VIRY.CZ

Zdravím,

prosím o kontrolu PC, hlasí se zde podivný virus reImage, projevuje se vyskakováním oken v prohlížeči.

Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by Maturaci (administrator) on MATURACI-PC (11-01-2017 19:03:04)
Running from C:\Users\Maturaci\Desktop
Loaded Profiles: Maturaci & DefaultAppPool (Available Profiles: Maturaci & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
forum.viry.cz) C:\Users\Maturaci\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcfgex.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [22779584 2016-12-10] (Microsoft Corporation)
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-10-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1c0105c6-91c2-4213-b3f2-7e852e55723a}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2017-01-05] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-01-05] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => No File
CHR Profile: C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (YouTube) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Canonical Url) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibbofpfifeklicllnimkipggbodbegj [2017-01-03]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-07] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeW ... pdates.xml] <==== ATTENTION
CHR Extension: (G Suite Training) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\idkloemkmldbemijiamdiolojbffnjlh [2016-12-03]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-05-27]
CHR Extension: (AVG SafePrice) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2016-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKU\S-1-5-21-3099588839-2365295684-448508366-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-12] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2016-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-12] ()
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-10-31] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-10-31] (Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-10] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2017-01-11] (SlimWare Utilities, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 19:03 - 2017-01-11 19:03 - 00016580 _____ C:\Users\Maturaci\Desktop\FRST.txt
2017-01-11 19:02 - 2017-01-11 19:02 - 00000000 ____D C:\Users\Maturaci\Desktop\FRST-OlderVersion
2017-01-11 19:01 - 2017-01-11 19:03 - 00000000 ____D C:\FRST
2017-01-11 18:58 - 2017-01-11 19:02 - 02419200 _____ (Farbar) C:\Users\Maturaci\Desktop\FRST64.exe
2017-01-11 18:57 - 2017-01-11 18:57 - 01996255 _____ C:\Users\Maturaci\Downloads\Programy.zip
2017-01-11 18:55 - 2017-01-11 18:55 - 01996255 _____ C:\Users\Maturaci\Downloads\Nepotvrzeno 459299.crdownload
2017-01-11 17:52 - 2017-01-11 17:52 - 00025441 _____ C:\Users\Maturaci\Downloads\Obchodni_podminky_EDUA_Languages,_s.r.o._-_Jazykove_kurzy.html
2017-01-11 17:52 - 2017-01-11 17:52 - 00025441 _____ C:\Users\Maturaci\Downloads\Obchodni_podminky_EDUA_Languages,_s.r.o._-_Jazykove_kurzy (1).html
2017-01-11 14:55 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 14:55 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 14:55 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 14:55 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 14:55 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 14:55 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 14:55 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 14:55 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 14:55 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 14:55 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 14:55 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 14:55 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 14:55 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 14:55 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 14:55 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 14:55 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 14:55 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 14:55 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 14:55 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 14:55 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 14:55 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 14:55 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 14:55 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 14:55 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 14:55 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 14:55 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 14:55 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 14:55 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 14:55 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 14:55 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 14:55 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 14:55 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 14:55 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 14:55 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 14:55 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 14:55 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 14:55 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 14:55 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 14:55 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 14:55 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 14:55 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 14:55 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 14:55 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 14:55 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 14:55 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 14:55 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 14:55 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 14:55 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 14:55 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 14:55 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 14:55 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 14:55 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 14:55 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 14:55 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 14:55 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 14:55 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 14:55 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 14:55 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 14:55 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 14:55 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 14:55 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 14:55 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 14:55 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 14:55 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 14:55 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 14:55 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 14:55 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 14:55 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 14:55 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 14:55 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 14:55 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 14:55 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 14:55 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 14:55 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 14:55 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:55 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 14:54 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 14:54 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 14:54 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 14:54 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 14:54 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 14:54 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 14:54 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 14:54 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 14:54 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 14:54 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 14:54 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 14:54 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 14:54 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 14:54 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 14:54 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 14:54 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 14:54 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 14:54 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 14:54 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 14:54 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 14:54 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 14:54 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 14:54 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 14:54 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 14:54 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 14:54 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 14:54 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 14:54 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 14:54 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 14:54 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 14:54 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 14:54 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 14:54 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 14:54 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 14:54 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 14:54 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 14:54 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 14:54 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:54 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 14:54 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 14:54 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 14:54 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 14:54 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 14:54 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 14:54 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 14:54 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 14:54 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 14:54 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 14:54 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 14:54 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 19:16 - 2017-01-10 19:32 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-10 19:03 - 2017-01-10 19:15 - 54199488 _____ (Malwarebytes ) C:\Users\Maturaci\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-10 18:45 - 2017-01-10 18:45 - 03988944 _____ C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
2017-01-10 18:41 - 2017-01-10 19:37 - 00000000 ____D C:\AdwCleaner
2017-01-10 18:30 - 2017-01-10 18:30 - 08803648 _____ (Piriform Ltd) C:\Users\Maturaci\Downloads\ccsetup525.exe
2017-01-10 18:30 - 2017-01-10 18:30 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-10 18:30 - 2017-01-10 18:30 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-10 18:30 - 2017-01-10 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-10 18:30 - 2017-01-10 18:30 - 00000000 ____D C:\Program Files\CCleaner
2017-01-09 17:00 - 2017-01-09 17:00 - 01413120 _____ C:\Users\Maturaci\Downloads\polopravdy-nepravdy.pdf
2017-01-09 16:58 - 2017-01-09 16:58 - 09182804 _____ C:\Users\Maturaci\Downloads\Tajemstvi-krasnych-fotek.pdf
2017-01-09 16:58 - 2017-01-09 16:58 - 09182804 _____ C:\Users\Maturaci\Downloads\Tajemstvi-krasnych-fotek (1).pdf
2017-01-09 13:45 - 2017-01-09 13:45 - 00924431 _____ C:\Users\Maturaci\Downloads\přechod_2016.zip
2017-01-09 04:25 - 2017-01-11 16:40 - 00411456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-06 23:57 - 2017-01-07 00:04 - 00001476 _____ C:\Users\Maturaci\Desktop\Fiio X1_manual.lnk
2017-01-06 22:39 - 2017-01-06 22:39 - 00000000 ____D C:\Users\Maturaci\Documents\MP3
2017-01-06 21:51 - 2017-01-06 21:51 - 00191270 _____ C:\Users\Maturaci\Downloads\WW_PŘÍSPEVKY_2017.xlsx
2017-01-04 20:27 - 2017-01-04 20:27 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-01-02 22:47 - 2017-01-02 22:47 - 00142710 _____ C:\Users\Maturaci\Downloads\WhatsApp-Security-Whitepaper.pdf
2016-12-26 19:54 - 2016-12-26 19:54 - 09664540 _____ C:\Users\Maturaci\Downloads\Photos.zip
2016-12-25 14:02 - 2016-12-25 14:02 - 00706246 _____ C:\Users\Maturaci\Downloads\AllTravel-Prihlaska-693178813.pdf
2016-12-22 23:54 - 2016-12-22 23:55 - 00000000 ____D C:\Users\Maturaci\AppData\Roaming\langmaster.com
2016-12-22 23:54 - 2016-12-22 23:55 - 00000000 ____D C:\ProgramData\TEMP
2016-12-22 23:53 - 2016-12-22 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LANGMaster.com
2016-12-22 23:53 - 2016-12-22 23:53 - 00000000 ____D C:\Program Files (x86)\LANGMaster
2016-12-22 23:52 - 2016-12-22 23:53 - 154133035 _____ ( ) C:\Users\Maturaci\Downloads\Setup_DictSp_Cs.exe
2016-12-18 17:37 - 2016-12-18 17:47 - 00000000 ____D C:\Users\Maturaci\Documents\CeDe
2016-12-18 00:39 - 2016-12-18 00:39 - 09645031 _____ C:\Users\Maturaci\Downloads\mapavial_MTC (1).pdf
2016-12-18 00:29 - 2016-12-18 00:29 - 09645031 _____ C:\Users\Maturaci\Downloads\mapavial_MTC.pdf
2016-12-15 20:23 - 2016-12-15 20:23 - 00251714 _____ C:\Users\Maturaci\Downloads\13368804.pdf
2016-12-13 23:02 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 23:02 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 23:02 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 23:02 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 23:02 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 23:02 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 23:02 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 23:02 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 23:02 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 23:02 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 23:02 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 23:02 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 23:02 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 23:02 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:02 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 23:02 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 23:02 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 23:02 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 23:02 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 23:02 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:02 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 23:02 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 23:02 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 23:02 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 23:02 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 23:02 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 23:02 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 23:02 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 23:02 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 23:02 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 23:02 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 23:02 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 23:02 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 23:02 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 23:02 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 23:02 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:02 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 23:02 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 23:02 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 23:02 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 23:02 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 23:02 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 23:02 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 23:02 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 23:02 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 23:02 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:02 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 23:01 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 23:01 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 23:01 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 23:01 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 23:01 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 23:01 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 23:01 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 23:01 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 23:01 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 23:01 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 23:01 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 23:01 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 23:01 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 23:01 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 18:41 - 2015-02-08 09:17 - 00000000 ____D C:\Users\Maturaci\Documents\Soubory aplikace Outlook
2017-01-11 18:35 - 2016-10-02 01:23 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-01-11 18:26 - 2014-04-06 16:35 - 00000000 ____D C:\ProgramData\MFAData
2017-01-11 18:00 - 2014-04-06 16:09 - 00000000 ____D C:\Users\Maturaci\Documents\MM
2017-01-11 16:45 - 2016-10-02 01:05 - 02559162 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-11 16:45 - 2016-07-16 23:25 - 00966980 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-11 16:45 - 2016-07-16 23:25 - 00258320 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-11 16:45 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 16:43 - 2016-10-09 19:01 - 00025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2017-01-11 16:43 - 2016-10-09 19:01 - 00000496 _____ C:\WINDOWS\Tasks\AVG Driver Updater Startup.job
2017-01-11 16:43 - 2016-10-02 01:06 - 00000000 ____D C:\Users\Maturaci
2017-01-11 16:42 - 2016-10-02 01:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-11 16:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-11 16:42 - 2015-10-31 19:10 - 00000000 __SHD C:\Users\Maturaci\IntelGraphicsProfiles
2017-01-11 16:42 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 16:40 - 2016-10-02 01:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-11 16:40 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 16:36 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 16:32 - 2014-04-06 21:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 16:30 - 2014-04-06 21:01 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 16:21 - 2015-10-31 19:10 - 00000000 ____D C:\Users\Maturaci\AppData\Local\Packages
2017-01-11 14:28 - 2016-11-22 20:00 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4485C7AB-7866-47DD-B4E4-D54C6B65CFE2}
2017-01-11 14:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-10 23:35 - 2016-10-02 00:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-10 06:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-09 16:43 - 2016-06-26 08:31 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-01-09 07:36 - 2016-10-09 19:01 - 00000550 _____ C:\WINDOWS\Tasks\AVG Driver Updater Scan.job
2017-01-08 10:39 - 2016-10-09 19:01 - 00003488 _____ C:\WINDOWS\System32\Tasks\AVG Driver Updater Scan
2017-01-07 09:54 - 2016-07-16 07:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-01-07 09:50 - 2015-05-06 19:43 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-07 00:52 - 2016-10-02 01:23 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 00:52 - 2016-10-02 01:23 - 00003160 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-01-05 01:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-05 01:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-04 20:27 - 2016-10-02 01:06 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-02 19:17 - 2016-06-26 08:19 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-01-02 19:17 - 2014-04-06 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-30 22:38 - 2016-10-02 01:05 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-30 21:29 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 21:29 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-30 21:28 - 2014-04-07 17:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-25 02:30 - 2014-04-17 21:01 - 00000000 ____D C:\Users\Maturaci\AppData\Local\Diagnostics
2016-12-25 02:28 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-18 09:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-17 09:01 - 2016-10-02 01:23 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 09:01 - 2016-10-02 01:23 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 09:01 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-13 21:16 - 2014-04-06 12:01 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 21:16 - 2014-04-06 12:01 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-05-03 17:56 - 2014-05-04 22:49 - 0000425 _____ () C:\Users\Maturaci\AppData\Roaming\MATURACI-PC.MTBF.txt
2014-05-03 17:58 - 2015-09-17 21:02 - 0007168 _____ () C:\Users\Maturaci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-02 01:02 - 2016-10-02 01:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Maturaci\Desktop" je 52 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.042 - Log vytvořen 11/01/2017 v 20:13:26
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-11.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Služba nalezena: swdumon


***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.


***** [ Registry ] *****

Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] - zapmeta.cz
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[C4].txt - [1914 Bajty] - [10/01/2017 19:12:41]
C:\AdwCleaner\AdwCleaner[C5].txt - [2206 Bajty] - [10/01/2017 19:37:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [2057 Bajty] - [10/01/2017 19:12:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1948 Bajty] - [10/01/2017 19:15:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [2157 Bajty] - [10/01/2017 19:29:55]
C:\AdwCleaner\AdwCleaner[S6].txt - [2349 Bajty] - [10/01/2017 19:36:38]
C:\AdwCleaner\AdwCleaner[S7].txt - [2341 Bajty] - [11/01/2017 20:13:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2414 Bajty] ##########
xxxxxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 19:36:38
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] - zapmeta.cz
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[C4].txt - [1914 Bajty] - [10/01/2017 19:12:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [2057 Bajty] - [10/01/2017 19:12:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1948 Bajty] - [10/01/2017 19:15:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [2157 Bajty] - [10/01/2017 19:29:55]
C:\AdwCleaner\AdwCleaner[S6].txt - [2197 Bajty] - [10/01/2017 19:36:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2270 Bajty] ##########
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 19:29:55
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[C4].txt - [1914 Bajty] - [10/01/2017 19:12:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [2057 Bajty] - [10/01/2017 19:12:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1948 Bajty] - [10/01/2017 19:15:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [2005 Bajty] - [10/01/2017 19:29:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2078 Bajty] ##########
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 19:15:10
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[C4].txt - [1914 Bajty] - [10/01/2017 19:12:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [2057 Bajty] - [10/01/2017 19:12:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1796 Bajty] - [10/01/2017 19:15:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1869 Bajty] ##########
xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 19:12:11
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] - zapmeta.cz
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [1905 Bajty] - [10/01/2017 19:12:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1978 Bajty] ##########
xxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 19:01:07
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1523 Bajty] - [10/01/2017 19:01:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1596 Bajty] ##########
xxxxxxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 18:56:52
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] - zapmeta.cz
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1613 Bajty] - [10/01/2017 18:56:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1686 Bajty] ##########
xxxxxxxxxxxxxxxxxx
# AdwCleaner v6.042 - Log vytvořen 10/01/2017 v 18:46:46
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-10.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Služba nalezena: swdumon
***** [ Složky ] *****
Složka nalezena: C:\Users\Maturaci\AppData\Local\RtbSync
Složka nalezena: C:\Users\Maturaci\AppData\Local\ShdUpdate
Složka nalezena: C:\Users\Maturaci\AppData\Roaming\BabSolution
Složka nalezena: C:\Users\Maturaci\AppData\Roaming\buenosearch LTD
Složka nalezena: C:\Users\Maturaci\AppData\Roaming\StPrsSW
Složka nalezena: C:\Program Files\DriverSetupUtility
Složka nalezena: C:\ProgramData\DriverSetupUtility
Složka nalezena: C:\Users\Public\Documents\Downloaded Installers
Složka nalezena: C:\Program Files (x86)\buenosearch LTD
Složka nalezena: C:\Users\Maturaci\AppData\Local\ShdUpdate
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\drivers\swdumon.sys
Soubor nalezen: C:\WINDOWS\Reimage.ini
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Naplánovaná úloha nalezena: EPUpdater
Naplánovaná úloha nalezena: ShdUpdate
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore.1
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd.1
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr
Klíč nalezen: HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr.1
Klíč nalezen: HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc
Klíč nalezen: HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc.1
Klíč nalezen: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč nalezen: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{4CC15FBA-46A4-4CB5-BFAF-F2335365AE76}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{8322EB6E-B594-41F6-A30B-CF3F800E1874}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\BABSOLUTION
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\buenosearch LTD
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Reimage
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\SlimWare Utilities Inc
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Softonic
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKCU\Software\BABSOLUTION
Klíč nalezen: HKCU\Software\buenosearch LTD
Klíč nalezen: HKCU\Software\Reimage
Klíč nalezen: HKCU\Software\SlimWare Utilities Inc
Klíč nalezen: HKCU\Software\Softonic
Klíč nalezen: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKLM\SOFTWARE\buenosearch LTD
Klíč nalezen: HKLM\SOFTWARE\SlimWare Utilities Inc
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch
Klíč nalezen: [x64] HKCU\Software\BABSOLUTION
Klíč nalezen: [x64] HKCU\Software\buenosearch LTD
Klíč nalezen: [x64] HKCU\Software\Reimage
Klíč nalezen: [x64] HKCU\Software\SlimWare Utilities Inc
Klíč nalezen: [x64] HKCU\Software\Softonic
Klíč nalezen: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: [x64] HKLM\SOFTWARE\Reimage
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\buenosearch.com
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.buenosearch.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\buenosearch.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.buenosearch.com
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč nalezen: HKLM\SOFTWARE\CLASSES\b
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] - zapmeta.cz
Chromium nastavení nalezeno: [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [8667 Bajty] - [10/01/2017 18:46:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8740 Bajty] ##########

Neklikl jste na mazání, ADW nemazal. Zkuste ještě jednou.

# AdwCleaner v6.042 - Log vytvořen 11/01/2017 v 21:18:06
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-11.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Maturaci - MATURACI-PC
# Spuštěno z : C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: swdumon


***** [ Složky ] *****



***** [ Soubory ] *****

[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\swdumon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\SlimWare Utilities Inc


***** [ Prohlížeče ] *****

[-] [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: zapmeta.cz
[-] [C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazáno: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9612 Bajty] - [10/01/2017 18:50:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 Bajty] - [10/01/2017 18:58:49]
C:\AdwCleaner\AdwCleaner[C3].txt - [1439 Bajty] - [10/01/2017 19:03:36]
C:\AdwCleaner\AdwCleaner[C4].txt - [1914 Bajty] - [10/01/2017 19:12:41]
C:\AdwCleaner\AdwCleaner[C5].txt - [2206 Bajty] - [10/01/2017 19:37:00]
C:\AdwCleaner\AdwCleaner[C6].txt - [1616 Bajty] - [11/01/2017 21:18:06]
C:\AdwCleaner\AdwCleaner[S0].txt - [8927 Bajty] - [10/01/2017 18:46:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1765 Bajty] - [10/01/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1675 Bajty] - [10/01/2017 19:01:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [2057 Bajty] - [10/01/2017 19:12:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1948 Bajty] - [10/01/2017 19:15:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [2157 Bajty] - [10/01/2017 19:29:55]
C:\AdwCleaner\AdwCleaner[S6].txt - [2349 Bajty] - [10/01/2017 19:36:38]
C:\AdwCleaner\AdwCleaner[S7].txt - [2493 Bajty] - [11/01/2017 20:13:26]
C:\AdwCleaner\AdwCleaner[S8].txt - [2568 Bajty] - [11/01/2017 21:17:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2346 Bajty] ##########

Teď je to OK. Dejte nový log FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2017
Ran by Maturaci (11-01-2017 21:51:24)
Running from C:\Users\Maturaci\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-02 00:26:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3099588839-2365295684-448508366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3099588839-2365295684-448508366-503 - Limited - Disabled)
Guest (S-1-5-21-3099588839-2365295684-448508366-501 - Limited - Disabled)
Maturaci (S-1-5-21-3099588839-2365295684-448508366-1000 - Administrator - Enabled) => C:\Users\Maturaci

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.2.2 - AVG Netherlands B.V)
AVG Driver Updater (x32 Version: 2.2.2 - AVG Netherlands B.V) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.1.0.6 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.0.1.3 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
LANGMaster.com: Španělsko-český + Česko-španělský slovník (HKLM-x32\...\DictSp_Cs_com_cs_cz_EasyLex_is1) (Version: - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.0.0.75 - Avid Technology, Inc.)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006971A1-7F12-420D-8F2C-10A905F7AE70} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {058CF275-2ADD-48EA-85FF-1FA7E1491617} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {064BE8BF-217E-44D4-AD76-9423BAA13572} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {06C10C90-AC9A-4CAB-9454-4A051BC1BAE6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10854F92-E5BE-4282-97DF-849E3986BFD5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1A7FD60C-ACBE-408E-96A3-9045F7C81006} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {1AE84460-6FFC-42F2-AC23-35C79D595635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {23BF26F4-DA8F-49E6-8CEC-827C70CACA17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {23FA7475-40E4-4BCE-8E1E-10B4A53EFC92} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26C0A96A-2848-4179-B427-353639B952E6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26EEC23A-42BA-4C0D-A916-1EB53F705A95} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2A5C92E3-FDCE-4CC1-B42F-312AFB8AF9F5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F08D407-0942-4450-BA35-8134F5A59FA2} - System32\Tasks\AVG Driver Updater Scan => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2016-08-10] (AVG Netherlands B.V)
Task: {316B1EDA-267A-432C-A8FF-ED86DD1890E7} - System32\Tasks\AVG Driver Updater Startup => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2016-08-10] (AVG Netherlands B.V)
Task: {3FB18CBF-0BD9-4B85-A3BA-D5252A3D0A1D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-10] (Microsoft Corporation)
Task: {407A234B-6052-4CE7-9E0C-12244A0AACEF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {40BF30F8-DDF2-435F-ACD7-696E65C9E5E9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4239429E-907F-43BA-97E8-702DDF3D8271} - System32\Tasks\StereoPn => C:\Users\Maturaci\AppData\Roaming\StereoPn\sterpn.exe [2015-03-05] (Stereo Panel)
Task: {4A4BD57E-9EA6-436A-95F2-1B3422B7F805} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {52DA0EDD-A258-4253-8B69-92BDD76EE539} - System32\Tasks\{15DB00B5-1AD0-47DA-804E-9D45D3F9D578} => C:\Users\Maturaci\Desktop\KMPlayer_3-8-0-122.exe
Task: {550DE57A-6966-4949-A597-C63B84419060} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {56BF35A6-9CFF-4D0A-8C96-4539324B6EC0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {570DD907-1F16-4520-ACE9-610D2A8572C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {6D4731E4-B520-489D-816A-BF30BC74AAEF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {6E0E8321-FEF0-4D03-90D1-A8B56B0523D8} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6FAB9198-CAC4-4ECC-91D8-2C8D2F5BB597} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {7C1D6030-8043-412F-B492-A9126C6CF779} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D8CA301-E6E6-4E48-A045-901CAE30AA02} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8213495C-565E-4554-B9A7-6A4D20D668D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {82A86DCB-1F41-4F88-A72A-4332789A3A00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {839DB498-8314-4587-8AE1-597526B5B25E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {85B7F54E-1D47-41DB-B0E2-FDD644D9DF72} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ATTENTION
Task: {8856AAE4-B335-484D-B1EE-7B56359C06FD} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {996AD6EC-F70E-4773-BC86-CA7719D88FFB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9DC33180-F6CB-459C-A388-1C427A811522} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A9693FA8-A923-4CCF-B7CD-087EE6065535} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB3D62E8-62BE-491C-AB40-AE9220CB2A7A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CDD22C94-D8F7-4CBC-AB5B-00B32EE78957} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF02C182-3F70-4332-8F93-66FF04A074FC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D11C4110-0973-4D96-8CCC-1A47AE988F15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {D135BDBC-E88A-47F8-B383-28EAAAFC2B13} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1F9A053-612F-4058-86C7-84B466F7A833} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D66E3179-8F6D-436B-BDC0-C5F1F1006509} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {E179E49C-5B53-43E2-BF3E-3032955014C0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EA36C7B7-446A-454D-8C26-8DE2FA45207F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-05] (Adobe Systems Incorporated)
Task: {EBBE23E3-ECD1-450B-9AC4-61BC804A399A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F1C625A3-898C-4568-B858-E776A2673D36} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {F1E93A06-8E1E-4932-9E54-FDA76E670B38} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6CD71EC-00C2-4512-9795-9F4B9B89FA43} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7A102F8-7E9E-47BC-A5FE-31D9D67F655F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FABFC1A9-C2A1-4008-A23E-9FF87DEFE5A8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FCD86884-B4AE-425F-B5E5-A1BAAA170AB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FD0CECC1-9229-49B6-BBC6-A33B1B8FFD60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {FE8BBEBB-684A-41EF-862B-7F430B4FEBAF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 23:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-02 01:01 - 2015-12-12 10:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-12-13 23:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 01:29 - 2016-10-02 01:29 - 01864384 _____ () C:\Users\Maturaci\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-10-02 01:55 - 2016-10-02 01:55 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 14:55 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 14:54 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 14:54 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 14:54 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 14:54 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 14:54 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-22 16:53 - 2015-02-10 14:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-12-15 18:56 - 2016-12-15 18:57 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-15 18:56 - 2016-12-15 18:57 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-15 18:56 - 2016-12-15 18:57 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-15 18:56 - 2016-12-15 18:57 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-10-02 01:01 - 2017-01-11 21:19 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-10-02 01:01 - 2015-12-12 10:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-10-22 16:53 - 2015-02-18 13:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2016-11-28 20:30 - 2016-11-28 20:30 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-10-02 01:29 - 2016-10-02 01:29 - 01383616 _____ () C:\Users\Maturaci\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-11-23 12:42 - 2016-11-23 12:42 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\tmpod.dll
2016-11-23 12:42 - 2016-12-10 05:14 - 00038088 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconvpxy.dll
2016-12-13 21:16 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 21:16 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 16:49 - 2017-01-11 16:49 - 17835096 _____ () C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:03938BC7 [129]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\sharepoint.com -> hxxps://westrockco-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maturaci\Documents\MM\Cestování\Ladakh\ladakh11.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{4F9FAD54-D041-482C-B375-ED1AB87391DC}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{12F7B3C8-761D-4565-BC35-BE9167C16D94}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{2B2C6797-60D4-4B74-9724-B719300CE8A9}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{58A83659-BC9B-4550-821A-548EAD45E3EF}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{3E9740BB-180C-4220-B0C5-9E0207FC2D5D}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{D6ADBB30-46A4-406A-8C02-87F169E4BED4}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{F68D4DC8-3B10-49C3-8368-BD6A3DFD7BE7}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{BD8834C1-FDED-4EA1-952D-9751FDE9F0DB}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{5BB1AA79-DFA4-4B20-B6B7-DC5868A2D9CD}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{69EBF711-E762-4C2F-BAC3-31F04153B0D2}] => C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{BADF9144-B1E8-42B8-B0C5-EBF3B8F78A8F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5DCBD5C5-4F9C-400D-AF1A-B720B84ACF4F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{98D68770-E568-4AC0-AD5F-6C0A7F03992F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{86CA6CFC-0F57-481D-BA49-19DD40433767}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{073499F5-3321-41F6-90A3-03D5C35F4C5A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{676F40E3-B21F-4DA7-9953-0597AB4C73F1}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FC37FC6A-4FCA-41AA-AEAF-8F0F62FC1F62}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{634F47E4-5AFE-4284-8356-87143F5FC979}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{DCD9454F-29E8-4D7B-8D1B-35A21F40AD81}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D5381D69-7916-4B93-8110-69754614017D}] => C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

08-01-2017 19:00:30 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2017 07:21:33 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: Maturaci-PC)
Description: 7.488: Službě systému souborů EFS se nepodařilo zřídit uživatele pro EDP. Kód chyby: 0x80070005.

Error: (01/10/2017 09:06:48 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: Maturaci-PC)
Description: 7.488: Službě systému souborů EFS se nepodařilo zřídit uživatele pro EDP. Kód chyby: 0x80070005.

Error: (01/10/2017 07:32:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\microsoft office\root\office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/10/2017 07:31:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Název chybujícího modulu: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Kód výjimky: 0xc0000005
Posun chyby: 0x00053ec5
ID chybujícího procesu: 0xde4
Čas spuštění chybující aplikace: 0x01d26b6fcd4c3f53
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
ID zprávy: 83a04a0c-e80f-44b4-81d5-194d1cac9987
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/10/2017 07:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 55.0.2883.87, časové razítko: 0x5848db5c
Název chybujícího modulu: mbae.dll_unloaded, verze: 1.9.2.169, časové razítko: 0x5851a4cc
Kód výjimky: 0xc00001a5
Posun chyby: 0x00029b48
ID chybujícího procesu: 0x2234
Čas spuštění chybující aplikace: 0x01d26b6f680bc688
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: mbae.dll
ID zprávy: cf21411c-5089-49e0-8022-c7b4d436b5e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/10/2017 07:27:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/10/2017 07:20:08 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (01/10/2017 07:20:08 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (01/10/2017 07:20:08 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (01/10/2017 07:20:08 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)


System errors:
=============
Error: (01/11/2017 09:19:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:19:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (01/11/2017 09:18:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (01/11/2017 09:18:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/11/2017 09:18:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/11/2017 09:18:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG PC TuneUp Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 250 milisekund: Restartovat službu.

Error: (01/11/2017 09:17:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2017 09:17:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/11/2017 09:17:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/11/2017 09:17:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2017-01-11 21:19:19.217
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:19.211
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:19.211
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:19.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:18.997
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:18.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 21:19:18.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 20:26:40.979
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 20:26:33.355
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-11 20:26:23.459
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 7872.91 MB
Available physical RAM: 5929.11 MB
Total Virtual: 15808.91 MB
Available Virtual: 13873.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.09 GB) (Free:87.19 GB) NTFS
Drive d: () (Fixed) (Total:540.89 GB) (Free:453.28 GB) NTFS
Drive e: (KEJ192) (CDROM) (Total:0.5 GB) (Free:0 GB) CDFS
Drive g: (Seagate Expansion Drive) (Fixed) (Total:1863.02 GB) (Free:559.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB6BBA9C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 909E7864)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Toto je pouze Additional. Potřebuji vidět ještě log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by Maturaci (administrator) on MATURACI-PC (11-01-2017 22:35:55)
Running from C:\Users\Maturaci\Desktop
Loaded Profiles: Maturaci (Available Profiles: Maturaci & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
forum.viry.cz) C:\Users\Maturaci\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
forum.viry.cz) C:\Users\Maturaci\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [22779584 2016-12-10] (Microsoft Corporation)
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\...\RunOnce: [Uninstall C:\Users\Maturaci\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maturaci\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-10-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1c0105c6-91c2-4213-b3f2-7e852e55723a}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3099588839-2365295684-448508366-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2017-01-05] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-01-05] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5220
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => No File
CHR Profile: C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (YouTube) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Canonical Url) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibbofpfifeklicllnimkipggbodbegj [2017-01-03]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-07] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeW ... pdates.xml] <==== ATTENTION
CHR Extension: (G Suite Training) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\idkloemkmldbemijiamdiolojbffnjlh [2016-12-03]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-05-27]
CHR Extension: (AVG SafePrice) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2016-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKU\S-1-5-21-3099588839-2365295684-448508366-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-12] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2016-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-12] ()
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-10-31] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-10-31] (Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-10] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2017-01-11] (SlimWare Utilities, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 22:35 - 2017-01-11 22:35 - 00029696 _____ C:\Users\Maturaci\AppData\Local\MSGBOX.EXE
2017-01-11 22:35 - 2017-01-11 22:35 - 00015327 _____ C:\Users\Maturaci\Desktop\LM.bat
2017-01-11 22:33 - 2017-01-11 22:36 - 00015938 _____ C:\Users\Maturaci\Desktop\FRST.txt
2017-01-11 21:52 - 2017-01-11 21:52 - 00060134 _____ C:\Users\Maturaci\Desktop\FRST3.txt
2017-01-11 21:49 - 2017-01-11 21:50 - 02419200 _____ (Farbar) C:\Users\Maturaci\Desktop\FRST64.exe
2017-01-11 19:02 - 2017-01-11 22:35 - 00000000 ____D C:\Users\Maturaci\Desktop\FRST-OlderVersion
2017-01-11 19:01 - 2017-01-11 22:35 - 00000000 ____D C:\FRST
2017-01-11 18:57 - 2017-01-11 18:57 - 01996255 _____ C:\Users\Maturaci\Downloads\Programy.zip
2017-01-11 18:55 - 2017-01-11 18:55 - 01996255 _____ C:\Users\Maturaci\Downloads\Nepotvrzeno 459299.crdownload
2017-01-11 17:52 - 2017-01-11 17:52 - 00025441 _____ C:\Users\Maturaci\Downloads\Obchodni_podminky_EDUA_Languages,_s.r.o._-_Jazykove_kurzy.html
2017-01-11 17:52 - 2017-01-11 17:52 - 00025441 _____ C:\Users\Maturaci\Downloads\Obchodni_podminky_EDUA_Languages,_s.r.o._-_Jazykove_kurzy (1).html
2017-01-11 14:55 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 14:55 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 14:55 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 14:55 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 14:55 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 14:55 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 14:55 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 14:55 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 14:55 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 14:55 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 14:55 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 14:55 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 14:55 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 14:55 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 14:55 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 14:55 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 14:55 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 14:55 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 14:55 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 14:55 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 14:55 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 14:55 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 14:55 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 14:55 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 14:55 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 14:55 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 14:55 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 14:55 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 14:55 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 14:55 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 14:55 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 14:55 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 14:55 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 14:55 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 14:55 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 14:55 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 14:55 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 14:55 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 14:55 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 14:55 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 14:55 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 14:55 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 14:55 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 14:55 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 14:55 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 14:55 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 14:55 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 14:55 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 14:55 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 14:55 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 14:55 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 14:55 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 14:55 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 14:55 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 14:55 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 14:55 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 14:55 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 14:55 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 14:55 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 14:55 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 14:55 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 14:55 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 14:55 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 14:55 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 14:55 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 14:55 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 14:55 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:55 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 14:55 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 14:55 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 14:55 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 14:55 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 14:55 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 14:55 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 14:55 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 14:55 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 14:55 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 14:55 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 14:55 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 14:55 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 14:55 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 14:55 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 14:55 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 14:55 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 14:55 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 14:55 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:55 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 14:54 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 14:54 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 14:54 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 14:54 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 14:54 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 14:54 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 14:54 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 14:54 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 14:54 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 14:54 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 14:54 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 14:54 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 14:54 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 14:54 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 14:54 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 14:54 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 14:54 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 14:54 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 14:54 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 14:54 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 14:54 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 14:54 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 14:54 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 14:54 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 14:54 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 14:54 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 14:54 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 14:54 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 14:54 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 14:54 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 14:54 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 14:54 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 14:54 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 14:54 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 14:54 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 14:54 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 14:54 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 14:54 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 14:54 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 14:54 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 14:54 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:54 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 14:54 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 14:54 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 14:54 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 14:54 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 14:54 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 14:54 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 14:54 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 14:54 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 14:54 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 14:54 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 14:54 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 19:16 - 2017-01-10 19:32 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-10 19:03 - 2017-01-10 19:15 - 54199488 _____ (Malwarebytes ) C:\Users\Maturaci\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-10 18:45 - 2017-01-10 18:45 - 03988944 _____ C:\Users\Maturaci\Desktop\adwcleaner_6.042.exe
2017-01-10 18:41 - 2017-01-11 21:18 - 00000000 ____D C:\AdwCleaner
2017-01-10 18:30 - 2017-01-10 18:30 - 08803648 _____ (Piriform Ltd) C:\Users\Maturaci\Downloads\ccsetup525.exe
2017-01-10 18:30 - 2017-01-10 18:30 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-10 18:30 - 2017-01-10 18:30 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-10 18:30 - 2017-01-10 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-10 18:30 - 2017-01-10 18:30 - 00000000 ____D C:\Program Files\CCleaner
2017-01-09 17:00 - 2017-01-09 17:00 - 01413120 _____ C:\Users\Maturaci\Downloads\polopravdy-nepravdy.pdf
2017-01-09 16:58 - 2017-01-09 16:58 - 09182804 _____ C:\Users\Maturaci\Downloads\Tajemstvi-krasnych-fotek.pdf
2017-01-09 16:58 - 2017-01-09 16:58 - 09182804 _____ C:\Users\Maturaci\Downloads\Tajemstvi-krasnych-fotek (1).pdf
2017-01-09 13:45 - 2017-01-09 13:45 - 00924431 _____ C:\Users\Maturaci\Downloads\přechod_2016.zip
2017-01-09 04:25 - 2017-01-11 16:40 - 00411456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-06 23:57 - 2017-01-07 00:04 - 00001476 _____ C:\Users\Maturaci\Desktop\Fiio X1_manual.lnk
2017-01-06 22:39 - 2017-01-06 22:39 - 00000000 ____D C:\Users\Maturaci\Documents\MP3
2017-01-06 21:51 - 2017-01-06 21:51 - 00191270 _____ C:\Users\Maturaci\Downloads\WW_PŘÍSPEVKY_2017.xlsx
2017-01-04 20:27 - 2017-01-04 20:27 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-01-02 22:47 - 2017-01-02 22:47 - 00142710 _____ C:\Users\Maturaci\Downloads\WhatsApp-Security-Whitepaper.pdf
2016-12-26 19:54 - 2016-12-26 19:54 - 09664540 _____ C:\Users\Maturaci\Downloads\Photos.zip
2016-12-25 14:02 - 2016-12-25 14:02 - 00706246 _____ C:\Users\Maturaci\Downloads\AllTravel-Prihlaska-693178813.pdf
2016-12-22 23:54 - 2016-12-22 23:55 - 00000000 ____D C:\Users\Maturaci\AppData\Roaming\langmaster.com
2016-12-22 23:54 - 2016-12-22 23:55 - 00000000 ____D C:\ProgramData\TEMP
2016-12-22 23:53 - 2016-12-22 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LANGMaster.com
2016-12-22 23:53 - 2016-12-22 23:53 - 00000000 ____D C:\Program Files (x86)\LANGMaster
2016-12-22 23:52 - 2016-12-22 23:53 - 154133035 _____ ( ) C:\Users\Maturaci\Downloads\Setup_DictSp_Cs.exe
2016-12-18 17:37 - 2016-12-18 17:47 - 00000000 ____D C:\Users\Maturaci\Documents\CeDe
2016-12-18 00:39 - 2016-12-18 00:39 - 09645031 _____ C:\Users\Maturaci\Downloads\mapavial_MTC (1).pdf
2016-12-18 00:29 - 2016-12-18 00:29 - 09645031 _____ C:\Users\Maturaci\Downloads\mapavial_MTC.pdf
2016-12-15 20:23 - 2016-12-15 20:23 - 00251714 _____ C:\Users\Maturaci\Downloads\13368804.pdf
2016-12-13 23:02 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 23:02 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 23:02 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 23:02 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 23:02 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 23:02 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 23:02 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 23:02 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 23:02 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 23:02 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 23:02 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 23:02 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 23:02 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 23:02 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 23:02 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:02 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 23:02 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 23:02 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 23:02 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 23:02 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 23:02 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 23:02 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:02 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 23:02 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 23:02 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 23:02 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 23:02 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 23:02 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 23:02 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 23:02 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 23:02 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 23:02 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 23:02 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 23:02 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 23:02 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 23:02 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 23:02 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 23:02 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 23:02 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:02 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 23:02 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 23:02 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 23:02 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 23:02 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 23:02 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 23:02 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 23:02 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 23:02 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 23:02 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 23:02 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 23:02 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 23:02 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:02 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 23:01 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 23:01 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 23:01 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 23:01 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 23:01 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 23:01 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 23:01 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 23:01 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 23:01 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 23:01 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 23:01 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 23:01 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 23:01 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 23:01 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 23:01 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 22:31 - 2014-04-06 16:35 - 00000000 ____D C:\ProgramData\MFAData
2017-01-11 22:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-11 21:23 - 2016-10-02 01:05 - 02585872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-11 21:23 - 2016-07-16 23:25 - 00980524 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-11 21:23 - 2016-07-16 23:25 - 00262502 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-11 21:20 - 2016-10-09 19:01 - 00025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2017-01-11 21:20 - 2016-10-09 19:01 - 00000496 _____ C:\WINDOWS\Tasks\AVG Driver Updater Startup.job
2017-01-11 21:20 - 2016-10-02 01:06 - 00000000 ____D C:\Users\Maturaci
2017-01-11 21:19 - 2016-10-02 01:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-11 21:19 - 2016-10-02 01:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-11 21:19 - 2015-10-31 19:10 - 00000000 __SHD C:\Users\Maturaci\IntelGraphicsProfiles
2017-01-11 21:18 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-11 20:32 - 2016-11-22 20:00 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4485C7AB-7866-47DD-B4E4-D54C6B65CFE2}
2017-01-11 20:29 - 2016-10-02 00:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-11 18:41 - 2015-02-08 09:17 - 00000000 ____D C:\Users\Maturaci\Documents\Soubory aplikace Outlook
2017-01-11 18:35 - 2016-10-02 01:23 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-01-11 18:00 - 2014-04-06 16:09 - 00000000 ____D C:\Users\Maturaci\Documents\MM
2017-01-11 16:45 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 16:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-11 16:42 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 16:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 16:36 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 16:32 - 2014-04-06 21:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 16:30 - 2014-04-06 21:01 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 16:21 - 2015-10-31 19:10 - 00000000 ____D C:\Users\Maturaci\AppData\Local\Packages
2017-01-11 14:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-10 06:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-09 16:43 - 2016-06-26 08:31 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-01-09 07:36 - 2016-10-09 19:01 - 00000550 _____ C:\WINDOWS\Tasks\AVG Driver Updater Scan.job
2017-01-08 10:39 - 2016-10-09 19:01 - 00003488 _____ C:\WINDOWS\System32\Tasks\AVG Driver Updater Scan
2017-01-07 09:54 - 2016-07-16 07:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-01-07 09:50 - 2015-05-06 19:43 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-07 00:52 - 2016-10-02 01:23 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 00:52 - 2016-10-02 01:23 - 00003160 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-01-05 01:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-05 01:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-04 20:27 - 2016-10-02 01:06 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-02 19:17 - 2016-06-26 08:19 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-01-02 19:17 - 2014-04-06 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-30 22:38 - 2016-10-02 01:05 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-30 21:29 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 21:29 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-30 21:28 - 2014-04-07 17:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-25 02:30 - 2014-04-17 21:01 - 00000000 ____D C:\Users\Maturaci\AppData\Local\Diagnostics
2016-12-25 02:28 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-17 09:01 - 2016-10-02 01:23 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 09:01 - 2016-10-02 01:23 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 09:01 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 22:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-13 21:16 - 2014-04-06 12:01 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 21:16 - 2014-04-06 12:01 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-05-03 17:56 - 2014-05-04 22:49 - 0000425 _____ () C:\Users\Maturaci\AppData\Roaming\MATURACI-PC.MTBF.txt
2014-05-03 17:58 - 2015-09-17 21:02 - 0007168 _____ () C:\Users\Maturaci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-11 22:35 - 2017-01-11 22:35 - 0029696 _____ () C:\Users\Maturaci\AppData\Local\MSGBOX.EXE
2016-10-02 01:02 - 2016-10-02 01:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-07 10:29

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5220
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-07] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ ... pdates.xml] <==== ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => No File
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
Task: {064BE8BF-217E-44D4-AD76-9423BAA13572} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1A7FD60C-ACBE-408E-96A3-9045F7C81006} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {1AE84460-6FFC-42F2-AC23-35C79D595635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {23BF26F4-DA8F-49E6-8CEC-827C70CACA17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {407A234B-6052-4CE7-9E0C-12244A0AACEF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {550DE57A-6966-4949-A597-C63B84419060} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {56BF35A6-9CFF-4D0A-8C96-4539324B6EC0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6E0E8321-FEF0-4D03-90D1-A8B56B0523D8} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {82A86DCB-1F41-4F88-A72A-4332789A3A00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {85B7F54E-1D47-41DB-B0E2-FDD644D9DF72} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ATTENTION
Task: {CF02C182-3F70-4332-8F93-66FF04A074FC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FABFC1A9-C2A1-4008-A23E-9FF87DEFE5A8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-01-2017
Ran by Maturaci (12-01-2017 20:54:14) Run:2
Running from C:\Users\Maturaci\Desktop
Loaded Profiles: Maturaci (Available Profiles: Maturaci & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5220
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-07] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ ... pdates.xml] <==== ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => No File
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
Task: {064BE8BF-217E-44D4-AD76-9423BAA13572} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1A7FD60C-ACBE-408E-96A3-9045F7C81006} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {1AE84460-6FFC-42F2-AC23-35C79D595635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {23BF26F4-DA8F-49E6-8CEC-827C70CACA17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {407A234B-6052-4CE7-9E0C-12244A0AACEF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {550DE57A-6966-4949-A597-C63B84419060} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {56BF35A6-9CFF-4D0A-8C96-4539324B6EC0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6E0E8321-FEF0-4D03-90D1-A8B56B0523D8} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {82A86DCB-1F41-4F88-A72A-4332789A3A00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {85B7F54E-1D47-41DB-B0E2-FDD644D9DF72} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ATTENTION
Task: {CF02C182-3F70-4332-8F93-66FF04A074FC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FABFC1A9-C2A1-4008-A23E-9FF87DEFE5A8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
Chrome HomePage => removed successfully
C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak <==== ATTENTION => not found
C:\Users\Maturaci\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => not found.
idsvc => service not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\ProgramData\DP45977C.lfl" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{064BE8BF-217E-44D4-AD76-9423BAA13572} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A7FD60C-ACBE-408E-96A3-9045F7C81006} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AE84460-6FFC-42F2-AC23-35C79D595635} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23BF26F4-DA8F-49E6-8CEC-827C70CACA17} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{407A234B-6052-4CE7-9E0C-12244A0AACEF} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550DE57A-6966-4949-A597-C63B84419060} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56BF35A6-9CFF-4D0A-8C96-4539324B6EC0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0E8321-FEF0-4D03-90D1-A8B56B0523D8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82A86DCB-1F41-4F88-A72A-4332789A3A00} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85B7F54E-1D47-41DB-B0E2-FDD644D9DF72} => key not found.
C:\WINDOWS\System32\Tasks\ACC => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF02C182-3F70-4332-8F93-66FF04A074FC} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FABFC1A9-C2A1-4008-A23E-9FF87DEFE5A8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8734162 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 3270 B
Edge => 0 B
Chrome => 18284380 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1646 B
NetworkService => 0 B
Maturaci => 54932 B
DefaultAppPool => 0 B

RecycleBin => 2575696 B
EmptyTemp: => 28.3 MB temporary data Removed.

================================


The system needed a reboot.

Smazáno. Nastala nějaká změna?

okna stále skáčou --> jak jsem to tady pročítal, tak to vypadá na velice podobný problém jako má: Kalashnikow88 http://forum.viry.cz/viewtopic.php?f=13 ... 2#p1471512

Udělejte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Maturaci on p 13.01.2017 at 21:36:40,89.
Microsoft Windows 10 Pro 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maturaci\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-01-12-205108.log 2528 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64
Ran by Maturaci (Administrator) on p 13.01.2017 at 21:29:29,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\WINDOWS\system32\drivers\swdumon.sys (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\AVG Driver Updater Scan (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\AVG Driver Updater Startup (Task)
Successfully deleted: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job (Task)
Successfully deleted: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job (Task)



Registry: 1

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key)



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 13.01.2017 at 21:31:04,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~