls
2016-12-12 20:21 - 2016-12-12 20:21 - 00000222 _____ C:\Users\Jana\Downloads\bawKk5v9oc_WsvTHz-3ANQc7INGjUmq_DxKTuJi8Rcp-165_HLX2v1CHEZlcEyZLWZ8yIUA
2016-12-07 09:36 - 2016-12-07 09:36 - 00088658 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201612_8012919549.pdf
2016-12-05 20:18 - 2016-12-05 20:18 - 00119401 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201608_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00114026 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201609_8012919549.pdf
2016-12-05 20:17 - 2016-12-05 20:17 - 00096535 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201610_8012919549.pdf
2016-12-05 20:16 - 2016-12-05 20:16 - 00121732 _____ C:\Users\Křivánek\Downloads\Doklad SIPO_201611_8012919549.pdf
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:08 - 2016-11-28 21:08 - 00030715 _____ C:\Users\Jana\Downloads\Dozor jídelna (1).xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-28 19:26 - 2016-09-01 10:59 - 00000000 ____D C:\FRST
2016-12-28 16:08 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-28 16:07 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-28 15:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-28 15:54 - 2016-09-03 12:49 - 00000000 ____D C:\AdwCleaner
2016-12-27 23:34 - 2016-09-04 00:18 - 00000000 ____D C:\Users\Jana\AppData\Local\LogMeIn Hamachi
2016-12-26 22:13 - 2014-08-04 15:06 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-12-26 17:32 - 2012-04-03 18:56 - 00000000 ____D C:\Users\Křivánek
2016-12-24 21:31 - 2011-04-12 09:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-12-24 21:31 - 2011-04-12 09:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-12-24 21:31 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-24 21:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-24 21:09 - 2013-12-15 13:27 - 00000000 ____D C:\Program Files (x86)\Interplay
2016-12-24 21:05 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-24 21:05 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-24 09:18 - 2012-04-24 17:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-12-23 22:52 - 2014-08-17 13:08 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-12-23 22:51 - 2012-04-24 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-23 22:51 - 2012-04-24 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-23 22:51 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-23 22:51 - 2012-04-24 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-23 22:46 - 2016-06-21 12:35 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Mozilla
2016-12-23 22:02 - 2014-10-10 13:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-23 22:01 - 2014-08-04 15:06 - 00000000 ____D C:\ProgramData\Skype
2016-12-23 19:31 - 2013-07-17 13:31 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-23 19:31 - 2012-04-24 11:22 - 00000973 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-23 18:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-22 19:02 - 2016-09-04 08:24 - 00000000 ____D C:\Users\Křivánek\AppData\Local\LogMeIn Hamachi
2016-12-21 19:17 - 2016-11-26 17:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-21 19:17 - 2016-11-20 11:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-21 19:17 - 2016-02-16 16:03 - 00000000 ____D C:\Program Files (x86)\Terasoft
2016-12-21 19:17 - 2015-11-06 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-21 19:17 - 2015-08-27 18:15 - 00000000 ____D C:\Program Files (x86)\Codec Pack - All In 1
2016-12-21 19:17 - 2015-05-18 23:26 - 00000000 ____D C:\Program Files (x86)\ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO
2016-12-21 19:17 - 2015-01-22 00:13 - 00000000 ____D C:\Program Files (x86)\Alza Media
2016-12-21 19:17 - 2014-09-16 16:46 - 00000000 ____D C:\Program Files (x86)\Activ Software
2016-12-21 19:17 - 2014-08-26 16:38 - 00000000 ____D C:\Program Files (x86)\Nakladatelství Nová Škola Brno
2016-12-21 19:17 - 2014-06-07 12:22 - 00000000 ____D C:\Program Files (x86)\Nová škola Brno
2016-12-21 19:17 - 2014-05-11 15:41 - 00000000 ____D C:\Program Files (x86)\MarkAny
2016-12-21 19:17 - 2014-05-11 15:21 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-12-21 19:17 - 2013-08-22 21:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-21 19:17 - 2013-08-02 18:57 - 00000000 ____D C:\Program Files (x86)\3DO
2016-12-21 19:17 - 2013-07-17 13:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-21 19:17 - 2013-04-28 18:26 - 00000000 ____D C:\Program Files (x86)\Kalypso
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-12-21 19:17 - 2013-03-01 22:21 - 00000000 ____D C:\Program Files (x86)\AMD APP
2016-12-21 19:17 - 2013-02-07 13:36 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2016-12-21 19:17 - 2012-09-16 02:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\OscarX7Editor5Mode
2016-12-21 19:17 - 2012-08-18 17:07 - 00000000 ____D C:\Program Files (x86)\5-Mode Oscar Editor
2016-12-21 19:17 - 2012-06-29 20:53 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-21 19:17 - 2012-05-21 00:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-21 19:17 - 2012-04-26 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-21 19:17 - 2012-04-26 11:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-21 19:17 - 2012-04-05 19:18 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2016-12-21 19:17 - 2012-04-05 19:17 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-12-21 19:17 - 2012-04-05 19:16 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2016-12-21 19:17 - 2012-04-05 19:14 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-21 19:17 - 2012-04-05 19:09 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-12-21 19:17 - 2012-04-05 19:06 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-12-21 19:17 - 2012-04-03 19:14 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-12-21 19:17 - 2012-04-03 19:04 - 00000000 ____D C:\Program Files (x86)\GIGABYTE
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-21 19:17 - 2012-04-03 18:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-21 19:17 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-21 19:17 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-15 08:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-14 19:54 - 2009-07-14 05:45 - 00306536 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 19:37 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 19:34 - 2012-04-03 19:31 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 19:32 - 2012-04-03 20:07 - 01559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-10 22:58 - 2016-06-21 18:24 - 00000000 ____D C:\Users\Jana\Desktop\Erbenova - náměty
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-12-01 03:18 - 2016-09-04 00:14 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-12-01 03:02 - 2012-04-03 20:07 - 00002155 _____ C:\Windows\epplauncher.mif
2016-12-01 03:02 - 2012-04-03 20:07 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-01 03:01 - 2012-04-03 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2016-12-21 19:19 - 2016-12-21 19:19 - 7316480 _____ () C:\Users\Jana\AppData\Roaming\agent.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0140288 _____ () C:\Users\Jana\AppData\Roaming\Installer.dat
2016-12-21 19:19 - 2016-12-21 19:19 - 0018432 _____ () C:\Users\Jana\AppData\Roaming\Main.dat
2015-02-20 00:17 - 2015-02-20 00:18 - 0003072 _____ () C:\Users\Jana\AppData\Local\file__0.localstorage
2015-09-06 22:23 - 2015-09-06 22:23 - 0032038 _____ () C:\Users\Jana\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2016-02-07 11:45 - 2016-02-07 11:45 - 0000000 _____ () C:\Users\Jana\AppData\Local\{7D8FAFCB-BA39-4421-BF23-A10C978EB026}

Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\794F.tmp.exe
C:\Users\Jana\AppData\Local\Temp\7A85.tmp.exe
C:\Users\Jana\AppData\Local\Temp\8BCB.tmp.exe
C:\Users\Jana\AppData\Local\Temp\AutoTime51495.exe
C:\Users\Jana\AppData\Local\Temp\brastub6ab_amobl_inst.exe
C:\Users\Jana\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Jana\AppData\Local\Temp\gD3C3.tmp.exe
C:\Users\Jana\AppData\Local\Temp\gF365.tmp.exe
C:\Users\Jana\AppData\Local\Temp\libeay32.dll
C:\Users\Jana\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Jana\AppData\Local\Temp\msvcr120.dll
C:\Users\Jana\AppData\Local\Temp\nss945D.exe
C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
C:\Users\Jana\AppData\Local\Temp\vlngp.exe
C:\Users\Jana\AppData\Local\Temp\Zone5.exe
C:\Users\Křivánek\AppData\Local\Temp\mininewsrepair.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-24 00:53

==================== End of FRST.txt ============================

Re: Reklamní havěť

Napsal: 28 pro 2016 19:33
od Jirka K.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jana (28-12-2016 19:28:02)
Running from C:\Users\Jana\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-03 17:55:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3406515104-517183750-3566915376-500 - Administrator - Disabled)
Guest (S-1-5-21-3406515104-517183750-3566915376-501 - Limited - Disabled)
Jana (S-1-5-21-3406515104-517183750-3566915376-1002 - Administrator - Enabled) => C:\Users\Jana
Křivánek (S-1-5-21-3406515104-517183750-3566915376-1000 - Administrator - Enabled) => C:\Users\Křivánek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
5-Mode Oscar Editor (HKLM-x32\...\OscarX7Mouse5Mode) (Version: 11.10.0001 - A4Tech)
Activprimary Viewer v3.6 (HKLM-x32\...\{919A356C-8FC7-49E2-91C4-66D25AE35121}) (Version: 3.6.22 - Promethean Ltd.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO (HKLM-x32\...\ALTERCJ2PPD_is1) (Version: 1.0 - Nakladatelství ALTER, s.r.o.)
Alza Media (HKLM-x32\...\cae43f19-b904-445a-8d22-0bf7c177726b_is1) (Version: 1.0.27.39844 - Alza.cz a.s.)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Banished v1.0.0 32-bit (HKLM-x32\...\{2AB66B5F-2613-477F-A4B1-CB2E8C7A2943}) (Version: 1.0.0 - Shining Rock Software LLC)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Český Jazyk 2 verze 2.30 (HKLM-x32\...\{84649EB1-E7CC-4CE7-A4CE-D0113D9B75C9}_is1) (Version: 2.30 - Nakladatelství Nová Škola)
Český jazyk 6 (instalace na disk) (HKLM-x32\...\Český jazyk 6 (instalace na disk)) (Version: - )
ČJ4 - Pravopisná cvičení (doporučená instalace) (HKLM-x32\...\ČJ4 - Pravopisná cvičení (doporučená instalace)) (Version: - )
FlexiBooks (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\eaadb22a7fda717f) (Version: 3.0.5.17 - Fraus Media spol. s r.o.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
Geeks3D.com FurMark 1.9.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (x32 Version: 1.00.0000 - CD Projekt) Hidden
Já a můj svět 1 (HKLM-x32\...\Já a můj svět 1) (Version: - )
Já a můj svět 3 (HKLM-x32\...\Já a můj svět 3) (Version: - )
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
Prohlížeč Seznam.cz (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\Seznam Browser) (Version: 3.6.0 - Seznam.cz a.s.)
Prvouka 2 verze 2.25 (HKLM-x32\...\{D3DEEB20-6BA0-458C-A619-0D7C0B240818}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Prvouka 3 verze 2.25 (HKLM-x32\...\{AC52D51B-92CB-4D1C-8F6F-242578B0CB4D}_is1) (Version: 2.25 - Nakladatelství Nová Škola)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6358 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Slabikář se Samem verze 3.2 (HKLM-x32\...\{770E3496-387C-4BE7-A2A3-10142ED83A68}_is1) (Version: 3.2 - Nakladatelství Nová Škola)
StrongholdCrusader (HKLM\...\{5a56ddf5-f2fd-4a53-b852-909002f9df30}.sdb) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3406515104-517183750-3566915376-1002\...\Warcraft III) (Version: - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Živá Abeceda verze 2.25 (HKLM-x32\...\{968A4FBF-C1CE-4CC6-8BD2-0949BD9DD816}_is1) (Version: 2.25 - Nakladatelství Nová Škola)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AC7D0A8-ADD8-4C1B-8EC3-C1EB7131F865} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Jana\AppData\Roaming\Adobe\Manager.exe
Task: {3201B6CE-43A6-4E95-839A-BA1152CF4DC9} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2016-12-20] (UC Web Inc.) <==== ATTENTION
Task: {416EE22A-EBF7-462D-8CC0-77D6C809FFC5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-23] (Adobe Systems Incorporated)
Task: {F23F520E-B95F-4DD5-91A9-DE5ED3DBD753} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-12-19 15:32 - 2012-12-19 15:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 18:39 - 2012-10-17 18:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-23 19:56 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\Windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\Jana\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Jana\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Jana\AppData\Local\History:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-26 17:38 - 00000888 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D107AF7D-7077-45B1-83BD-260C88FEC108}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{13431BE2-1DB9-46A4-8F65-63E036578312}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C0DDB5CE-73B7-4F74-BE55-9016E5FC05C0}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DF21D50A-9EC0-4137-AB20-221DCEE103A4}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A82D9573-8E35-4D16-85A0-BDFE0BC72E0A}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [{7D375474-4B2E-403C-8D27-099C590F989E}] => C:\Program Files (x86)\Kalypso\Tropico 3\tropico3.exe
FirewallRules: [TCP Query User{0DA9CB13-C48C-4B05-800B-DB189FF8DB2E}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{623F7E40-9EDE-4237-B257-DB5F18886FBA}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{74CD1556-A74B-4CFB-96F9-BDE93F8C7508}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A09D1CB-BE52-4AF6-B250-E13F804A7CAA}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12A91C44-17F1-49C9-9C1B-564ED13D5A64}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A17A2C1B-EF95-482F-89EF-0BCCE15E49C5}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [UDP Query User{BF1D4493-C5D8-43EF-A924-697D300B1A7C}C:\windows\system32\java.exe] => C:\windows\system32\java.exe
FirewallRules: [{46F68C8D-BA19-47E9-9008-4A1B1A39031D}] => %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{257D2795-1CF3-4A91-9323-C7C91B704C19}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2783318E-99CA-4020-A3D6-B3A0CF6EC2D5}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E69E3881-4D01-476B-917E-3535A9C51FC9}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [UDP Query User{EAF305FB-98EF-4FFA-9794-2AA506009568}D:\hry\dungeon keeper 2\dkii-dx.exe] => D:\hry\dungeon keeper 2\dkii-dx.exe
FirewallRules: [{C19C0F3A-0F6A-49D8-9A1A-EE5FBAB93265}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD51BCB0-DC7F-4CB3-8987-B09B90B2F4D1}] => C:\Windows\system32\rundll32.exe
FirewallRules: [TCP Query User{842BF3CE-BE8D-488D-9D42-53FE2BEF3E1C}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{D5845059-05E3-4AD9-A52B-E0D275F302B2}C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe] => C:\users\jana\appdata\local\temp\is-v60s4.tmp\download\minithunderplatform.exe
FirewallRules: [{870C6416-6602-4E2A-BFF9-061224FD3C84}] => C:\Users\Jana\AppData\Local\Temp\is-V60S4.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{D9460726-053A-4C94-8AEC-FB444D505136}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{B6340011-6B78-4E22-B6BC-51E9D8F0498F}] => C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe
FirewallRules: [{90FC8C2B-49DF-4F61-8923-817652FC2369}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C534A6BB-67FC-42BA-8D43-89569B2B372D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{27552133-C48A-4E6A-8559-36C74176AB0B}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{83B81F3C-7A1B-49DA-9257-C78959417B8D}] => C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

24-12-2016 20:49:13 Windows Update
24-12-2016 21:05:03 Odstraněno Tropico 3
28-12-2016 14:11:57 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2016 04:19:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2016 03:58:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/28/2016 02:01:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/27/2016 11:48:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 50.1.0.6186 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f24

Čas spuštění: 01d26091809cfc5e

Čas ukončení: 16

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: 7fab995d-cc86-11e6-b6f9-50e54955b81b

Error: (12/27/2016 11:35:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/27/2016 10:10:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2016 10:07:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2016 10:06:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2016 09:59:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2016 09:55:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Google\Chrome\Application\chrome.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="&#x2a;",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (12/28/2016 04:00:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X64 bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2016 04:00:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2016 03:57:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BitTorrent neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/28/2016 03:55:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby MBAMService bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2016 03:55:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/28/2016 03:55:31 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/28/2016 03:55:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hostitel zařízení UPnP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/28/2016 03:55:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba upnphost se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Správci zabezpečení účtů (SAM) nebo serveru místní autority zabezpečení (LSA) se nepodařilo provést zabezpečovací operaci.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/28/2016 03:55:05 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit. při pokusu o spuštění služby upnphost s argumenty za účelem spuštění serveru:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (12/28/2016 03:54:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-12-28 15:59:17.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 15:59:17.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 15:59:17.037
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 15:59:16.834
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 14:00:59.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 14:00:59.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 14:00:59.384
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-28 14:00:59.274
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 23:36:30.252
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-27 23:36:30.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 631 Quad-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 4093.37 MB
Available physical RAM: 2538.09 MB
Total Virtual: 8184.92 MB
Available Virtual: 6603.07 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:114.16 GB) (Free:28.43 GB) NTFS
Drive d: (Data) (Fixed) (Total:118.63 GB) (Free:50.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: A7A4F9B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=114.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=118.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Reklamní havěť

Napsal: 28 pro 2016 19:33
od Jirka K.
# AdwCleaner v6.041 - Log vytvořen 28/12/2016 v 15:54:43
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-26.3 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Jana - KŘIVÁNEK-PC
# Spuštěno z : C:\Users\Jana\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: ucdrv


***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\UCBrowser
[#] Klíč smazán po restartu: HKCU\Software\UCBrowser
[-] Klíč smazán: HKLM\SOFTWARE\UCBrowserPID
[#] Klíč smazán po restartu: [x64] HKCU\Software\UCBrowser
[-] Klíč smazán: [x64] HKLM\SOFTWARE\UCBrowser


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2562 Bajty] - [03/09/2016 12:52:09]
C:\AdwCleaner\AdwCleaner[C10].txt - [2670 Bajty] - [26/12/2016 22:17:36]
C:\AdwCleaner\AdwCleaner[C11].txt - [2886 Bajty] - [27/12/2016 23:27:25]
C:\AdwCleaner\AdwCleaner[C12].txt - [1369 Bajty] - [28/12/2016 15:54:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [39894 Bajty] - [23/12/2016 19:33:13]
C:\AdwCleaner\AdwCleaner[C3].txt - [5229 Bajty] - [23/12/2016 21:54:27]
C:\AdwCleaner\AdwCleaner[C4].txt - [3988 Bajty] - [24/12/2016 00:01:35]
C:\AdwCleaner\AdwCleaner[C5].txt - [3041 Bajty] - [24/12/2016 09:07:14]
C:\AdwCleaner\AdwCleaner[C6].txt - [2062 Bajty] - [24/12/2016 11:51:43]
C:\AdwCleaner\AdwCleaner[C7].txt - [2230 Bajty] - [24/12/2016 20:30:50]
C:\AdwCleaner\AdwCleaner[C8].txt - [2352 Bajty] - [26/12/2016 14:15:36]
C:\AdwCleaner\AdwCleaner[C9].txt - [2639 Bajty] - [26/12/2016 17:56:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [2739 Bajty] - [03/09/2016 12:51:18]
C:\AdwCleaner\AdwCleaner[S10].txt - [3081 Bajty] - [27/12/2016 23:26:42]
C:\AdwCleaner\AdwCleaner[S11].txt - [3190 Bajty] - [28/12/2016 15:54:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [38657 Bajty] - [23/12/2016 19:29:21]
C:\AdwCleaner\AdwCleaner[S2].txt - [5237 Bajty] - [23/12/2016 21:51:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [3986 Bajty] - [23/12/2016 23:59:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [3227 Bajty] - [24/12/2016 09:05:44]
C:\AdwCleaner\AdwCleaner[S5].txt - [2262 Bajty] - [24/12/2016 11:44:53]
C:\AdwCleaner\AdwCleaner[S6].txt - [2476 Bajty] - [24/12/2016 20:29:19]
C:\AdwCleaner\AdwCleaner[S7].txt - [2552 Bajty] - [26/12/2016 14:15:12]
C:\AdwCleaner\AdwCleaner[S8].txt - [2831 Bajty] - [26/12/2016 17:55:57]
C:\AdwCleaner\AdwCleaner[S9].txt - [2914 Bajty] - [26/12/2016 19:35:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [2907 Bajty] ##########

Re: Reklamní havěť

Napsal: 29 pro 2016 10:25
od JaRon
Je to omnoho lepsie
Ostalo tam par drobnosti, doporucujem odinstalovat AV od Microsoftu
a nahradit ho nejakym free z http://forum.viry.cz/viewforum.php?f=29
+ vycistit s nim

Re: Reklamní havěť

Napsal: 30 pro 2016 20:27
od Jirka K.
Nainstaloval jsem Avast, nenašel nic. Nefunkční Chrome jsem přeinstaloval a funguje, pouze nelze nastavit jako výchozí prohlížeč (po každém spuštění se ptá znovu). Problém je se službou "ucdrv", kterou vždy najde AdwCleaner. UC Browser, který se samovolně nainstaloval, jsem odebral přímo z Program files (x86), protože mezi programy (odinstalovat program) nebyl. Dalším problémem je www-searching.com (rovněž opakovaně nacházené AdwCleanerem), který jsem v přeinstalovaném Chromu odstraňoval jako domovskou stránku (předtím se nedařilo), nicméně AdwCleaner ji opakovaně nachází i poté.

Přikládám znovu poslední logy.

# AdwCleaner v6.041 - Log vytvořen 30/12/2016 v 20:05:43
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-29.2 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Křivánek - KŘIVÁNEK-PC
# Spuštěno z : C:\Users\Křivánek\Downloads\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: ucdrv


***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3406515104-517183750-3566915376-1000\Software\UCBrowser
[-] Klíč smazán: HKU\S-1-5-21-3406515104-517183750-3566915376-1002\Software\UCBrowser
[#] Klíč smazán po restartu: HKCU\Software\UCBrowser
[-] Klíč smazán: HKLM\SOFTWARE\UCBrowserPID
[#] Klíč smazán po restartu: [x64] HKCU\Software\UCBrowser
[-] Klíč smazán: [x64] HKLM\SOFTWARE\UCBrowser


***** [ Prohlížeče ] *****

[-] [C:\Users\Křivánek\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: www-searching.com
[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 4\Web data] [Search Provider] Smazáno: feed.sonic-search.com
[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 4\Web data] [Search Provider] Smazáno: www-searching.com
[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 4\Web data] [Search Provider] Smazáno: youndoo
[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 4\Web data] [Search Provider] Smazáno: www-searching.com_


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2562 Bajty] - [03/09/2016 12:52:09]
C:\AdwCleaner\AdwCleaner[C10].txt - [2670 Bajty] - [26/12/2016 22:17:36]
C:\AdwCleaner\AdwCleaner[C11].txt - [2886 Bajty] - [27/12/2016 23:27:25]
C:\AdwCleaner\AdwCleaner[C12].txt - [2995 Bajty] - [28/12/2016 15:54:43]
C:\AdwCleaner\AdwCleaner[C13].txt - [3231 Bajty] - [29/12/2016 22:49:06]
C:\AdwCleaner\AdwCleaner[C14].txt - [4452 Bajty] - [30/12/2016 17:55:25]
C:\AdwCleaner\AdwCleaner[C15].txt - [2314 Bajty] - [30/12/2016 20:05:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [39894 Bajty] - [23/12/2016 19:33:13]
C:\AdwCleaner\AdwCleaner[C3].txt - [5229 Bajty] - [23/12/2016 21:54:27]
C:\AdwCleaner\AdwCleaner[C4].txt - [3988 Bajty] - [24/12/2016 00:01:35]
C:\AdwCleaner\AdwCleaner[C5].txt - [3041 Bajty] - [24/12/2016 09:07:14]
C:\AdwCleaner\AdwCleaner[C6].txt - [2062 Bajty] - [24/12/2016 11:51:43]
C:\AdwCleaner\AdwCleaner[C7].txt - [2230 Bajty] - [24/12/2016 20:30:50]
C:\AdwCleaner\AdwCleaner[C8].txt - [2352 Bajty] - [26/12/2016 14:15:36]
C:\AdwCleaner\AdwCleaner[C9].txt - [2639 Bajty] - [26/12/2016 17:56:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [2739 Bajty] - [03/09/2016 12:51:18]
C:\AdwCleaner\AdwCleaner[S10].txt - [3081 Bajty] - [27/12/2016 23:26:42]
C:\AdwCleaner\AdwCleaner[S11].txt - [3190 Bajty] - [28/12/2016 15:54:17]
C:\AdwCleaner\AdwCleaner[S12].txt - [3422 Bajty] - [29/12/2016 22:45:50]
C:\AdwCleaner\AdwCleaner[S13].txt - [4493 Bajty] - [30/12/2016 17:54:06]
C:\AdwCleaner\AdwCleaner[S14].txt - [4283 Bajty] - [30/12/2016 20:04:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [38657 Bajty] - [23/12/2016 19:29:21]
C:\AdwCleaner\AdwCleaner[S2].txt - [5237 Bajty] - [23/12/2016 21:51:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [3986 Bajty] - [23/12/2016 23:59:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [3227 Bajty] - [24/12/2016 09:05:44]
C:\AdwCleaner\AdwCleaner[S5].txt - [2262 Bajty] - [24/12/2016 11:44:53]
C:\AdwCleaner\AdwCleaner[S6].txt - [2476 Bajty] - [24/12/2016 20:29:19]
C:\AdwCleaner\AdwCleaner[S7].txt - [2552 Bajty] - [26/12/2016 14:15:12]
C:\AdwCleaner\AdwCleaner[S8].txt - [2831 Bajty] - [26/12/2016 17:55:57]
C:\AdwCleaner\AdwCleaner[S9].txt - [2914 Bajty] - [26/12/2016 19:35:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C15].txt - [4074 Bajty] ##########

Re: Reklamní havěť

Napsal: 30 pro 2016 20:38
od Jirka K.
Tak RSIT, protože ke stažení FRST mě teď Avast nepustí :(

Logfile of random's system information tool 1.10 (written by random/random)
Run by Křivánek at 2016-12-30 20:28:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (24%) free of 117 GB
Total RAM: 4093 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:51, on 30.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Křivánek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AlzaMedia-Autoupdate - Alza.cz a.s. - C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7888 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Křivánek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Křivánek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x154
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3124 --on-initialized-event-handle=604 --parent-handle=608 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ReturnLessThan8OnMobile/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control6/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/Html5ByDefault/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_85/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,16,17,18,21,24,37,65 --gpu-vendor-id=0x1002 --gpu-device-id=0x68bf --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --gpu-driver-date=12-19-2012 --service-request-channel-token=42B13838A4DAF75A22937C34A0883DE4 --mojo-platform-channel-handle=1240 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ReturnLessThan8OnMobile/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Control6/*DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_85/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=AE1D379090D2A503B5A339B1B5043764 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=AE1D379090D2A503B5A339B1B5043764 --mojo-platform-channel-handle=2756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ReturnLessThan8OnMobile/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Control6/*DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_85/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=DC1BBF2F6D126A2E038FB29124209055 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=DC1BBF2F6D126A2E038FB29124209055 --mojo-platform-channel-handle=3596 /prefetch:1

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Křivánek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe -check pepperplugin

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-30 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-30 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-12-14 2776528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-12-30 9080768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{212EB874-B064-11E6-8412-64006A5CFC23}"= []
"{344E022C-B058-11E6-BC7C-64006A5CFC23}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-12-30 20:28:44 ----D---- C:\Program Files\trend micro
2016-12-30 20:28:43 ----D---- C:\rsit
2016-12-30 17:54:18 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-12-30 17:54:18 ----A---- C:\Windows\system32\drivers\farflt.sys
2016-12-30 17:54:13 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-12-30 17:54:08 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-12-30 17:53:36 ----A---- C:\Windows\system32\drivers\mbae64.sys
2016-12-30 17:53:32 ----D---- C:\ProgramData\Malwarebytes
2016-12-30 17:53:32 ----D---- C:\Program Files\Malwarebytes
2016-12-30 17:25:42 ----D---- C:\Users\Křivánek\AppData\Roaming\Obsidium
2016-12-30 17:25:28 ----D---- C:\ProgramData\BolideSoftware
2016-12-30 17:25:28 ----D---- C:\Program Files (x86)\Bolide Movie Creator
2016-12-30 15:25:52 ----D---- C:\Program Files\CCleaner
2016-12-30 15:20:42 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-12-30 15:18:40 ----D---- C:\Users\Křivánek\AppData\Roaming\AVAST Software
2016-12-30 15:17:39 ----D---- C:\Program Files\Common Files\AV
2016-12-30 15:17:23 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-12-30 15:17:22 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-12-30 15:17:21 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-12-30 15:17:21 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-12-30 15:17:20 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-12-30 15:17:19 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-12-30 15:17:18 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-12-30 15:17:16 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-12-30 15:16:49 ----A---- C:\Windows\system32\aswBoot.exe
2016-12-30 15:16:39 ----A---- C:\Windows\avastSS.scr
2016-12-30 15:15:32 ----D---- C:\Program Files\AVAST Software
2016-12-30 15:14:57 ----D---- C:\ProgramData\AVAST Software
2016-12-23 22:44:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-21 20:20:59 ----D---- C:\Program Files\Common Files\zm32ncdb
2016-12-21 20:07:18 ----D---- C:\Users\Křivánek\AppData\Roaming\Mtispplaperk
2016-12-21 19:20:48 ----D---- C:\Program Files\BitTorrent
2016-12-21 19:20:16 ----D---- C:\Users\Křivánek\AppData\Roaming\Mozilla
2016-12-21 19:16:40 ----D---- C:\Program Files (x86)\Droationaruak
2016-12-21 12:30:12 ----D---- C:\Program Files (x86)\yywemi8q
2016-12-20 19:15:27 ----A---- C:\Windows\SYSWOW64\log.txt
2016-12-20 18:18:20 ----D---- C:\ProgramData\ProductData
2016-12-20 18:16:58 ----D---- C:\Program Files (x86)\Maoha
2016-12-20 18:16:28 ----D---- C:\Windows\IObit
2016-12-20 18:16:28 ----D---- C:\ProgramData\IObit
2016-12-20 18:16:20 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-12-20 18:14:50 ----D---- C:\Program Files (x86)\Vulatcerfck
2016-12-14 08:50:11 ----A---- C:\Windows\system32\mshtml.dll
2016-12-14 08:50:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-12-14 08:50:10 ----A---- C:\Windows\system32\ieframe.dll
2016-12-14 08:50:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-12-14 08:50:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-12-14 08:50:09 ----A---- C:\Windows\system32\jscript9.dll
2016-12-14 08:50:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-12-14 08:50:08 ----A---- C:\Windows\system32\wininet.dll
2016-12-14 08:50:08 ----A---- C:\Windows\system32\win32k.sys
2016-12-14 08:50:08 ----A---- C:\Windows\system32\crypt32.dll
2016-12-14 08:50:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-12-14 08:50:07 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-12-14 08:50:07 ----A---- C:\Windows\system32\wintrust.dll
2016-12-14 08:50:07 ----A---- C:\Windows\system32\winload.exe
2016-12-14 08:50:07 ----A---- C:\Windows\system32\usp10.dll
2016-12-14 08:50:07 ----A---- C:\Windows\system32\msi.dll
2016-12-14 08:50:07 ----A---- C:\Windows\system32\drivers\cng.sys
2016-12-14 08:50:07 ----A---- C:\Windows\system32\clfs.sys
2016-12-14 08:50:07 ----A---- C:\Windows\system32\bcdedit.exe
2016-12-14 08:50:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-12-14 08:50:06 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-12-14 08:50:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-12-14 08:50:06 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2016-12-14 08:50:06 ----A---- C:\Windows\system32\user32.dll
2016-12-14 08:50:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-12-14 08:50:06 ----A---- C:\Windows\system32\gdi32.dll
2016-12-14 08:50:06 ----A---- C:\Windows\system32\consent.exe
2016-12-14 08:50:06 ----A---- C:\Windows\system32\bcrypt.dll
2016-12-14 08:50:05 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-12-14 08:50:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-12-14 08:50:05 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-12-14 08:50:05 ----A---- C:\Windows\system32\urlmon.dll
2016-12-14 08:50:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-12-14 08:50:05 ----A---- C:\Windows\system32\ntdll.dll
2016-12-14 08:50:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-12-14 08:50:05 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-12-14 08:50:04 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-12-14 08:50:04 ----A---- C:\Windows\system32\nlsbres.dll
2016-12-14 08:50:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-12-14 08:50:04 ----A---- C:\Windows\system32\jscript.dll
2016-12-14 08:50:04 ----A---- C:\Windows\system32\hlink.dll
2016-12-14 08:50:04 ----A---- C:\Windows\system32\certcli.dll
2016-12-14 08:50:03 ----A---- C:\Windows\system32\vbscript.dll
2016-12-14 08:50:03 ----A---- C:\Windows\system32\msfeeds.dll
2016-12-14 08:50:03 ----A---- C:\Windows\system32\iertutil.dll
2016-12-14 08:50:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-12-14 08:50:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-12-14 08:50:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-12-14 08:50:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-12-14 08:50:02 ----A---- C:\Windows\system32\rpcrt4.dll
2016-12-14 08:50:02 ----A---- C:\Windows\system32\msiexec.exe
2016-12-14 08:50:02 ----A---- C:\Windows\system32\ieapfltr.dll
2016-12-14 08:50:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-12-14 08:50:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-12-14 08:50:01 ----A---- C:\Windows\system32\ieui.dll
2016-12-14 08:50:01 ----A---- C:\Windows\system32\authui.dll
2016-12-14 08:50:00 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-12-14 08:50:00 ----A---- C:\Windows\system32\msihnd.dll
2016-12-14 08:50:00 ----A---- C:\Windows\system32\lsasrv.dll
2016-12-14 08:50:00 ----A---- C:\Windows\system32\dxtrans.dll
2016-12-14 08:50:00 ----A---- C:\Windows\system32\dxtmsft.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\webcheck.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\smss.exe
2016-12-14 08:49:59 ----A---- C:\Windows\system32\msrating.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\mshtmled.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\kernel32.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\kerberos.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\jscript9diag.dll
2016-12-14 08:49:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-12-14 08:49:59 ----A---- C:\Windows\system32\advapi32.dll
2016-12-14 08:49:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-12-14 08:49:58 ----A---- C:\Windows\system32\occache.dll
2016-12-14 08:49:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 08:49:58 ----A---- C:\Windows\system32\jsproxy.dll
2016-12-14 08:49:58 ----A---- C:\Windows\system32\cryptsvc.dll
2016-12-14 08:49:57 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-12-14 08:49:57 ----A---- C:\Windows\system32\appinfo.dll
2016-12-14 08:49:56 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-12-14 08:49:56 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-12-14 08:49:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-12-14 08:49:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-12-14 08:49:56 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-12-14 08:49:56 ----A---- C:\Windows\system32\schannel.dll
2016-12-14 08:49:56 ----A---- C:\Windows\system32\cryptnet.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-12-14 08:49:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\wow64win.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\winsrv.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\srcore.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\ncrypt.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\msv1_0.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\KernelBase.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\inseng.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\ieUnatt.exe
2016-12-14 08:49:55 ----A---- C:\Windows\system32\iesetup.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-12-14 08:49:55 ----A---- C:\Windows\system32\ie4uinit.exe
2016-12-14 08:49:55 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-12-14 08:49:54 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\wow64.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\wdigest.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\sspicli.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\rpchttp.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\iernonce.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\csrsrv.dll
2016-12-14 08:49:54 ----A---- C:\Windows\system32\conhost.exe
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-12-14 08:49:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\wow64cpu.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\sspisrv.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\srclient.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\secur32.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\rstrui.exe
2016-12-14 08:49:53 ----A---- C:\Windows\system32\ntvdm64.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\lsass.exe
2016-12-14 08:49:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-12-14 08:49:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-12-14 08:49:53 ----A---- C:\Windows\system32\drivers\appid.sys
2016-12-14 08:49:53 ----A---- C:\Windows\system32\cryptbase.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\credssp.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-12-14 08:49:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 08:49:53 ----A---- C:\Windows\system32\appidapi.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 08:49:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-12-14 08:49:52 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-12-14 08:49:52 ----A---- C:\Windows\system32\auditpol.exe
2016-12-14 08:49:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 08:49:52 ----A---- C:\Windows\system32\apisetschema.dll
2016-12-14 08:49:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 08:49:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\user.exe
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-12-14 08:49:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-12-14 08:49:51 ----A---- C:\Windows\system32\msobjs.dll
2016-12-14 08:49:51 ----A---- C:\Windows\system32\msimsg.dll
2016-12-14 08:49:51 ----A---- C:\Windows\system32\msaudite.dll
2016-12-14 08:49:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 08:49:51 ----A---- C:\Windows\system32\adtschema.dll
2016-12-14 08:49:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-12-14 08:49:50 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2016-12-30 20:28:44 ----RD---- C:\Program Files
2016-12-30 20:09:22 ----D---- C:\Windows\Temp
2016-12-30 20:06:09 ----D---- C:\Windows\system32\config
2016-12-30 20:05:43 ----D---- C:\AdwCleaner
2016-12-30 20:01:15 ----RD---- C:\Program Files (x86)
2016-12-30 17:54:44 ----D---- C:\Windows\Tasks
2016-12-30 17:54:44 ----D---- C:\Windows\system32\Tasks
2016-12-30 17:54:18 ----AD---- C:\Windows\system32\drivers
2016-12-30 17:53:32 ----AHD---- C:\ProgramData
2016-12-30 15:46:30 ----D---- C:\Windows
2016-12-30 15:32:38 ----SHD---- C:\Windows\Installer
2016-12-30 15:31:22 ----D---- C:\Windows\inf
2016-12-30 15:29:19 ----D---- C:\Windows\debug
2016-12-30 15:17:39 ----D---- C:\Program Files\Common Files
2016-12-30 15:17:39 ----D---- C:\Program Files (x86)\Common Files
2016-12-30 15:16:55 ----D---- C:\Windows\winsxs
2016-12-30 15:16:49 ----D---- C:\Windows\System32
2016-12-30 15:15:07 ----D---- C:\Windows\Prefetch
2016-12-28 14:12:26 ----SHD---- C:\System Volume Information
2016-12-26 17:38:03 ----HD---- C:\Program Files (x86)\Uninstall Information
2016-12-24 21:31:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-24 21:09:09 ----D---- C:\Program Files (x86)\Interplay
2016-12-24 21:05:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-12-23 22:51:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-12-23 22:51:46 ----D---- C:\Windows\system32\Macromed
2016-12-23 22:51:40 ----D---- C:\Windows\SYSWOW64\Macromed
2016-12-23 22:02:05 ----RD---- C:\Program Files (x86)\Skype
2016-12-23 22:01:51 ----D---- C:\ProgramData\Skype
2016-12-23 19:31:09 ----D---- C:\Windows\SysWOW64
2016-12-23 18:30:35 ----D---- C:\Windows\system32\NDF
2016-12-21 21:08:42 ----SD---- C:\ProgramData\Microsoft
2016-12-21 19:17:56 ----HD---- C:\Program Files (x86)\Temp
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\WinRAR
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Sidebar
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows NT
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Mail
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Windows Defender
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Terasoft
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Sony
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Samsung
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Realtek
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\OscarX7Editor5Mode
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\OpenAL
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Nová škola Brno
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Nakladatelství Nová Škola Brno
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\MSXML 4.0
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\MSBuild
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Microsoft Works
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Microsoft Office
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\MarkAny
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Kalypso
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Java
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Internet Explorer
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\HD Tune Pro
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Google
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\GIGABYTE
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Geeks3D
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Futuremark
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\DOSBox-0.74
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Combined Community Codec Pack
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\CDBurnerXP
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\ATI Technologies
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\AMD APP
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\Alza Media
2016-12-21 19:17:56 ----D---- C:\Program Files (x86)\ALTER Český jazyk - Pravopisné pětiminutovky 2 DEMO
2016-12-21 19:17:55 ----D---- C:\Program Files (x86)\Adobe
2016-12-21 19:17:55 ----D---- C:\Program Files (x86)\Activ Software
2016-12-21 19:17:55 ----D---- C:\Program Files (x86)\5-Mode Oscar Editor
2016-12-21 19:17:55 ----D---- C:\Program Files (x86)\3DO
2016-12-20 18:16:20 ----D---- C:\Windows\SYSWOW64\drivers
2016-12-15 08:21:10 ----D---- C:\Windows\rescache
2016-12-14 22:19:41 ----D---- C:\Windows\Microsoft.NET
2016-12-14 22:15:14 ----RSD---- C:\Windows\assembly
2016-12-14 19:51:31 ----D---- C:\Program Files\Internet Explorer
2016-12-14 19:51:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-12-14 19:51:27 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-14 19:51:23 ----D---- C:\Windows\system32\cs-CZ
2016-12-14 19:51:22 ----D---- C:\Windows\system32\en-US
2016-12-14 19:51:15 ----D---- C:\Windows\AppPatch
2016-12-14 19:51:13 ----D---- C:\Windows\system32\Boot
2016-12-14 19:38:38 ----D---- C:\ProgramData\Microsoft Help
2016-12-14 19:37:49 ----D---- C:\Windows\system32\MRT
2016-12-14 19:34:40 ----AC---- C:\Windows\system32\MRT.exe
2016-12-14 19:32:19 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-14 19:28:33 ----D---- C:\Windows\system32\catroot2
2016-12-04 16:48:20 ----SD---- C:\Users\Křivánek\AppData\Roaming\Microsoft
2016-12-01 03:18:22 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2010-06-29 11832]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-12-30 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-12-30 293352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-12-30 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-12-30 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-12-30 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-12-30 513632]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2016-12-14 77416]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-12-20 27552]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-12-30 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-12-30 163416]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2016-07-18 34720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2016-12-30 102856]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2016-12-30 43968]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-12-30 250816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-15 47232]
S2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\ALSysIO64.sys []
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 87168]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 188544]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-12-30 37656]
S3 cpuz135;cpuz135; \??\C:\Users\KIVNEK~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-04-19 25640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-04-26 353000]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AlzaMedia-Autoupdate;AlzaMedia-Autoupdate; C:\Program Files (x86)\Alza Media\v1.0.27.39844\AlzaMediaAutoupdateService.exe [2014-10-03 48000]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-12-30 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-11-11 2627080]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-11-11 419248]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-12-14 4317648]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-15 459832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-11-29 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-15 569768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-11-29 51384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]

-----------------EOF-----------------

Re: Reklamní havěť

Napsal: 30 pro 2016 22:21
od JaRon
Pouzi este JRT, navod kolegu http://forum.viry.cz/viewtopic.php?f=13 ... e#p1469718
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz