VIRY.CZ

Zdravím, po kontrole CCleanerem nalezen soubor gjagent.exe v registrech. Program ho nemůže odstranit. Posílám log pro kontrolu. Předem díky.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Jirka (administrator) on JIRKA-PC (02-04-2018 10:45:14)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8447192 2015-01-28] (Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [294928 2018-03-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-12-04] (Intel Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-03-22] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [Steam] => D:\Steam\steam.exe [3198752 2018-03-27] (Valve Corporation)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [Gaijin.Net Agent] => "C:\Users\Jirka\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2015-08-23]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B0E5E73-C748-4170-B7DB-FE1D4DB7EBEA}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F1FDE1C2-CB21-4E7E-88E4-88A6F22D74A6}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> DefaultScope {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {87A911FA-F734-4013-A051-BC0A123E277F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BA2741EE-9186-4B00-BB1D-0F5F1941BFEC}&mid=ee1f2ab17deb47cdab740982ccf35858-117ed4ea59cd3c5845cf74022138d66485db04b6&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 13:24:12&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-03-22] (AVG)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF DefaultProfile: og8yefo7.default-1518114672207
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 [2018-04-02]
FF Homepage: Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 -> hxxps://www.seznam.cz/
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207\features\{b2a95b0a-161f-41ca-880a-64a1204f2a97}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-14] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"

CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2018-04-02]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-25]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-25]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-21]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-03-25]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-03-25]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-21]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-06]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-03-25]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-21]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [304776 2018-03-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-13] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-19] ()
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [777000 2018-03-27] (Reto-Moto ApS)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1371136 2018-03-22] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2018-03-22] ()
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2014-12-10] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-04-02] (Malwarebytes)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31400 2014-12-23] (Synaptics Incorporated)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 10:45 - 2018-04-02 10:45 - 000016197 _____ C:\Users\Jirka\Downloads\FRST.txt
2018-04-02 10:44 - 2018-04-02 10:45 - 000000000 ____D C:\FRST
2018-04-02 10:43 - 2018-04-02 10:43 - 002403328 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64.exe
2018-04-02 10:40 - 2018-04-02 10:40 - 000000082 _____ C:\Users\Jirka\Documents\cc_20180402_104013.reg
2018-04-02 10:29 - 2018-04-02 10:29 - 001222144 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2018-04-02 10:29 - 2018-04-02 10:29 - 000000000 ____D C:\rsit
2018-04-02 10:29 - 2018-04-02 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-02 09:23 - 2018-04-02 09:23 - 000000202 _____ C:\Users\Jirka\Desktop\DayZ.url
2018-03-30 19:22 - 2018-03-30 19:22 - 000000082 _____ C:\Users\Jirka\Documents\cc_20180330_192250.reg
2018-03-30 18:53 - 2018-03-30 18:53 - 000000000 ____D C:\Users\Jirka\Documents\My Games
2018-03-30 18:50 - 2018-03-30 18:50 - 000000000 ____D C:\Users\Jirka\AppData\Local\Gaijin
2018-03-30 18:50 - 2018-03-30 18:50 - 000000000 ____D C:\ProgramData\Gaijin
2018-03-30 17:49 - 2018-03-28 10:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-30 17:49 - 2018-03-28 10:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-30 17:49 - 2018-03-28 10:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-30 17:49 - 2018-03-09 05:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-30 17:49 - 2018-03-09 05:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-30 17:49 - 2018-03-09 05:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-30 17:49 - 2018-03-09 05:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-30 17:49 - 2018-03-09 05:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-30 17:49 - 2018-03-09 05:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-30 17:49 - 2018-03-09 04:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-30 17:49 - 2018-03-09 04:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-30 17:49 - 2018-03-09 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-30 17:49 - 2018-03-09 04:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-30 17:49 - 2018-03-09 04:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-30 17:49 - 2018-03-09 04:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-30 17:49 - 2018-03-09 04:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-30 17:49 - 2018-03-09 04:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-30 17:49 - 2018-03-09 04:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-30 17:49 - 2018-03-09 04:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-30 17:49 - 2018-03-09 04:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-30 17:49 - 2018-03-09 04:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-30 17:49 - 2018-03-09 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-30 17:49 - 2018-03-09 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-30 17:49 - 2018-03-09 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:49 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-18 21:20 - 2018-03-18 21:20 - 015333512 _____ (Piriform Ltd) C:\Users\Jirka\Downloads\ccsetup541.exe
2018-03-14 22:22 - 2018-03-14 22:22 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-14 22:15 - 2018-02-13 20:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 22:15 - 2018-02-13 20:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 22:15 - 2018-02-13 16:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 14:24 - 2018-03-13 14:24 - 000381816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-03-12 13:47 - 2018-04-02 10:35 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 10:40 - 2016-11-19 00:51 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2018-04-02 10:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-02 10:22 - 2015-10-07 15:55 - 000000000 ____D C:\Users\Jirka\AppData\Local\DayZ
2018-04-02 09:22 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-02 09:22 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-02 09:15 - 2010-11-21 11:27 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-04-02 09:15 - 2010-11-21 11:27 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-04-02 09:15 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-02 09:08 - 2016-08-28 22:14 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-02 09:08 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-02 00:46 - 2018-02-07 20:00 - 000003022 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-04-01 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-03-30 18:53 - 2016-08-28 22:15 - 000000000 ____D C:\Users\Jirka\AppData\Local\NVIDIA Corporation
2018-03-29 20:59 - 2018-02-08 20:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-29 20:59 - 2018-02-08 20:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-27 16:07 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-03-27 16:06 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-03-26 12:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-03-25 16:41 - 2015-08-16 09:43 - 000000000 ____D C:\Users\Jirka\Documents\Euro Truck Simulator 2
2018-03-25 00:56 - 2016-02-07 19:13 - 000000000 ____D C:\Users\Jirka\Documents\The Witcher 3
2018-03-22 22:51 - 2017-01-20 15:24 - 000000000 ____D C:\ProgramData\AVG Web TuneUp
2018-03-22 22:50 - 2017-01-20 15:24 - 000000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2018-03-21 10:08 - 2017-01-11 20:38 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 00:46 - 2016-07-31 15:55 - 000007607 _____ C:\Users\Jirka\AppData\Local\resmon.resmoncfg
2018-03-20 21:55 - 2017-11-06 00:20 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-20 21:55 - 2017-06-02 00:13 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-03-19 23:12 - 2016-02-05 00:01 - 000000000 ____D C:\Users\Jirka\Documents\American Truck Simulator
2018-03-19 23:10 - 2017-12-13 16:52 - 000000000 ____D C:\Users\Jirka\AppData\Local\Ubisoft Game Launcher
2018-03-18 21:21 - 2017-11-06 00:20 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-17 13:27 - 2015-08-29 08:02 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-16 00:50 - 2017-10-11 23:08 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-16 00:50 - 2015-08-28 07:53 - 000000000 ____D C:\Windows\system32\MRT
2018-03-16 00:49 - 2015-08-28 07:53 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 22:22 - 2016-09-12 20:00 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-14 22:22 - 2016-09-12 20:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 22:22 - 2016-09-12 20:00 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-14 22:22 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-14 22:22 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-13 14:24 - 2017-11-27 22:18 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys

==================== Files in the root of some directories =======

2016-11-02 14:15 - 2016-11-02 14:15 - 000000218 _____ () C:\Users\Jirka\AppData\Local\recently-used.xbel
2016-07-31 15:55 - 2018-03-21 00:46 - 000007607 _____ () C:\Users\Jirka\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-30 08:48

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Posílám log

# AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 02 09:34:59 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-03-30.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, WtuSystemSupport
PUP.Adware.Heuristic, vToolbarUpdater40.3.8

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Program Files\Common Files\AVG Secure Search
PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\AVG Secure Search
PUP.Optional.Legacy, C:\ProgramData\avg web tuneup
PUP.Optional.Legacy, C:\ProgramData\Application Data\avg web tuneup
PUP.Optional.Legacy, C:\Program Files (x86)\avg web tuneup
PUP.Optional.Legacy, C:\Users\All Users\avg web tuneup
PUP.Optional.Legacy, C:\Users\Jirka\AppData\Local\avg web tuneup

***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\kkkqnkko.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Tuneup
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Tady je ještě log po vyčištění

# AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 02 10:41:23 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: WtuSystemSupport
Deleted: vToolbarUpdater40.3.8

***** [ Folders ] *****

Deleted: C:\Program Files\Common Files\AVG Secure Search
Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted: C:\ProgramData\avg web tuneup
Deleted: C:\ProgramData\Application Data\avg web tuneup
Deleted: C:\Program Files (x86)\avg web tuneup
Deleted: C:\Users\All Users\avg web tuneup
Deleted: C:\Users\Jirka\AppData\Local\avg web tuneup

***** [ Files ] *****

Deleted: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\kkkqnkko.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2276 B] - [2018/4/2 9:34:59]
C:/AdwCleaner/AdwCleaner[S1].txt - [2342 B] - [2018/4/2 10:2:52]
C:/AdwCleaner/AdwCleaner[S2].txt - [2408 B] - [2018/4/2 10:41:7]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

OK. Dejte nový log FRST.

log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Jirka (administrator) on JIRKA-PC (02-04-2018 13:09:47)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8447192 2015-01-28] (Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [294928 2018-03-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-12-04] (Intel Corporation)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [Steam] => D:\Steam\steam.exe [3198752 2018-03-27] (Valve Corporation)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [Gaijin.Net Agent] => "C:\Users\Jirka\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2015-08-23]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B0E5E73-C748-4170-B7DB-FE1D4DB7EBEA}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F1FDE1C2-CB21-4E7E-88E4-88A6F22D74A6}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> DefaultScope {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {87A911FA-F734-4013-A051-BC0A123E277F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BA2741EE-9186-4B00-BB1D-0F5F1941BFEC}&mid=ee1f2ab17deb47cdab740982ccf35858-117ed4ea59cd3c5845cf74022138d66485db04b6&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 13:24:12&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF DefaultProfile: og8yefo7.default-1518114672207
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 [2018-04-02]
FF Homepage: Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 -> hxxps://www.seznam.cz/
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207\features\{b2a95b0a-161f-41ca-880a-64a1204f2a97}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"

CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2018-04-02]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-25]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-25]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-21]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-03-25]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-03-25]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-21]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-06]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-03-25]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-21]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [304776 2018-03-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-13] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-19] ()
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [777000 2018-03-27] (Reto-Moto ApS)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-13] (AVG Technologies CZ, s.r.o.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2014-12-10] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-04-02] (Malwarebytes)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31400 2014-12-23] (Synaptics Incorporated)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 11:34 - 2018-04-02 12:41 - 000000000 ____D C:\AdwCleaner
2018-04-02 11:33 - 2018-04-02 11:33 - 008222496 _____ (Malwarebytes) C:\Users\Jirka\Desktop\adwcleaner_7.0.8.0.exe
2018-04-02 10:45 - 2018-04-02 13:09 - 000015354 _____ C:\Users\Jirka\Downloads\FRST.txt
2018-04-02 10:45 - 2018-04-02 10:45 - 000037086 _____ C:\Users\Jirka\Downloads\Addition.txt
2018-04-02 10:44 - 2018-04-02 13:09 - 000000000 ____D C:\FRST
2018-04-02 10:43 - 2018-04-02 10:43 - 002403328 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64.exe
2018-04-02 10:40 - 2018-04-02 10:40 - 000000082 _____ C:\Users\Jirka\Documents\cc_20180402_104013.reg
2018-04-02 10:29 - 2018-04-02 10:29 - 001222144 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2018-04-02 10:29 - 2018-04-02 10:29 - 000000000 ____D C:\rsit
2018-04-02 10:29 - 2018-04-02 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-02 09:23 - 2018-04-02 09:23 - 000000202 _____ C:\Users\Jirka\Desktop\DayZ.url
2018-03-30 19:22 - 2018-03-30 19:22 - 000000082 _____ C:\Users\Jirka\Documents\cc_20180330_192250.reg
2018-03-30 18:53 - 2018-03-30 18:53 - 000000000 ____D C:\Users\Jirka\Documents\My Games
2018-03-30 18:50 - 2018-03-30 18:50 - 000000000 ____D C:\Users\Jirka\AppData\Local\Gaijin
2018-03-30 18:50 - 2018-03-30 18:50 - 000000000 ____D C:\ProgramData\Gaijin
2018-03-30 17:49 - 2018-03-28 10:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-30 17:49 - 2018-03-28 10:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-30 17:49 - 2018-03-28 10:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-30 17:49 - 2018-03-09 05:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-30 17:49 - 2018-03-09 05:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-30 17:49 - 2018-03-09 05:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-30 17:49 - 2018-03-09 05:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-30 17:49 - 2018-03-09 05:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-30 17:49 - 2018-03-09 05:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-30 17:49 - 2018-03-09 04:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-30 17:49 - 2018-03-09 04:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-30 17:49 - 2018-03-09 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-30 17:49 - 2018-03-09 04:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-30 17:49 - 2018-03-09 04:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-30 17:49 - 2018-03-09 04:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-30 17:49 - 2018-03-09 04:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-30 17:49 - 2018-03-09 04:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-30 17:49 - 2018-03-09 04:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-30 17:49 - 2018-03-09 04:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-30 17:49 - 2018-03-09 04:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-30 17:49 - 2018-03-09 04:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-30 17:49 - 2018-03-09 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-30 17:49 - 2018-03-09 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-30 17:49 - 2018-03-09 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-30 17:49 - 2018-03-09 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:49 - 2018-03-09 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:49 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-18 21:20 - 2018-03-18 21:20 - 015333512 _____ (Piriform Ltd) C:\Users\Jirka\Downloads\ccsetup541.exe
2018-03-14 22:22 - 2018-03-14 22:22 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-14 22:15 - 2018-02-13 20:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 22:15 - 2018-02-13 20:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 22:15 - 2018-02-13 16:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 22:15 - 2018-02-13 16:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 14:24 - 2018-03-13 14:24 - 000381816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-03-12 13:47 - 2018-04-02 10:35 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 12:49 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-02 12:49 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-02 12:48 - 2010-11-21 11:27 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-04-02 12:48 - 2010-11-21 11:27 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-04-02 12:48 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-02 12:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-02 12:46 - 2016-11-19 00:51 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2018-04-02 12:42 - 2016-08-28 22:14 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-02 12:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-02 10:22 - 2015-10-07 15:55 - 000000000 ____D C:\Users\Jirka\AppData\Local\DayZ
2018-04-02 00:46 - 2018-02-07 20:00 - 000003022 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-04-01 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-03-30 18:53 - 2016-08-28 22:15 - 000000000 ____D C:\Users\Jirka\AppData\Local\NVIDIA Corporation
2018-03-29 20:59 - 2018-02-08 20:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-29 20:59 - 2018-02-08 20:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-27 16:07 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-03-27 16:06 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-03-26 12:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-03-25 16:41 - 2015-08-16 09:43 - 000000000 ____D C:\Users\Jirka\Documents\Euro Truck Simulator 2
2018-03-25 00:56 - 2016-02-07 19:13 - 000000000 ____D C:\Users\Jirka\Documents\The Witcher 3
2018-03-21 10:08 - 2017-01-11 20:38 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 00:46 - 2016-07-31 15:55 - 000007607 _____ C:\Users\Jirka\AppData\Local\resmon.resmoncfg
2018-03-20 21:55 - 2017-11-06 00:20 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-20 21:55 - 2017-06-02 00:13 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-03-19 23:12 - 2016-02-05 00:01 - 000000000 ____D C:\Users\Jirka\Documents\American Truck Simulator
2018-03-19 23:10 - 2017-12-13 16:52 - 000000000 ____D C:\Users\Jirka\AppData\Local\Ubisoft Game Launcher
2018-03-18 21:21 - 2017-11-06 00:20 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-17 13:27 - 2015-08-29 08:02 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-16 00:50 - 2017-10-11 23:08 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-16 00:50 - 2015-08-28 07:53 - 000000000 ____D C:\Windows\system32\MRT
2018-03-16 00:49 - 2015-08-28 07:53 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 22:22 - 2016-09-12 20:00 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-14 22:22 - 2016-09-12 20:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 22:22 - 2016-09-12 20:00 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-14 22:22 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-14 22:22 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-13 14:24 - 2017-11-27 22:18 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-03-13 14:24 - 2017-06-02 00:13 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys

==================== Files in the root of some directories =======

2016-11-02 14:15 - 2016-11-02 14:15 - 000000218 _____ () C:\Users\Jirka\AppData\Local\recently-used.xbel
2016-07-31 15:55 - 2018-03-21 00:46 - 000007607 _____ () C:\Users\Jirka\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-30 08:48

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BA2741EE-9186-4B00-BB1D-0F5F1941BFEC}&mid=ee1f2ab17deb47cdab740982ccf35858-117ed4ea59cd3c5845cf74022138d66485db04b6&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 13:24:12&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Jirka (02-04-2018 16:42:41) Run:1
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BA2741EE-9186-4B00-BB1D-0F5F1941BFEC}&mid=ee1f2ab17deb47cdab740982ccf35858-117ed4ea59cd3c5845cf74022138d66485db04b6&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 13:24:12&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-694281153-3178257476-2985367732-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41027086 B
Java, Flash, Steam htmlcache => 727380536 B
Windows/system/drivers => 352554 B
Edge => 0 B
Chrome => 231979 B
Firefox => 25907925 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 211358727 B
systemprofile32 => 78546 B
LocalService => 66228 B
NetworkService => 66228 B
Jirka => 24422983 B

RecycleBin => 0 B
EmptyTemp: => 991.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:42:48 ====

Smazáno. Nastala nějaká změna?

Díky, ten soubor už je pryč. Díky moc za pomoc a skvělý přístup.

Rádo se stalo!

VIRY.CZ

gjagent.exe

gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe

Re: gjagent.exe