Také prosím o kontrolu.

Příspěvekod **jaro3** » 06 led 2017 18:02

do sekce BSOD zadej téma a pošli někam obsah této složky:
C:\WINDOWS\Minidump

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vlož nový log z HJT + informuj o problémech

Reklama

jarda213 · Příspěvekod **jarda213** » 07 led 2017 21:33

RogueKiller V12.9.1.0 (x64) [Jan 2 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.14393) 64 bits version
Spuštěno : Normální režim
Uživatel : Jarda [Práva správce]
Started from : C:\Users\Jarda\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 01/07/2017 14:27:37 (Duration : 00:31:21)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Win -> Smazáno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Win -> Smazáno
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\Jarda\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> Smazáno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\Jarda\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> ERROR [2]
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7FF6FD6A-3DD8-4CBA-9AFD-D2E6FFB38E9E}C:\users\jarda\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\jarda\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe|Edge=TRUE|Defer=App| [7] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3FA9C8D7-879C-46FF-81A2-53829A7A1282}C:\users\jarda\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\jarda\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe|Edge=TRUE|Defer=App| [7] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DAC5600C-844C-461D-AAE6-2857AA922EE7}C:\users\jarda\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\jarda\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0B67816D-B1BB-4EC3-B85A-7EAE33665E79}C:\users\jarda\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\jarda\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Smazáno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 4 ¤¤¤
[Hj.Shortcut][Soubor] C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk [LNK@] C:\PROGRA~2\MOZILL~1\firefox.exe http://www.imperiaonline.org/?ref_ad=src123 -> Shortcut cleaned
[Hj.Shortcut][Soubor] C:\Users\Jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk [LNK@] C:\PROGRA~2\MOZILL~1\firefox.exe http://www.imperiaonline.org/?ref_ad=src123 -> Shortcut cleaned
[PUP.HackTool][Složka] C:\Windows\AutoKMS -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.ini -> Smazáno
[PUP.HackTool][Soubor] C:\Windows\AutoKMS\AutoKMS.log -> Smazáno
[Hj.Shortcut][Soubor] C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk [LNK@] C:\PROGRA~2\MOZILL~1\firefox.exe http://www.imperiaonline.org/?ref_ad=src123 -> Smazáno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 4 ¤¤¤
[PUP.Gen2][Firefox:Addon] 4a9q8b3f.default-1439315922485 : Seznam li?ti?ka [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Smazáno
[PUM.HomePage][Firefox:Config] 4a9q8b3f.default-1439315922485 : user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668"); -> Nahrazeno (about:home)
[PUM.SearchEngine][Firefox:Config] 4a9q8b3f.default-1439315922485 : user_pref("browser.search.selectedEngine", "Seznam"); -> Smazáno
[PUM.SearchEngine][Firefox:Config] 4a9q8b3f.default-1439315922485 : user_pref("browser.search.defaultenginename", "Seznam"); -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 03813ca88c684c402ef47e4a460b7f0e
[BSP] 956b7dd5cdbc122b4bca262048a375c7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 249450 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 511080448 | Size: 450 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 512002048 | Size: 703867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Jarda on so 07.01.2017 at 19:54:36,01.
Microsoft Windows 10 Pro 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jarda\Desktop\zoek\zoek.scr [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-01-07-142809.log 7561 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\jetpack deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06.01.2017 06:58]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"jid1-r1tDuNiNb4SEww@jetpack"="C:\Program Files\AVAST Software\Avast\pam\FF" [06.01.2017 06:58]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485
- Galaxytoolbar - %ProfilePath%\extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485
86C2467018027DFF6ED94F50D9CF1145 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll - Shockwave for Director / Shockwave for Director
E8D38E8FB6EC88E7B0E0B4D9AC9B0725 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll - Shockwave Flash
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\Jarda\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
F9D90EEC96E97411869E120E52B1AE0A - C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll - Google Update
5B6E82D37D684488C226303BAD70D58C - C:\Users\Jarda\AppData\Local\MyComGames\npmycomdetector.dll - My.Com Game Center component npmycomdetector.dll

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Chrome Media Router - Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Startpages ======================

C:\Users\Jarda\AppData\Local\Chromium\Metro\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/?clid=6826",

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\AA4C6CCE343CFFD54E8DB28B098D679C - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{5B1AE680-8758-4631-B4A7-3264DCC71187} - http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes\{B59A2B6C-B45C-4B04-A40A-B733936BB9A4} - http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
HKCU\SearchScopes\{BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} - http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
HKCU\SearchScopes\{D73E0A4C-17D4-4A9D-97FC-52B35524AC94} - http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194

==== Reset Google Chrome ======================

C:\Users\Jarda\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Chromium\User Data\Default\Preferences_20160228200303.backup was reset successfully
C:\Users\Jarda\AppData\Local\Chromium\Metro\User Data\Default\Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Chromium\Metro\User Data\Default\Preferences_20160228200304.backup was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences_20160228200303.backup was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences_20160228200303.backup was reset successfully
C:\Users\Jarda\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jarda\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\Jarda\AppData\Local\Chromium\Metro\User Data\Default\Web Data was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Jarda\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jarda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jarda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jarda\AppData\Local\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Jarda\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Jarda\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=270 folders=123 912411462 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Jarda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jarda\AppData\Local\AVAST Software\APM\Jarda\56pmJ8Ed4nq20d8z\kv_pam.db" not found
"C:\Users\Jarda\AppData\Local\AVAST Software\APM\Jarda\56pmJ8Ed4nq20d8z\kv_pamcore.db" not found
"C:\Users\Jarda\AppData\Local\AVAST Software\APM\Jarda\56pmJ8Ed4nq20d8z\kv_pampub.db" not found
"C:\Users\Jarda\AppData\Local\AVAST Software\APM\Jarda\56pmJ8Ed4nq20d8z\pam.db" not found
"C:\Users\Jarda\AppData\Local\AVAST Software" not found

==== EOF on so 07.01.2017 at 20:36:40,41 ======================

Zemana AntiMalware 2.70.2.352 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017.1.7
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
BIOS Mode : Legacy
CUID : 1268336DB1E5B9C1918460
Scan Type : System Scan
Duration : 10m 0s
Scanned Objects : 166267
Detected Objects : 9
Excluded Objects : 0
Read Level : Normal
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

zoek.scr
Status : Scanned
Object : %userprofile%\desktop\zoek\zoek.scr
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\desktop\zoek\zoek.scr
Scheduled Task - C:\WINDOWS\System32\Tasks\{1F6C2DA0-6033-4C49-B47C-E82404351922}

zoek.pif
Status : Scanned
Object : %userprofile%\desktop\zoek\zoek.pif
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\desktop\zoek\zoek.pif

zoek.com
Status : Scanned
Object : %userprofile%\desktop\zoek\zoek.com
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\desktop\zoek\zoek.com
Scheduled Task - C:\WINDOWS\System32\Tasks\{3FB8732E-1FFC-4C6D-989C-B185C1C453F9}

szndesktop.exe
Status : Scanned
Object : %appdata%\seznam.cz\bin\szndesktop.exe
MD5 : 0A54B0BCD8BC203684C803FC3FB5C5A2
Publisher : Seznam.cz, a.s.
Size : 457384
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\szndesktop.exe
Process - 6172 - C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

lightspeed.dll
Status : Scanned
Object : %appdata%\seznam.cz\bin\lightspeed.dll
MD5 : 7B12697B8A8D362F5694774A9D3055F8
Publisher : Seznam.cz, a.s.
Size : 862888
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\lightspeed.dll
DLL - 6172 - C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

listicka-x64.exe
Status : Scanned
Object : %appdata%\seznam.cz\bin\listicka-x64.exe
MD5 : 69F5AC0038561D256C803BF01C85CBD7
Publisher : Seznam.cz, a.s.
Size : 73896
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\listicka-x64.exe
Process - 8164 - C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe

18512libfoxloader.dll
Status : Scanned
Object : %appdata%\seznam.cz\bin\18512libfoxloader.dll
MD5 : E58EACA639CD7EB45A4E2E22460727E3
Publisher : Seznam.cz, a.s.
Size : 78504
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\18512libfoxloader.dll
DLL - 7392 - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe
DLL - 7704 - C:\Users\Jarda\AppData\Local\Microsoft\OneDrive\OneDrive.exe
DLL - 7976 - C:\Program Files\AVAST Software\Avast\AvastUI.exe
DLL - 8556 - C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
DLL - 8488 - C:\Program Files (x86)\Steam\Steam.exe
DLL - 13260 - C:\Games\World_of_Tanks\WargamingGameUpdater.exe
DLL - 8552 - C:\Program Files (x86)\MSI\Live Update\Live Update.exe
DLL - 6172 - C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

wszndesktop.exe
Status : Scanned
Object : %appdata%\seznam.cz\bin\wszndesktop.exe
MD5 : 177C7E1FB4793BFCC6B06D11D8032481
Publisher : Seznam.cz, a.s.
Size : 103080
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\wszndesktop.exe
Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\cz.seznam.software.szndesktop = "C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

szninstall.exe
Status : Scanned
Object : %programfiles%\seznam.cz\distribution\szninstall.exe
MD5 : 919F88F5158350947FB255358CEA4907
Publisher : Seznam.cz, a.s.
Size : 1062472
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\seznam.cz\distribution\szninstall.exe
Registry Entry - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\seznam-listicka-distribuce = "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

Cleaning Result
-------------------------------------------------------
Cleaned : 9
Reported as safe : 0
Failed : 0

Příspěvekod **jaro3** » 07 led 2017 22:25

Vlož nový log z HJT + informuj o problémech

jarda213 · Příspěvekod **jarda213** » 07 led 2017 23:19

Pardon, moje chyba :-)

Krom toho, že v prohlížeči či FB se pomocí kolečka posunuje stránka velice trhaně, nic, o čem bych věděl.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:17:47, on 7.1.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)

FIREFOX: 50.1.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\Jarda\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [HDD Regenerator] "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jarda\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [World of Warships] "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'DefaultAppPool')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ashampoo Core Tuner 2 Service (ACT2_Service) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plays.tv Update Service (PlaysService) (PlaysService) - Copyright (c) 2016 Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star INT'L CO., LTD. - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 14656 bytes

Příspěvekod **jaro3** » 08 led 2017 09:42

Pardon, moje chyba Krom toho, že v prohlížeči či FB se pomocí kolečka posunuje stránka velice trhaně, nic, o čem bych věděl.

máš správné ovladače pro grafiku?

Ještě něco zkusíme.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

jarda213 · Příspěvekod **jarda213** » 08 led 2017 13:43

FRST musím nadvakrát.
Část 1.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-01-2017
Ran by Jarda (administrator) on JARDA-PC (08-01-2017 13:38:05)
Running from C:\Users\Jarda\Desktop
Loaded Profiles: Jarda (Available Profiles: Jarda & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
() C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Ultima Online DP2\UOAM\uoam.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(BitTorrent, Inc.) C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_111\launch4j-tmp\frd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo Core Tuner 2] => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe [5220768 2011-08-22] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-15] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14080240 2017-01-07] (Zemana Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-06] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-07-27] (MSI)
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2016-12-05] (Wargaming.net)
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-06] (AVAST Software)
Startup: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2016-02-10]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1d6c3d28-4399-4c20-83ad-9f95fe95c873}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {5B1AE680-8758-4631-B4A7-3264DCC71187} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {B59A2B6C-B45C-4B04-A40A-B733936BB9A4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {D73E0A4C-17D4-4A9D-97FC-52B35524AC94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> hxxp://www.seznam.cz/?clid=6826

FireFox:
========
FF ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485 [2017-01-08]
FF NewTab: Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485 -> hxxps://www.seznam.cz/
FF Extension: (Galaxytoolbar) - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\Extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi [2016-11-12]
FF Extension: (Adblock Plus) - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\searchplugins\firmy.cz-200305.xml [2016-02-28]
FF SearchPlugin: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\searchplugins\mapy.cz-200305.xml [2016-02-28]
FF SearchPlugin: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\searchplugins\seznam.cz-200305.xml [2016-02-28]
FF SearchPlugin: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\searchplugins\videa.seznam.cz-200305.xml [2016-02-28]
FF SearchPlugin: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\4a9q8b3f.default-1439315922485\searchplugins\zbozi.cz-200305.xml [2016-02-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-06]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF
FF Extension: (Avast Passwords) - C:\Program Files\AVAST Software\Avast\pam\FF [2017-01-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2017-01-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2017-01-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3592017923-1309911898-1257044881-1000: @my.com/Games -> C:\Users\Jarda\AppData\Local\MyComGames\NPMyComDetector.dll [2016-09-13] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3592017923-1309911898-1257044881-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3592017923-1309911898-1257044881-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3592017923-1309911898-1257044881-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jarda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-3592017923-1309911898-1257044881-1000: google.com/WidevineMediaOptimizer -> C:\Users\Jarda\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-06] (AVAST Software)
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [3559360 2016-09-01] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-03-13] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2204768 2016-09-29] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4171360 2016-11-23] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014816 2016-11-15] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-12-05] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [609888 2016-12-05] (MSI)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2237392 2016-11-10] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2016-08-01] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-09-21] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-07-11] (IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2015-02-09] (Micro-Star INT'L CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel(R) Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14080240 2017-01-07] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys [26560136 2016-10-06] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys [527896 2016-10-06] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-06] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-06-02] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-06] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-06] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-06] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R1 MpKsl97e1dc41; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2FDEC71-1E59-4F04-822A-828FF9F79C9A}\MpKsl97e1dc41.sys [44928 2017-01-08] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
S1 RapportCerberus_1609042; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys [1157960 2016-07-21] (IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-07-11] (IBM Corp.)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [215560 2016-07-11] (IBM Corp.)
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [347624 2016-07-21] (IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [470056 2016-07-11] (IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-07-11] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-24] (Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-01-07] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-01-07] (Zemana Ltd.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-08 13:34 - 2017-01-08 13:37 - 00072125 _____ C:\Users\Jarda\Desktop\Addition.txt
2017-01-08 13:32 - 2017-01-08 13:38 - 00028464 _____ C:\Users\Jarda\Desktop\FRST.txt
2017-01-08 13:32 - 2017-01-08 13:38 - 00000000 ____D C:\FRST
2017-01-08 13:30 - 2017-01-08 13:32 - 02418688 _____ (Farbar) C:\Users\Jarda\Desktop\FRST64.exe
2017-01-08 09:44 - 2017-01-08 09:44 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\AlawarEntertainment
2017-01-08 09:02 - 2017-01-08 09:02 - 00001783 _____ C:\Users\Public\Desktop\Webium's Modpack.lnk
2017-01-07 23:17 - 2017-01-07 23:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jarda\Desktop\HijackThis.exe
2017-01-07 21:30 - 2017-01-07 21:30 - 00006319 _____ C:\Users\Jarda\Desktop\Zemana.txt
2017-01-07 21:04 - 2017-01-07 21:04 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-01-07 21:04 - 2017-01-07 21:04 - 00001221 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-01-07 21:04 - 2017-01-07 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-07 21:04 - 2017-01-07 21:04 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-07 21:03 - 2017-01-07 21:04 - 05473184 _____ ( ) C:\Users\Jarda\Desktop\Zemana.AntiMalware.Setup.exe
2017-01-07 20:42 - 2017-01-08 13:38 - 00249435 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-01-07 20:42 - 2017-01-08 13:38 - 00238944 _____ C:\WINDOWS\ZAM.krnl.trace
2017-01-07 20:42 - 2017-01-07 20:42 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-01-07 20:39 - 2017-01-07 20:39 - 00000000 ___HD C:\OneDriveTemp
2017-01-07 20:39 - 2017-01-07 20:39 - 00000000 ____D C:\Users\Jarda\AppData\Local\Zemana
2017-01-07 20:37 - 2017-01-07 20:37 - 00012846 _____ C:\Users\Jarda\Desktop\zoek-results.txt
2017-01-07 20:22 - 2014-02-13 23:59 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-07 19:54 - 2017-01-07 21:17 - 00000000 ____D C:\Users\Jarda\Desktop\zoek
2017-01-07 18:42 - 2017-01-07 18:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-01-07 18:42 - 2017-01-07 18:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-01-07 15:04 - 2017-01-07 15:28 - 00000000 ____D C:\zoek_backup
2017-01-07 15:01 - 2017-01-07 15:01 - 00011394 _____ C:\Users\Jarda\Desktop\rk nový.txt
2017-01-07 14:15 - 2017-01-07 14:15 - 06563200 _____ C:\Users\Jarda\Desktop\BSOD.rar
2017-01-06 22:40 - 2017-01-06 22:40 - 00011506 _____ C:\Users\Jarda\Desktop\HWMonitor.txt
2017-01-06 22:18 - 2017-01-06 22:18 - 00000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-01-06 22:18 - 2017-01-06 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-01-06 22:18 - 2017-01-06 22:18 - 00000000 ____D C:\Program Files\CPUID
2017-01-06 22:17 - 2017-01-06 22:17 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\JAM Software
2017-01-06 22:04 - 2017-01-07 14:15 - 00000000 ____D C:\Users\Jarda\Desktop\BSOD
2017-01-06 22:03 - 2017-01-06 22:03 - 00000000 ____D C:\Users\Jarda\Desktop\LocaleMetaData
2017-01-06 14:12 - 2017-01-06 14:22 - 00000000 ____D C:\Program Files\WhoCrashed
2017-01-06 14:12 - 2017-01-06 14:13 - 00001072 _____ C:\Users\Jarda\Desktop\WhoCrashed.lnk
2017-01-06 14:12 - 2017-01-06 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2017-01-06 11:26 - 2017-01-06 11:26 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-01-06 11:26 - 2017-01-06 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-01-06 11:26 - 2017-01-06 11:26 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-01-06 11:18 - 2017-01-06 11:18 - 00000000 ____D C:\ProgramData\Sophos
2017-01-06 11:08 - 2017-01-06 13:36 - 25846856 _____ C:\Users\Jarda\Desktop\RogueKillerX64.exe
2017-01-06 10:45 - 2017-01-06 10:45 - 00001725 _____ C:\Users\Jarda\Desktop\JRT.txt
2017-01-06 10:38 - 2017-01-06 10:39 - 01663040 _____ (Malwarebytes) C:\Users\Jarda\Desktop\JRT.exe
2017-01-06 08:30 - 2017-01-06 10:46 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-06 08:30 - 2017-01-06 10:46 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-06 08:30 - 2017-01-06 10:46 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-06 08:30 - 2017-01-06 10:46 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-06 08:30 - 2017-01-06 08:30 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-06 08:30 - 2017-01-06 08:30 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-06 08:30 - 2017-01-06 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-06 08:30 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-06 07:05 - 2017-01-06 08:30 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-06 06:58 - 2017-01-06 06:58 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-06 06:58 - 2017-01-06 06:58 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-06 06:57 - 2017-01-06 06:57 - 03977168 _____ C:\Users\Jarda\Desktop\adwcleaner_6.041.exe
2017-01-06 06:46 - 2017-01-06 06:46 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys.148368158818713.148368234525002
2017-01-06 06:46 - 2017-01-06 06:46 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-06 06:41 - 2017-01-06 06:41 - 00261924 _____ C:\WINDOWS\Minidump\010617-28828-01.dmp
2017-01-05 23:19 - 2017-01-05 23:19 - 00448512 _____ (OldTimer Tools) C:\Users\Jarda\Desktop\TFC.exe
2017-01-05 23:17 - 2017-01-05 23:17 - 00050688 _____ (Atribune.org) C:\Users\Jarda\Desktop\ATF-Cleaner.exe
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\runouce.exe
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\rundll16.exe
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\logo1_.exe
2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\WINDOWS\logo_1.exe
2017-01-05 20:54 - 2017-01-05 20:54 - 00000000 ____D C:\ProgramData\MicroWorld
2017-01-05 20:26 - 2017-01-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-02 23:22 - 2017-01-02 23:22 - 00000000 ____D C:\Users\Jarda\Documents\SkidRow
2017-01-02 23:12 - 2017-01-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargame Red Dragon - Double Nation Pack REDS
2017-01-02 23:12 - 2017-01-02 23:12 - 00000000 ____D C:\Program Files (x86)\Focus Home Interactive
2016-12-27 10:08 - 2017-01-07 17:56 - 00000000 ____D C:\Users\Jarda\Desktop\Ortel---Diskografie-2007-2014
2016-12-17 14:11 - 2016-12-17 14:11 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-16 22:55 - 2016-12-16 22:55 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd
2016-12-16 22:55 - 2016-12-16 22:55 - 00003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf
2016-12-15 10:17 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-15 10:17 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-15 10:17 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-15 10:17 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-15 10:17 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-15 10:17 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-15 10:17 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-15 10:17 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-15 10:17 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 10:17 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-15 10:17 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-15 10:17 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-15 10:17 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-15 10:17 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-15 10:17 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-15 10:17 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-15 10:17 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-15 10:17 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-15 10:17 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-15 10:17 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-15 10:17 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-15 10:17 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-15 10:17 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-15 10:17 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-15 10:17 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-15 10:17 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-15 10:17 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-15 10:17 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-15 10:17 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-15 10:17 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-15 10:17 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-15 10:17 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-15 10:17 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-15 10:17 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-15 10:17 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-15 10:17 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-15 10:17 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-15 10:17 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-15 10:17 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-15 10:17 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-15 10:17 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-15 10:17 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-15 10:17 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-15 10:17 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

jarda213 · Příspěvekod **jarda213** » 08 led 2017 13:43

FRST část 2.

2016-12-15 10:17 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-15 10:17 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-15 10:17 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-15 10:17 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-15 10:17 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-15 10:17 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-15 10:17 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-15 10:17 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-15 10:17 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-15 10:17 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-15 10:17 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-15 10:17 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-15 10:17 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-15 10:17 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-15 10:17 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-15 10:17 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-15 10:17 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-15 10:17 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-15 10:17 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-15 10:17 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-15 10:17 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-15 10:17 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-15 10:17 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-15 10:17 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-15 10:17 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-15 10:17 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-15 10:17 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-15 10:17 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-15 10:17 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-15 10:17 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-15 10:17 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-15 10:17 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-15 10:17 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-15 10:17 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-15 10:17 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-15 10:17 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-15 10:17 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-15 10:17 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-15 10:17 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-15 10:17 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-15 10:17 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-15 10:17 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-15 10:17 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-15 10:17 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-15 10:17 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-15 10:17 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-15 10:17 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-15 10:17 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-15 10:17 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-15 10:17 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-15 10:17 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-15 10:17 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-15 10:17 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-15 10:17 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-15 10:17 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-15 10:17 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-15 10:17 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-15 10:17 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-15 10:17 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-15 10:17 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-15 10:17 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-15 10:17 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-15 10:17 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-15 10:17 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-15 10:17 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-15 10:17 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-15 10:17 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-15 10:17 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-15 10:17 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-15 10:17 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-15 10:17 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-15 10:17 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-12 07:14 - 2016-12-12 07:14 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\Kodi
2016-12-11 18:07 - 2016-12-11 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima Online DP2
2016-12-11 13:17 - 2016-12-11 13:21 - 00000000 ____D C:\Users\Jarda\Desktop\Verči flashka
2016-12-10 23:51 - 2016-12-10 23:51 - 00001103 _____ C:\Users\Jarda\Desktop\VLC media player (2).lnk
2016-12-10 08:57 - 2016-12-14 23:53 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-09 20:56 - 2016-12-30 16:34 - 00000718 _____ C:\Users\Jarda\Desktop\Belzebub-CZ – zástupce.lnk
2016-12-09 13:09 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 13:09 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 13:09 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 13:09 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 13:09 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 13:09 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 13:09 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 13:09 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 13:09 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 13:09 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 13:09 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 13:09 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 13:09 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 13:09 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 13:09 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 13:09 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 13:09 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 13:09 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 13:09 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 13:09 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 13:09 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 13:09 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 13:09 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 13:09 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-09 13:09 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 13:09 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 13:09 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 13:09 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 13:09 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 13:09 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 13:09 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 13:09 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 13:09 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 13:09 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 13:09 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 13:09 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 13:09 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 13:09 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 13:09 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 13:09 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 13:09 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 13:09 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 13:09 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 13:09 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 13:09 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 13:09 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 13:09 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 13:09 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 13:09 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 13:09 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 13:09 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 13:09 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 13:09 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 13:09 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 13:09 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 13:09 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 13:09 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 13:09 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 13:09 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 13:09 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 13:09 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 13:09 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-09 13:09 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 13:09 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 13:09 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 13:09 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 13:09 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 13:09 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 13:09 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 13:09 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 13:09 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 13:09 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 13:09 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 13:09 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 13:09 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 13:09 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 13:09 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 13:09 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 13:09 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 13:09 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 13:09 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 13:09 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 13:09 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 13:09 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 13:09 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 13:09 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 13:09 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-09 13:09 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 13:09 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 13:09 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 13:09 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 13:09 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 13:09 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 13:09 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 13:09 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 13:09 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 13:09 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 13:09 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-09 13:09 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 13:09 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 13:09 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 13:09 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 13:09 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 13:09 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-09 13:09 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-09 13:09 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-09 13:09 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-09 13:09 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 13:09 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-09 13:09 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 13:09 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-09 13:09 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 13:09 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 13:09 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 13:09 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-09 13:09 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-09 13:09 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-09 13:09 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 13:09 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-09 13:09 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-09 13:09 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-09 13:09 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-09 13:09 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-09 13:09 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-09 13:09 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 13:09 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-09 13:09 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 13:09 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-09 13:09 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-09 13:09 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-09 13:09 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-09 13:09 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 13:09 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-09 13:09 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-09 13:09 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 13:09 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 13:09 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 13:09 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-09 13:09 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-09 13:09 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-09 13:09 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-09 13:09 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-09 13:09 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-09 13:09 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-09 13:09 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-09 13:09 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-09 13:09 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-09 13:09 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-09 13:09 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-09 13:09 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-09 13:09 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-09 13:09 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-09 13:09 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-09 13:09 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-09 13:09 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-09 13:09 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-09 13:09 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-09 13:09 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-09 13:09 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 13:09 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-09 13:09 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-09 13:09 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-09 13:09 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-09 13:09 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-09 13:09 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-09 13:09 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-09 13:09 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-09 13:09 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-09 13:09 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-09 13:09 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-09 13:09 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-09 13:08 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 13:08 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 13:08 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 13:08 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 13:08 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 13:08 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 13:08 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 13:08 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 13:08 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 13:08 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 13:08 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 13:08 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 13:08 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 13:08 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 13:08 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 13:08 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 13:08 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 13:08 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 13:08 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 13:08 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-09 13:08 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 13:08 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 13:08 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 13:08 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 13:08 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 13:08 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 13:08 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 13:08 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 13:08 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 13:08 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 13:08 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-09 13:08 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-09 13:08 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 13:08 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 13:08 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 13:08 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 13:08 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 13:08 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 13:08 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-09 13:08 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 13:08 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 13:08 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 13:08 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 13:08 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-09 13:08 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-09 13:08 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-09 13:08 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-09 13:08 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 13:08 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-09 13:08 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-09 13:08 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-09 13:08 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-09 13:08 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-09 13:08 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 13:08 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-09 09:50 - 2016-12-09 09:50 - 00018537 _____ C:\Users\Jarda\Desktop\EU nacist.jpg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-08 13:32 - 2016-11-15 21:02 - 00000000 ____D C:\Users\Jarda\AppData\LocalLow\Mozilla
2017-01-08 13:30 - 2014-08-10 17:13 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\uTorrent
2017-01-08 13:15 - 2016-09-15 05:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-08 10:41 - 2014-06-02 16:44 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\vlc
2017-01-08 09:44 - 2016-07-15 11:28 - 00000000 ___RD C:\Users\Jarda\Desktop\Hry
2017-01-08 09:02 - 2016-06-20 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2017-01-08 07:04 - 2016-09-15 05:26 - 00000000 ____D C:\Users\Jarda
2017-01-07 21:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-07 21:17 - 2016-02-21 16:28 - 00000000 ___RD C:\Users\Jarda\OneDrive
2017-01-07 21:00 - 2014-09-19 08:09 - 00000000 ____D C:\Users\Jarda\AppData\Local\CrashDumps
2017-01-07 20:48 - 2016-09-15 05:46 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-07 20:45 - 2015-11-15 20:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-07 20:41 - 2016-09-14 05:51 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\PlaysTV
2017-01-07 20:35 - 2016-09-15 05:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-07 20:35 - 2014-06-02 16:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-07 20:34 - 2016-09-15 05:21 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-07 20:34 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-07 18:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-07 18:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-07 18:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-07 18:18 - 2016-09-15 05:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\DelayedItemsByChemtableSoftware
2017-01-07 17:52 - 2016-10-09 15:50 - 00000000 ____D C:\Users\Jarda\Desktop\Verči bordel
2017-01-07 17:33 - 2016-09-15 07:10 - 00000008 __RSH C:\Users\Jarda\ntuser.pol
2017-01-07 16:59 - 2014-06-02 16:47 - 00000000 ____D C:\Program Files (x86)\Ultima Online DP2
2017-01-07 15:28 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-07 15:00 - 2016-02-28 20:01 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2017-01-07 14:27 - 2014-09-18 18:59 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-07 10:27 - 2016-09-15 05:46 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1451055090
2017-01-07 10:27 - 2015-12-25 15:51 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-07 10:18 - 2015-10-15 13:24 - 00000000 ____D C:\Users\Jarda\AppData\Local\MyComGames
2017-01-06 22:11 - 2014-06-02 18:55 - 00000000 ____D C:\Users\Jarda\AppData\Local\Microsoft Help
2017-01-06 20:55 - 2016-02-21 16:23 - 00000000 ____D C:\Users\Jarda\AppData\Local\Packages
2017-01-06 20:54 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-06 17:38 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-06 14:12 - 2014-09-18 18:59 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-06 10:33 - 2014-12-15 12:55 - 00000000 ____D C:\AdwCleaner
2017-01-06 08:30 - 2014-09-18 13:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-06 06:59 - 2016-08-31 02:03 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2017-01-06 06:59 - 2014-06-02 16:02 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-01-06 06:59 - 2014-06-02 16:02 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-01-06 06:59 - 2014-06-02 16:02 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-01-06 06:58 - 2014-06-02 16:11 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-06 06:58 - 2014-06-02 16:02 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148368235098407
2017-01-06 06:58 - 2014-06-02 16:02 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148368235117110
2017-01-06 06:58 - 2014-06-02 16:02 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148368235285912
2017-01-06 06:58 - 2014-06-02 16:02 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-06 06:58 - 2014-06-02 16:02 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-06 06:58 - 2014-06-02 16:02 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-06 06:58 - 2014-06-02 16:02 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-06 06:58 - 2014-06-02 16:02 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-06 06:46 - 2016-06-18 02:03 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-06 06:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-06 06:41 - 2016-09-17 18:11 - 445242077 _____ C:\WINDOWS\MEMORY.DMP
2017-01-06 06:41 - 2016-09-17 18:11 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-06 06:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-06 00:09 - 2016-09-15 05:26 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-06 00:07 - 2014-06-02 19:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-01-05 23:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2017-01-05 23:57 - 2016-08-16 11:00 - 00000000 ____D C:\Users\Jarda\AppData\LocalLow\Google
2017-01-05 23:57 - 2014-06-02 19:58 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2017-01-05 23:57 - 2014-06-02 16:17 - 00000000 ____D C:\Users\Jarda\AppData\Roaming\Macromedia
2017-01-05 23:54 - 2014-06-02 16:09 - 00000000 ____D C:\Users\Jarda\AppData\Local\Mozilla
2017-01-05 23:51 - 2014-06-02 18:55 - 00000000 __RHD C:\MSOCache
2017-01-03 07:35 - 2014-06-02 16:15 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-31 12:42 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Pictures
2016-12-31 12:20 - 2016-09-15 05:19 - 00344400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-31 12:20 - 2016-01-28 20:16 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA.job
2016-12-31 12:20 - 2016-01-28 20:16 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core.job
2016-12-30 16:34 - 2016-12-08 17:11 - 00000000 ____D C:\Users\Jarda\Desktop\Diablo 1 HD
2016-12-27 09:35 - 2016-06-12 22:18 - 00000000 ____D C:\Users\Jarda\Desktop\MÁJE 2016 Roubal
2016-12-27 09:34 - 2016-06-20 10:37 - 00000000 ____D C:\Users\Jarda\Desktop\MÁJE 2016
2016-12-27 09:34 - 2016-06-12 17:52 - 00000000 ____D C:\Users\Jarda\Desktop\DCIM
2016-12-19 09:32 - 2016-09-15 05:25 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-19 09:32 - 2016-09-15 05:25 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-18 14:34 - 2016-08-06 19:28 - 00000000 ____D C:\Users\Jarda\Documents\FFOutput
2016-12-18 09:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-17 14:11 - 2016-09-15 05:26 - 00000000 ___RD C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-17 14:11 - 2016-02-21 16:28 - 00002429 _____ C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 12:33 - 2015-01-21 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-16 21:27 - 2016-09-15 05:46 - 00003500 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70
2016-12-16 21:27 - 2016-09-15 05:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d12cb29460bcd6
2016-12-16 14:23 - 2016-09-15 05:25 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 13:50 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-15 14:06 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-15 11:14 - 2016-09-15 05:26 - 02353798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 11:14 - 2016-07-16 23:25 - 00856824 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-15 11:14 - 2016-07-16 23:25 - 00226636 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-15 11:14 - 2016-07-16 12:49 - 00960016 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-15 11:14 - 2016-07-16 12:49 - 00292172 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-15 11:12 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-15 11:08 - 2016-11-15 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-15 11:08 - 2014-06-02 16:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 11:07 - 2016-09-21 17:33 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{0271c19e-8019-11e6-832b-d43d7eecf40d}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 11:07 - 2016-09-21 17:33 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{0271c19e-8019-11e6-832b-d43d7eecf40d}.TM.blf
2016-12-15 11:06 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-15 11:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 11:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 11:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 11:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-15 11:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-15 11:06 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-15 10:25 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 10:15 - 2014-06-02 18:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-14 10:13 - 2014-06-02 16:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 10:10 - 2014-06-02 16:35 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 02:32 - 2015-11-15 20:34 - 00000000 ____D C:\Users\Jarda\AppData\Local\Steam
2016-12-12 07:27 - 2016-09-21 17:33 - 00524288 ___SH C:\Users\Jarda\NTUSER.DAT{0271c19a-8019-11e6-832b-d43d7eecf40d}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 07:12 - 2014-06-07 14:27 - 00000000 ___RD C:\Users\Jarda\Desktop\Nepoužívané ikony
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 18:08 - 2014-08-27 18:51 - 00000000 ____D C:\Users\Jarda\Documents\Soubory aplikace Outlook
2016-12-10 23:54 - 2016-09-15 05:26 - 00000000 ____D C:\Users\Jarda\AppData\Local\Microsoft
2016-12-10 23:43 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-10 08:57 - 2014-06-15 13:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-12-10 08:57 - 2014-06-02 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-12-10 08:57 - 2014-06-02 16:02 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-10 08:57 - 2014-06-02 13:38 - 00000000 ____D C:\MSI
2016-12-10 08:32 - 2016-09-15 07:11 - 00000174 ___SH C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 08:32 - 2016-02-21 16:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 08:32 - 2014-06-02 13:35 - 00000402 ___SH C:\Users\Jarda\Documents\desktop.ini
2016-12-10 08:32 - 2014-06-02 13:35 - 00000174 ___SH C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 08:32 - 2014-06-02 13:35 - 00000000 ___RD C:\Users\Jarda\Searches
2016-12-10 08:32 - 2014-06-02 13:35 - 00000000 ___RD C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-10 08:32 - 2014-06-02 13:35 - 00000000 ___RD C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-10 08:32 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Videos
2016-12-10 08:32 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Music
2016-12-10 08:32 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Links
2016-12-10 08:32 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Favorites
2016-12-10 08:32 - 2014-06-02 13:34 - 00000000 ___RD C:\Users\Jarda\Contacts
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-10 03:47 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-10 03:47 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 03:47 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 03:47 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 03:47 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-09 12:42 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 10:57 - 2014-06-02 15:51 - 00000000 ____D C:\Users\Jarda\AppData\Local\Diagnostics

==================== Files in the root of some directories =======

2016-05-28 20:47 - 2016-05-28 20:46 - 0012879 _____ () C:\Users\Jarda\AppData\Roaming\alsoft.ini
2016-03-16 18:22 - 2016-03-16 18:22 - 0099384 _____ () C:\Users\Jarda\AppData\Roaming\inst.exe
2016-03-16 18:22 - 2016-03-16 18:22 - 0007859 _____ () C:\Users\Jarda\AppData\Roaming\pcouffin.cat
2016-03-16 18:22 - 2016-03-16 18:22 - 0001167 _____ () C:\Users\Jarda\AppData\Roaming\pcouffin.inf
2016-03-16 18:22 - 2016-03-16 18:22 - 0000034 _____ () C:\Users\Jarda\AppData\Roaming\pcouffin.log
2016-03-16 18:22 - 2016-03-16 18:22 - 0082816 _____ (VSO Software) C:\Users\Jarda\AppData\Roaming\pcouffin.sys
2016-08-06 19:48 - 2016-08-06 19:49 - 0004608 _____ () C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-13 23:14 - 2015-07-13 23:14 - 0000093 _____ () C:\Users\Jarda\AppData\Local\fusioncache.dat
2014-09-13 19:41 - 2016-03-17 13:05 - 0007597 _____ () C:\Users\Jarda\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\Jarda\dht.dat
C:\Users\Jarda\resume.dat
C:\Users\Jarda\rss.dat
C:\Users\Jarda\settings.dat

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-07 10:27

==================== End of FRST.txt ============================

jarda213 · Příspěvekod **jarda213** » 08 led 2017 13:44

A to druhé také, část 1.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2017
Ran by Jarda (08-01-2017 13:38:43)
Running from C:\Users\Jarda\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 04:49:41)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3592017923-1309911898-1257044881-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3592017923-1309911898-1257044881-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-3592017923-1309911898-1257044881-503 - Limited - Disabled)
Guest (S-1-5-21-3592017923-1309911898-1257044881-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3592017923-1309911898-1257044881-1002 - Limited - Enabled)
Jarda (S-1-5-21-3592017923-1309911898-1257044881-1000 - Administrator - Enabled) => C:\Users\Jarda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.1 - Mirillis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ashampoo Core Tuner 2 2.0.1 (HKLM-x32\...\Ashampoo Core Tuner 2_is1) (Version: 2.0.1 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
calibre 64bit (HKLM\...\{13AD5E97-F15C-46C7-92D9-6CE42AB6E73E}) (Version: 1.26.0 - Kovid Goyal)
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 6.2.0.5 (11/11/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.0.0.5 (MATOZ REPACK) (HKLM-x32\...\DVDFab 8_is1) (Version: - )
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.1.3.3 - Electronic Arts, Inc.)
FastStone Image Viewer 5.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.2 - FastStone Soft)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FormatFactory 2.60 (HKLM-x32\...\FormatFactory) (Version: 2.60 - Free Time)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
ICQ 8.2 (verze 7038) (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\ICQ) (Version: 8.2.7038.0 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.31.7101 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{20F70BB1-9240-43D2-985C-A8F5C6AAA1C7}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Metal Gear Solid V: The Phantom Pain (HKLM-x32\...\{48397BFF-7C01-4B64-8F1A-0D468DDE5D73}_is1) (Version: - Kojima Productions)
Metro 1 CZ 2033 Redux . (HKLM-x32\...\Metro 1 CZ 2033 Redux .) (Version: . - Libbi)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.17 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.05 - MSI)
MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.11 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.07 - MSI)
MSI(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
MSI(R) Intel(R) Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden
My.com Game Center (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\MyComGames) (Version: 3.152 - My.com B.V.)
NetworkGenie (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.0.0.8 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.76 - Trusteer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PingPlotter 4.12.0 (HKLM-x32\...\{D59AF474-7881-48B7-9120-F23D093BC447}) (Version: 4.12.0.9 - Pingman Tools, LLC)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.17.6-r119262-release - Plays.tv, LLC)
Prohlížeč Seznam.cz (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Seznam Browser) (Version: - Seznam.cz a.s.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rapport (x32 Version: 3.5.1609.100 - Trusteer) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.6-r115593-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reg Organizer version 7.50 (HKLM-x32\...\Reg Organizer_is1) (Version: 7.50 - ChemTable Software)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SDR Free Mobi Reader version 1.0 (HKLM-x32\...\SDR Free Mobi Reader_is1) (Version: 1.0 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Ocean (HKLM-x32\...\Steam App 390670) (Version: - ICE Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Treasures of Montezuma 5 (HKLM-x32\...\The Treasures of Montezuma 5Final) (Version: Final - Game-Owl)
TimeShift (HKLM-x32\...\{1367FA2F-2B3D-430F-872F-588B93420BFC}) (Version: 1.00.000 - Sierra Entertainment)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Ultima Online DP2 (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Ultima Online DP2) (Version: - )
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Warcraft III) (Version: - )
webiums modpack 0.5.13.1 v5.13.1.00 (HKLM-x32\...\{25DB4D0E-FBB3-477D-92D9-446005094A5D}_is1) (Version: 5.13.1.00 - myWOTmods.com)
webiums modpack 0.9.17.0.1 v06 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: 06 - myWOTmods.com)
WhoCrashed 5.53 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wooky 3.0.1.0 (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\Wooky) (Version: 3.0.1.0 - Mobilbonus, s.r.o.)
World of Warships (HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.352 - Zemana Ltd.)

jarda213 · Příspěvekod **jarda213** » 08 led 2017 13:45

Část 2.

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01F8D001-EC79-4078-98D6-177E8D2F3D61} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {029C139D-0BA2-49EC-93FA-CC6B483FEF12} - System32\Tasks\DelayedItemsByChemtableSoftware\Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2016-11-11] (Micro-Star INT'L CO., LTD.)
Task: {0909B576-ECFB-44E0-BA35-C87188CE118C} - \{3FB8732E-1FFC-4C6D-989C-B185C1C453F9} -> No File <==== ATTENTION
Task: {09BC9A11-F581-477E-80B2-8090CE5616FD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {12033509-85D3-4F12-A984-8C98F61AD1F4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {13269713-2E00-49A7-A0EA-344FB7E90EE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1448FB9B-4115-40DC-A9E0-6B120A75E7FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {15177F34-35F3-4B23-BA45-2AD42FF9AD96} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1657F6A4-8794-4F75-8C2A-A9336925B602} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1819CDDD-C28B-49EB-8EEF-E6E01434F477} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {193AD872-D90E-42E6-8279-9869C6508DED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {1F2DAFA4-B384-4C1C-8EB1-A941FA21396F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {2D9A506F-F8A1-4160-9A74-F6EE155121D5} - System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2DCDA659-F6E8-4212-A3C6-B5BD70EA5A0C} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {31F5C710-AFF6-46C6-8591-A8B18BD9BBB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {322E1D9D-B59B-4AF2-A82B-18F77F9756E5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3749EF22-5FC2-4440-9703-4E9709EBE885} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3940DBD6-0570-4164-8649-AA9AB975F752} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {39C8549B-1186-499D-B460-66CC5DB78839} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C46B3AB-4F3B-48BB-AE06-A96B3E011799} - System32\Tasks\{79B0425F-6AAB-432E-ACC4-3B0FAA60CE3F} => C:\Program Files (x86)\MSI\Command Center\CC_LoadingPage.exe [2016-11-29] (MSI)
Task: {3CAE6307-9229-4652-A418-0EDE8A1CB249} - System32\Tasks\GoogleUpdateTaskMachineCore1d12cb29460bcd6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3DB44A93-2DFB-4AFD-9E55-87E11506D32B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {401EBA64-E1DA-4CBA-904C-2AAE4933ABB2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4124BBC1-33F7-460A-98D6-53CC8C3FCB6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {41AD8C4F-DC80-4F6A-ABAC-21E279DB005D} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-03-13] (Intel Corporation)
Task: {429D2811-D49E-4E04-9BF9-FF0DB3179606} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {42EA49E5-0A7F-4789-91FD-89E7ED441A14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4716E9B8-4CE9-4454-A258-3D58AB4D9480} - System32\Tasks\{66FDDA73-62B3-43DC-A90F-5DF9F5ACE184} => pcalua.exe -a "C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_PCIE_Network_Drivers_7.77.1126.2013\setup.exe" -d C:\Windows\system32 -c /s /f2c:\mylog.log /z[-rpC:\RHDSetup.log]
Task: {4F836CE2-2DF1-4988-844C-2E9B3F6A202A} - System32\Tasks\{B5DD29FC-5E38-47B2-9922-2BC092B063B7} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {521F643C-D16E-4E70-A6D6-0409502C1BB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-07] (Adobe Systems Incorporated)
Task: {5856D949-036A-4D5D-AF91-0F35F99E5ABC} - System32\Tasks\{E2936294-7028-4EC9-B103-3148156EA466} => C:\Program Files (x86)\MSI\Command Center\CC_LoadingPage.exe [2016-11-29] (MSI)
Task: {5CE01177-CAD6-4324-B885-2CCAA13F80F2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jarda\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {62BA2543-5803-4933-A2B0-FB6BFA04AC8A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {68ED01EA-A8EC-45DE-A1CE-9E3177151B71} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6FC43239-6170-4EA6-BBA0-F1C1D75CF765} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {72D488B2-7FA6-44BE-91B4-20F15235D81B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {771B5976-222F-4F52-905F-3E4ABFC40DE3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {79AFA258-F5D6-49FC-ABE0-50BB13CB43F4} - System32\Tasks\{ACD7CDF9-566A-492E-AA22-AF98E6249402} => pcalua.exe -a "C:\Program Files (x86)\CENEGA CZECH\Chameleon\Chameleon.exe" -d "C:\Program Files (x86)\CENEGA CZECH\Chameleon"
Task: {79C10E6C-39A1-494F-B1DD-C4433FECBEDF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EF9A117-63C4-4FC3-B721-96A7A0C25E8C} - System32\Tasks\{63ADAFA0-F6A8-4DD3-ACCF-1969F9424CB0} => C:\YoutubeMusicDownloader\Downloader.exe [2013-12-01] (YouTubeMusicDownloader.com)
Task: {851B3570-E0A3-4224-8032-8B72AD423A04} - System32\Tasks\DelayedItemsByChemtableSoftware\DAEMON Tools Lite => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04] (Disc Soft Ltd)
Task: {883E5324-7951-48E9-9509-EE6335C63358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {88C63A35-11C1-4424-898B-4B79EBCB40A2} - System32\Tasks\{557B6AB5-6D23-438A-A276-C58A65D29C4E} => pcalua.exe -a C:\Users\Jarda\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Jarda\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {8BD50D32-67C4-4CC3-AB6D-C7CE093FC860} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8DD5B604-80D9-493F-A506-7EC68E46FEBD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {907B094A-978B-4616-9167-14D35C3D7AF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {9129C3A3-44C2-4D70-90A8-60D5595F7F34} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {92256C56-0A52-466E-A587-2C4BAEF81FFC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9A2F58B7-738E-496B-8F9F-0D1D3DC03666} - System32\Tasks\DelayedItemsByChemtableSoftware\PlaysTV => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
Task: {A26D436C-4AAD-45E5-AA98-96DBA897042B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {A6E1D788-6749-42BA-A4BC-0015BFA994C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A8B4110E-44CB-4CD2-8680-195A0DF5D0D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2B09798-90A6-4DA9-B2D3-C08271EED48B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B5C5EB19-E553-4428-BC7B-20D82244D8A8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {B6521AEA-548F-4C65-9DEE-334FD4C5871D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BA656828-A35A-4A7F-9F20-BBF8FED99AC7} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2014-04-23] (Realtek Semiconductor)
Task: {BFF5E9DE-8D3A-4999-B53B-9E68B921119B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-07] (Advanced Micro Devices, Inc.)
Task: {C37CAFF9-2858-4940-8EC7-22E52CFF1352} - System32\Tasks\DelayedItemsByChemtableSoftware\Google Update => C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16] (Google Inc.) <==== ATTENTION
Task: {C509F66D-823A-43A3-9CDA-C34FF0154A0B} - System32\Tasks\SafeZone scheduled Autoupdate 1451055090 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C7A52FA3-720B-46B7-A394-29F805C49A0B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D37EEB5D-2EAC-4B6A-AD4A-593461C939A5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D7682B18-5524-412C-B05D-9C36FD57C18B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DCA035D3-EB92-4BB1-B9FF-52378A6C3FCC} - System32\Tasks\DelayedItemsByChemtableSoftware\Raptr => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-23] (Raptr, Inc)
Task: {E4EB6EF8-878F-4D77-9180-A5C77CFE7062} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {E683F12E-D6E4-401A-8DCB-1C3BBAB2DA8A} - System32\Tasks\{AE135B0D-C28C-47DE-AF3A-0C6E5A8946C5} => pcalua.exe -a F:\setup.exe -d F:\
Task: {E8F26399-1E98-4142-AC37-E7B48738FD2B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EF8F24F6-3A8E-485C-B121-F3DD6B65D725} - System32\Tasks\RegOrganizerQuickLaunch => -RegistryEditor -ForceForeground -NoSplash
Task: {EFC8BA85-72CC-4B8E-A449-C176263438C7} - System32\Tasks\DelayedItemsByChemtableSoftware\World of Tanks => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2016-11-18] (Wargaming.net)
Task: {F0F6E758-A65B-4F08-861E-64D24B713153} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-06] (AVAST Software)
Task: {F1AE57D9-7640-48C1-A1FE-1D682EC1FA15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {F4CBF954-A49C-4A5C-BF12-C3B19BCDB901} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {F599A015-E394-414C-8909-F3503B3CE9AC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9F1DDE9-86D0-42BD-B7B9-E5FF30EBC601} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB0F4098-A267-4DED-8BD8-37515B4A7A7B} - \{1F6C2DA0-6033-4C49-B47C-E82404351922} -> No File <==== ATTENTION
Task: {FCA667D8-BCC5-4CB4-8987-E15327D65260} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {FD3C3FAE-50E2-4413-80C8-E944E171A44E} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RtlNetworkGenieVistaStart.job => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prince of Persia Písky času\Registrovat online.lnk -> C:\Program Files (x86)\UBISOFT\Prince of Persia The Sands of Time\Support\UbiReg_cze.bat (No File)
Shortcut: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks\WorldofTanks.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=174&aff_id=1034 --app-window-size=1920,1080

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 10:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-06-05 06:59 - 2011-08-22 12:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2014-09-21 19:36 - 2014-09-21 19:36 - 00066872 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-12-15 10:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-17 14:11 - 2016-12-17 14:11 - 01678560 _____ () C:\Users\Jarda\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-01-07 21:04 - 2017-01-07 21:04 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-09-15 06:14 - 2016-09-15 06:14 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-15 10:17 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-14 20:35 - 2016-12-14 20:37 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 20:35 - 2016-12-14 20:37 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 20:35 - 2016-12-14 20:37 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 20:35 - 2016-12-14 20:36 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-14 18:54 - 2016-09-01 11:12 - 03559360 _____ () C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
2015-11-26 11:47 - 2016-02-23 09:13 - 00475648 _____ () C:\Program Files (x86)\Ultima Online DP2\UOAM\uoam.exe
2016-11-23 09:02 - 2016-11-23 09:03 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 09:02 - 2016-11-23 09:03 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 18:56 - 2016-06-03 18:57 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 09:02 - 2016-11-23 09:03 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 09:02 - 2016-11-23 09:03 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-11-09 02:49 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 02:49 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 02:49 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 02:49 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 02:49 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-13 23:27 - 2016-12-13 23:27 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-01-06 06:58 - 2017-01-06 06:58 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-07 14:20 - 2017-01-07 14:20 - 03075072 _____ () C:\Program Files\AVAST Software\Avast\defs\17010700\algo.dll
2017-01-06 06:58 - 2017-01-06 06:58 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-08 12:59 - 2017-01-08 12:59 - 03138056 _____ () C:\Program Files\AVAST Software\Avast\defs\17010801\algo.dll
2016-12-23 01:00 - 2016-12-23 01:00 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2016-12-23 01:00 - 2016-12-23 01:00 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2016-12-23 01:00 - 2016-12-23 01:00 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2016-12-23 01:00 - 2016-12-23 01:00 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-04-23 05:45 - 2013-09-17 02:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-06 06:58 - 2017-01-06 06:58 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [270]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [394]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-01-07 19:55 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\Control Panel\Desktop\\Wallpaper -> D:\Foto a video mix\Foto\Upravit plocha\Photo-0159.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{0D900E25-A0C4-48D0-9D3B-1771FC7A6C86}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [TCP Query User{7CEFE6A6-4DFF-49CF-8DD8-0204C2579386}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [{5AB28F4E-AED3-4773-99F4-CF0D8A00F053}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9509D0D5-1931-4CEB-919F-763F0BED79D7}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7BEFDEEC-61CC-47C0-889C-09B597EF8DA0}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{ED805F50-0927-437F-8EFB-AAE72FF1C0EE}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{F59A84D9-8D66-424F-903A-0A8A92FB9834}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{8E2E6446-6158-42F8-B155-4DA4AD7033A8}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{60ECBA28-6375-4E17-BF23-665817B5AC4C}C:\program files (x86)\java\jre1.8.0_101\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_101\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{2EAAC806-40A9-4F5B-A81C-C3628CCBC73D}C:\program files (x86)\java\jre1.8.0_101\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_101\launch4j-tmp\frd.exe
FirewallRules: [{B2812476-455B-4850-A0FD-D8F266D6FAC4}] => C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{A30C41AA-3DAD-4C66-B477-42DCB3E17286}] => C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [UDP Query User{EC992311-B80A-47CB-90FC-12B3D73B952A}D:\games\call.of.duty.complete.collection.2014.full.rip-bm\1. call.of.duty+united.offensive.updated.v1.51.full.rip-bm\call of duty\cod\codmp.exe] => D:\games\call.of.duty.complete.collection.2014.full.rip-bm\1. call.of.duty+united.offensive.updated.v1.51.full.rip-bm\call of duty\cod\codmp.exe
FirewallRules: [TCP Query User{C281C347-E5ED-47DE-9C4D-3923C6D0837F}D:\games\call.of.duty.complete.collection.2014.full.rip-bm\1. call.of.duty+united.offensive.updated.v1.51.full.rip-bm\call of duty\cod\codmp.exe] => D:\games\call.of.duty.complete.collection.2014.full.rip-bm\1. call.of.duty+united.offensive.updated.v1.51.full.rip-bm\call of duty\cod\codmp.exe
FirewallRules: [UDP Query User{7D3F599F-2068-4269-9835-FF1CC23F8AB5}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{4E7E5706-1BC1-436B-8ABE-BE8B1777D637}C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_77\launch4j-tmp\frd.exe
FirewallRules: [{BB89F7D3-68A5-4661-BCAA-76AE11C8EAFB}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EA948DEF-3D62-416B-BD6A-D17B12FDE6E1}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{86C6D2D2-9E7F-4D99-BE68-C63EF9B5771F}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{51291D7F-2C99-469C-BB1C-3820FC4FC38F}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{608C1AB7-12A1-42D3-ABCE-1BC55729B5B4}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{BCA97A71-68B6-4239-B13A-0969FAFA35C7}] => C:\Program Files (x86)\Sierra\FEAR\FEARMP.exe
FirewallRules: [{36E60D5A-D2AF-4E73-A8C2-A3C913DE0530}] => C:\Program Files (x86)\Sierra\FEAR\FEARMP.exe
FirewallRules: [{5D0FCB3F-CD2D-4D17-84C6-4CC9E7651DAC}] => C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{65F99AA1-EABD-4A96-B9D5-68B52A985C23}] => C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [UDP Query User{ACCA9855-5F41-47A5-8885-82644BDB7D82}C:\program files (x86)\java\jre1.8.0_74\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_74\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{234F1B16-37B8-4A24-AEEF-F82102C546B1}C:\program files (x86)\java\jre1.8.0_74\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_74\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{961AEA7A-5893-40FB-88B7-5F78DBBC54FA}C:\program files (x86)\ultima online dp2\uoam\uoam.exe] => C:\program files (x86)\ultima online dp2\uoam\uoam.exe
FirewallRules: [UDP Query User{6D378447-34D5-45DD-9A78-11439F33F4A9}C:\program files (x86)\ultima online dp2\uoam\uoam.exe] => C:\program files (x86)\ultima online dp2\uoam\uoam.exe
FirewallRules: [TCP Query User{CD74F362-092E-4C5F-A8D0-36255B6024F8}C:\program files (x86)\ultima online dp2\client.exe] => C:\program files (x86)\ultima online dp2\client.exe
FirewallRules: [UDP Query User{6CAE7032-1E22-4578-AA84-3E9CF24308F6}C:\program files (x86)\ultima online dp2\client.exe] => C:\program files (x86)\ultima online dp2\client.exe
FirewallRules: [TCP Query User{F45D5158-A8B0-4BAB-9124-D62C58F89B5A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{123AD01C-476F-49F3-A726-86ECF0780D66}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{77E28C3E-785E-4A58-9FDD-781F60E9429F}C:\Program Files (x86)\EA Games\need for speed most wanted\NFS13.exe] => C:\Program Files (x86)\EA Games\need for speed most wanted\NFS13.exe
FirewallRules: [UDP Query User{31FD4C3C-3B5C-4E7C-95D6-06D1B4F2095D}C:\Program Files (x86)\EA Games\need for speed most wanted\NFS13.exe] => C:\Program Files (x86)\EA Games\need for speed most wanted\NFS13.exe
FirewallRules: [{F290267A-65C4-4216-8B47-0CD5DF0DB19A}] => C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{046F01C8-341A-4DA3-A89C-C995BA18F679}] => C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{023DBB3C-B8A5-4145-9D0F-31D01E78EA5F}] => LPort=80
FirewallRules: [{82E4FDC2-D52A-4A31-8C9B-B48EECC7B847}] => LPort=443
FirewallRules: [{09B78A8F-78A7-4BFE-9CB9-BB9B27270C4F}] => LPort=20010
FirewallRules: [{949CFDB6-CBF5-4BAF-AFB8-7EC32938E692}] => LPort=3478
FirewallRules: [{76F42703-98BD-4C74-96A9-D6D24DF54A2D}] => LPort=7850
FirewallRules: [{8E2C7983-E8F5-484C-8408-DDB186FBD549}] => LPort=7852
FirewallRules: [{162AA92F-6263-4277-9932-1604DFBE4DC3}] => LPort=7853
FirewallRules: [{0BA015C8-F673-4084-8E82-3FFD2E88500C}] => LPort=27022
FirewallRules: [{A0E09F73-C4EC-477E-BE8D-C3CF7E60EA37}] => LPort=6881
FirewallRules: [{1CF0E6CA-050E-45CC-8F4E-7D048D95ABEE}] => LPort=33333
FirewallRules: [{BB726C53-2325-47A0-A99C-B2141000226B}] => LPort=20443
FirewallRules: [{7C279E3A-D478-4460-9B30-82DD81EB59AC}] => LPort=8090
FirewallRules: [TCP Query User{2487492B-1EE7-4BBE-B057-D827BEC4E3C9}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{A2B1D29F-43DC-4AB8-845A-69DACC33C50F}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [{B74E640C-A4D1-4678-B5ED-0019A7C5B0B6}] => C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{36521CE3-80C4-480B-9073-607E933DDBBC}] => C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{3B2ABAE4-EB89-40AD-B33B-390E6B433B99}C:\program files (x86)\ultima online dp2\client.exe] => C:\program files (x86)\ultima online dp2\client.exe
FirewallRules: [UDP Query User{2CB73192-F024-4505-89E3-552D1C6B2D06}C:\program files (x86)\ultima online dp2\client.exe] => C:\program files (x86)\ultima online dp2\client.exe
FirewallRules: [TCP Query User{3A5EE25A-3785-44EC-9B46-130305B1DDAE}C:\users\jarda\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => C:\users\jarda\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [UDP Query User{C526FDC8-8149-424B-BBC2-0B1C01EF31E6}C:\users\jarda\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => C:\users\jarda\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{23C5D4B2-931B-42ED-8C0B-D612E8402A34}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F21927D0-98DD-43F5-9BC1-CD26434AD862}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F041D1CF-77FB-43CE-AA61-D5EFE3EE5256}C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{AB5499B5-CA8A-4931-87C7-B24DA8C32739}C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{4E39FDCB-FC17-41CF-A0DB-3BBF146CA17C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{42D9C22B-8F34-4A66-9984-312CDE8F2E66}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{3323EE1C-A915-4797-A8DE-1AE9DC9866B9}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{91267BF2-E9C1-4F71-8EA2-4773484537EF}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{603355A0-BCDC-497B-A749-C875653ABF55}C:\program files (x86)\ultima online dp2\uoam\uoam.exe] => C:\program files (x86)\ultima online dp2\uoam\uoam.exe
FirewallRules: [UDP Query User{A6A2F82F-B756-4F07-92AF-6622B0035608}C:\program files (x86)\ultima online dp2\uoam\uoam.exe] => C:\program files (x86)\ultima online dp2\uoam\uoam.exe
FirewallRules: [TCP Query User{F6A78A6F-9405-450E-A0D1-3992C7F7FA77}C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{B9D48ECC-28C1-4C8F-B977-63E10D18C3FF}C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{F23DD1F9-28E3-4843-872D-4DA87C4ED219}C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{C85AFFFE-22D0-4E16-A78E-BFCD17062941}C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{1ED468F2-2B66-4A58-8507-6D7DC348ED76}F:\et\et.exe] => F:\et\et.exe
FirewallRules: [UDP Query User{F4813DAB-8AA2-4CA8-9769-99AFD0909C24}F:\et\et.exe] => F:\et\et.exe
FirewallRules: [{684C675F-0AF0-4817-91E6-CE56AA325F5D}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C75EC1AA-B88E-48B3-9571-286D72433CDB}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82002F01-B03A-4D85-B01C-709FB7505B28}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5AE344D-1116-4055-9132-B81A11F90B40}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{862DF811-E101-45DA-9A50-96ABD822197D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6FB61FF3-6AE0-44F8-A46B-A6EB892C7E0C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C59B41DD-0474-426B-A6E8-C00F91B09C55}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{11ECCDB3-74DB-4AF9-BFC0-9D49060B4897}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CF68A46A-3FAA-4DDB-BE4A-DB32CA298912}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F8292824-4696-4749-A4B7-69BC36C95EA2}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E81EA36D-EFB7-48EB-B457-A0A53DB554F8}] => C:\Program Files (x86)\Steam\steamapps\common\Steel Ocean\Binaries\win32\SeaGame.exe
FirewallRules: [{921F54FE-6A1F-45AD-8D06-DB35CB5A1FFF}] => C:\Program Files (x86)\Steam\steamapps\common\Steel Ocean\Binaries\win32\SeaGame.exe
FirewallRules: [TCP Query User{2BAF6B6C-624A-4868-AD86-24FFD20BA7AF}C:\program files (x86)\java\jre1.8.0_66\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_66\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{94F5A545-2E0A-4DDE-A337-21F38EF87165}C:\program files (x86)\java\jre1.8.0_66\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_66\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{EE9AD38B-B5BE-4B56-9C25-BE8FC251C4B8}C:\program files (x86)\thq\titan quest\titan quest.exe] => C:\program files (x86)\thq\titan quest\titan quest.exe
FirewallRules: [UDP Query User{2AC0D3FD-8EF8-4EC7-89FE-F6F371BEB75D}C:\program files (x86)\thq\titan quest\titan quest.exe] => C:\program files (x86)\thq\titan quest\titan quest.exe
FirewallRules: [TCP Query User{08D80107-9FA1-4856-AD26-9AD21E390187}C:\games\call of duty modern warfare 2\iw4m.exe] => C:\games\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{E929627C-5ACD-4838-A1BC-78B6B0728526}C:\games\call of duty modern warfare 2\iw4m.exe] => C:\games\call of duty modern warfare 2\iw4m.exe
FirewallRules: [TCP Query User{E7559FEC-E6FB-4F07-B2A0-27DCB87A134B}C:\games\call of duty modern warfare 2\iw4sp.exe] => C:\games\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [UDP Query User{73F58843-6AF4-45BB-8395-F926D481E05F}C:\games\call of duty modern warfare 2\iw4sp.exe] => C:\games\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [TCP Query User{95249CA7-76D3-4C9C-94FA-66DB311D8EE8}C:\max payne 3 cz\maxpayne3.exe] => C:\max payne 3 cz\maxpayne3.exe
FirewallRules: [UDP Query User{E35BB803-CF94-446D-8F5E-16DBA8639EF0}C:\max payne 3 cz\maxpayne3.exe] => C:\max payne 3 cz\maxpayne3.exe
FirewallRules: [TCP Query User{D5DA124E-E683-4896-9BE4-79AF244AB6AD}C:\program files (x86)\java\jre1.8.0_111\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_111\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{C1758E8B-CEC0-4C10-B435-885CB5870F50}C:\program files (x86)\java\jre1.8.0_111\launch4j-tmp\frd.exe] => C:\program files (x86)\java\jre1.8.0_111\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{E9082D8B-C948-4606-AA9C-D5B15599C049}C:\hybrid wars en\hw.exe] => C:\hybrid wars en\hw.exe
FirewallRules: [UDP Query User{B6E031A5-17A8-4ADB-9016-E8B61C5F8E1E}C:\hybrid wars en\hw.exe] => C:\hybrid wars en\hw.exe
FirewallRules: [TCP Query User{00079F02-E7EB-4E7C-9D29-AE258ADB7811}C:\program files\call of duty infinite warfare\iw7_ship.exe] => C:\program files\call of duty infinite warfare\iw7_ship.exe
FirewallRules: [UDP Query User{4DA82666-5BDD-41EC-B94A-F6E5D9073F11}C:\program files\call of duty infinite warfare\iw7_ship.exe] => C:\program files\call of duty infinite warfare\iw7_ship.exe
FirewallRules: [{639FCCB4-D0FC-42F4-9E8D-2493B8EB1754}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{614AC833-9734-4B45-94CE-DA95652ADA06}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{CE32AA29-3921-44BD-8E0D-0E57A8EDDF32}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{92B369B7-BE8E-4DC7-BA00-31AB0A76CB24}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [TCP Query User{8C888CB6-51CC-46B0-AFE9-AA330961A369}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{8D56BB3A-912E-4768-B3DD-332ADB5ACEC0}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{33436FF7-E43C-49E8-B080-DD2AABE5E21E}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{45A9F1DA-F998-459F-B35B-C0C110178244}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1CAD8226-D515-4241-B4C4-E553AB9440EB}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{239AAD96-31C4-4935-8CEF-FECBA982F8BD}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4249461C-29C4-4959-B903-C65348A8E67E}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

06-01-2017 07:40:00 Naplánovaný kontrolní bod
06-01-2017 10:40:26 JRT Pre-Junkware Removal
07-01-2017 15:05:15 zoek.exe restore point

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2017 11:15:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uoam.exe verze 8.2.0.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 13d8

Čas spuštění: 01d26929a34ea611

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Ultima Online DP2\UOAM\uoam.exe

ID hlášení: b9bca700-d526-11e6-834d-d43d7eecf40d

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (01/07/2017 09:00:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.37, časové razítko: 0x582449b8
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9d11
ID chybujícího procesu: 0xae0
Čas spuštění chybující aplikace: 0x01d2691d2e277b11
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 7d0d8f86-2995-4830-943f-aabded9524e3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 09:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZAM.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: RPCRT4.dll, verze: 10.0.14393.82, časové razítko: 0x57a55b62
Kód výjimky: 0xc0020043
Posun chyby: 0x000432d2
ID chybujícího procesu: 0x322c
Čas spuštění chybující aplikace: 0x01d2691e58d4d1d3
Cesta k chybující aplikaci: C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\RPCRT4.dll
ID zprávy: 283ec94d-4317-4721-b347-878e3c0f8632
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 07:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x582588e6
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0x250c
Čas spuštění chybující aplikace: 0x01d2691798ce7b0c
Cesta k chybující aplikaci: C:\Users\Jarda\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1840bdbd-96e8-428a-9c58-c62c3ad03f15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 07:55:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (01/07/2017 07:54:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.com, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNEL32.DLL, verze: 10.0.14393.0, časové razítko: 0x57898ef6
Kód výjimky: 0xc0000409
Posun chyby: 0x000149aa
ID chybujícího procesu: 0x22cc
Čas spuštění chybující aplikace: 0x01d269177621052f
Cesta k chybující aplikaci: C:\Users\Jarda\Desktop\zoek\zoek.com
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNEL32.DLL
ID zprávy: 681a1713-4f5f-4047-9541-d6700d6d49bc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 07:53:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uoam.exe verze 8.2.0.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2b80

Čas spuštění: 01d2691556bf8a86

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Ultima Online DP2\UOAM\uoam.exe

ID hlášení: 8f8c25fb-d50a-11e6-834c-d43d7eecf40d

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (01/07/2017 07:52:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.com, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNEL32.DLL, verze: 10.0.14393.0, časové razítko: 0x57898ef6
Kód výjimky: 0xc0000409
Posun chyby: 0x000149aa
ID chybujícího procesu: 0x31ec
Čas spuštění chybující aplikace: 0x01d269173bdd7c9a
Cesta k chybující aplikaci: C:\Users\Jarda\Desktop\zoek\zoek.com
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNEL32.DLL
ID zprávy: 1306b9f8-90b2-4fff-a7c7-b76600cc18e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 03:05:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x582588e6
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0x28e0
Čas spuštění chybující aplikace: 0x01d268ef2803cc3c
Cesta k chybující aplikaci: C:\Users\Jarda\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0972f9dd-c272-47e1-a51a-6e059145db07
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2017 03:05:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

System errors:
=============
Error: (01/07/2017 09:00:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/07/2017 08:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RapportIaso neuspěla při spuštění v důsledku následující chyby:
{Chyba aplikace}
Aplikaci (0x%lx) se nepodařilo správně spustit. Kliknutím na tlačítko OK aplikaci ukončete.

Error: (01/07/2017 08:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RapportIaso neuspěla při spuštění v důsledku následující chyby:
{Chyba aplikace}
Aplikaci (0x%lx) se nepodařilo správně spustit. Kliknutím na tlačítko OK aplikaci ukončete.

Error: (01/07/2017 08:35:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/07/2017 08:35:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (01/07/2017 08:34:32 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Chemtable Startup Checking se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/07/2017 08:34:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby seclogon bylo dosaženo časového limitu (30000 ms).

Error: (01/07/2017 08:34:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Server datového modelu dlaždic byla ukončena s následující chybou:
%%2147943515 = Probíhá vypnutí systému.

Error: (01/07/2017 08:16:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/07/2017 08:16:55 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

CodeIntegrity:
===================================
Date: 2017-01-07 18:37:43.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.364
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.355
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.342
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.338
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.317
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-06 20:20:37.250
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 31%
Total physical RAM: 8120 MB
Available physical RAM: 5560.59 MB
Total Virtual: 16312 MB
Available Virtual: 12743.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.6 GB) (Free:47.62 GB) NTFS
Drive d: () (Fixed) (Total:687.37 GB) (Free:113.1 GB) NTFS
Drive i: (20100121_2355) (CDROM) (Total:4.24 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: C8635980)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Příspěvekod **jaro3** » 09 led 2017 10:26

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {5B1AE680-8758-4631-B4A7-3264DCC71187} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {B59A2B6C-B45C-4B04-A40A-B733936BB9A4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {D73E0A4C-17D4-4A9D-97FC-52B35524AC94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
CHR HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
2016-12-16 22:55 - 2016-12-16 22:55 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd
2016-12-16 22:55 - 2016-12-16 22:55 - 00003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf
2016-12-16 21:27 - 2016-09-15 05:46 - 00003500 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70
2016-12-16 21:27 - 2016-09-15 05:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d12cb29460bcd6
C:\Program Files (x86)\NortonInstaller
C:\Users\Jarda\dht.dat
C:\Users\Jarda\resume.dat
C:\Users\Jarda\rss.dat
C:\Users\Jarda\settings.dat
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
Task: {0909B576-ECFB-44E0-BA35-C87188CE118C} - \{3FB8732E-1FFC-4C6D-989C-B185C1C453F9} -> No File <==== ATTENTION
Task: {13269713-2E00-49A7-A0EA-344FB7E90EE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1448FB9B-4115-40DC-A9E0-6B120A75E7FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2D9A506F-F8A1-4160-9A74-F6EE155121D5} - System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2DCDA659-F6E8-4212-A3C6-B5BD70EA5A0C} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {31F5C710-AFF6-46C6-8591-A8B18BD9BBB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {3749EF22-5FC2-4440-9703-4E9709EBE885} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3940DBD6-0570-4164-8649-AA9AB975F752} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3DB44A93-2DFB-4AFD-9E55-87E11506D32B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {429D2811-D49E-4E04-9BF9-FF0DB3179606} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {42EA49E5-0A7F-4789-91FD-89E7ED441A14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4F836CE2-2DF1-4988-844C-2E9B3F6A202A} - System32\Tasks\{B5DD29FC-5E38-47B2-9922-2BC092B063B7} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {883E5324-7951-48E9-9509-EE6335C63358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {8BD50D32-67C4-4CC3-AB6D-C7CE093FC860} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {907B094A-978B-4616-9167-14D35C3D7AF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {9129C3A3-44C2-4D70-90A8-60D5595F7F34} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A26D436C-4AAD-45E5-AA98-96DBA897042B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {A8B4110E-44CB-4CD2-8680-195A0DF5D0D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2B09798-90A6-4DA9-B2D3-C08271EED48B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6521AEA-548F-4C65-9DEE-334FD4C5871D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C37CAFF9-2858-4940-8EC7-22E52CFF1352} - System32\Tasks\DelayedItemsByChemtableSoftware\Google Update => C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16] (Google Inc.) <==== ATTENTION
Task: {D37EEB5D-2EAC-4B6A-AD4A-593461C939A5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D7682B18-5524-412C-B05D-9C36FD57C18B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E683F12E-D6E4-401A-8DCB-1C3BBAB2DA8A} - System32\Tasks\{AE135B0D-C28C-47DE-AF3A-0C6E5A8946C5} => pcalua.exe -a F:\setup.exe -d F:\
Task: {FB0F4098-A267-4DED-8BD8-37515B4A7A7B} - \{1F6C2DA0-6033-4C49-B47C-E82404351922} -> No File <==== ATTENTION
Task: {FCA667D8-BCC5-4CB4-8987-E15327D65260} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [270]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [394]
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
nech jen nejnovější verzi , ostatní odinstaluj.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Users\Jarda\Documents\desktop.ini
C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

jarda213 · Příspěvekod **jarda213** » 13 led 2017 20:43

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-01-2017
Ran by Jarda (13-01-2017 20:04:30) Run:2
Running from C:\Users\Jarda\Desktop
Loaded Profiles: Jarda & DefaultAppPool (Available Profiles: Jarda & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {5B1AE680-8758-4631-B4A7-3264DCC71187} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {B59A2B6C-B45C-4B04-A40A-B733936BB9A4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000 -> {D73E0A4C-17D4-4A9D-97FC-52B35524AC94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
CHR HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; no ImagePath
2016-12-16 22:55 - 2016-12-16 22:55 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd
2016-12-16 22:55 - 2016-12-16 22:55 - 00003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf
2016-12-16 21:27 - 2016-09-15 05:46 - 00003500 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70
2016-12-16 21:27 - 2016-09-15 05:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d12cb29460bcd6
C:\Program Files (x86)\NortonInstaller
C:\Users\Jarda\dht.dat
C:\Users\Jarda\resume.dat
C:\Users\Jarda\rss.dat
C:\Users\Jarda\settings.dat
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
Task: {0909B576-ECFB-44E0-BA35-C87188CE118C} - \{3FB8732E-1FFC-4C6D-989C-B185C1C453F9} -> No File <==== ATTENTION
Task: {13269713-2E00-49A7-A0EA-344FB7E90EE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1448FB9B-4115-40DC-A9E0-6B120A75E7FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2D9A506F-F8A1-4160-9A74-F6EE155121D5} - System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2DCDA659-F6E8-4212-A3C6-B5BD70EA5A0C} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {31F5C710-AFF6-46C6-8591-A8B18BD9BBB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {3749EF22-5FC2-4440-9703-4E9709EBE885} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3940DBD6-0570-4164-8649-AA9AB975F752} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3DB44A93-2DFB-4AFD-9E55-87E11506D32B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {429D2811-D49E-4E04-9BF9-FF0DB3179606} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {42EA49E5-0A7F-4789-91FD-89E7ED441A14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4F836CE2-2DF1-4988-844C-2E9B3F6A202A} - System32\Tasks\{B5DD29FC-5E38-47B2-9922-2BC092B063B7} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {883E5324-7951-48E9-9509-EE6335C63358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {8BD50D32-67C4-4CC3-AB6D-C7CE093FC860} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {907B094A-978B-4616-9167-14D35C3D7AF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {9129C3A3-44C2-4D70-90A8-60D5595F7F34} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A26D436C-4AAD-45E5-AA98-96DBA897042B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {A8B4110E-44CB-4CD2-8680-195A0DF5D0D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2B09798-90A6-4DA9-B2D3-C08271EED48B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6521AEA-548F-4C65-9DEE-334FD4C5871D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C37CAFF9-2858-4940-8EC7-22E52CFF1352} - System32\Tasks\DelayedItemsByChemtableSoftware\Google Update => C:\Users\Jarda\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16] (Google Inc.) <==== ATTENTION
Task: {D37EEB5D-2EAC-4B6A-AD4A-593461C939A5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D7682B18-5524-412C-B05D-9C36FD57C18B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E683F12E-D6E4-401A-8DCB-1C3BBAB2DA8A} - System32\Tasks\{AE135B0D-C28C-47DE-AF3A-0C6E5A8946C5} => pcalua.exe -a F:\setup.exe -d F:\
Task: {FB0F4098-A267-4DED-8BD8-37515B4A7A7B} - \{1F6C2DA0-6033-4C49-B47C-E82404351922} -> No File <==== ATTENTION
Task: {FCA667D8-BCC5-4CB4-8987-E15327D65260} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA.job => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [270]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [394]
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5B1AE680-8758-4631-B4A7-3264DCC71187} => key not found.
HKCR\CLSID\{5B1AE680-8758-4631-B4A7-3264DCC71187} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B59A2B6C-B45C-4B04-A40A-B733936BB9A4} => key not found.
HKCR\CLSID\{B59A2B6C-B45C-4B04-A40A-B733936BB9A4} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} => key not found.
HKCR\CLSID\{BCB013E7-90E6-4230-9DA9-FCA69CCC97FC} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D73E0A4C-17D4-4A9D-97FC-52B35524AC94} => key not found.
HKCR\CLSID\{D73E0A4C-17D4-4A9D-97FC-52B35524AC94} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000\SOFTWARE\Google\Chrome\Extensions\bbjllphbppobebmjpjcijfbakobcheof => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key not found.
idsvc => service not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d12cb29460bcd6" => not found.
"C:\Program Files (x86)\NortonInstaller" => not found.
"C:\Users\Jarda\dht.dat" => not found.
"C:\Users\Jarda\resume.dat" => not found.
"C:\Users\Jarda\rss.dat" => not found.
"C:\Users\Jarda\settings.dat" => not found.
"C:\Windows\logo1_.exe" => not found.
"C:\Windows\logo_1.exe" => not found.
"C:\Windows\RUNDL132.EXE" => not found.
"C:\Windows\rundll16.exe" => not found.
"C:\Windows\VDLL.DLL" => not found.
"C:\Windows\SysWOW64\runouce.exe" => not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key not found.
HKU\S-1-5-21-3592017923-1309911898-1257044881-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0909B576-ECFB-44E0-BA35-C87188CE118C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3FB8732E-1FFC-4C6D-989C-B185C1C453F9} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13269713-2E00-49A7-A0EA-344FB7E90EE3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1448FB9B-4115-40DC-A9E0-6B120A75E7FB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D9A506F-F8A1-4160-9A74-F6EE155121D5} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12cb2950e3d70 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d12cb2950e3d70 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DCDA659-F6E8-4212-A3C6-B5BD70EA5A0C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Windows 10 Start Menu helper => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31F5C710-AFF6-46C6-8591-A8B18BD9BBB2} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core1d257e71819bacf => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3749EF22-5FC2-4440-9703-4E9709EBE885} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3940DBD6-0570-4164-8649-AA9AB975F752} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB44A93-2DFB-4AFD-9E55-87E11506D32B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{429D2811-D49E-4E04-9BF9-FF0DB3179606} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42EA49E5-0A7F-4789-91FD-89E7ED441A14} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F836CE2-2DF1-4988-844C-2E9B3F6A202A} => key not found.
C:\WINDOWS\System32\Tasks\{B5DD29FC-5E38-47B2-9922-2BC092B063B7} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B5DD29FC-5E38-47B2-9922-2BC092B063B7} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{883E5324-7951-48E9-9509-EE6335C63358} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD50D32-67C4-4CC3-AB6D-C7CE093FC860} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907B094A-978B-4616-9167-14D35C3D7AF9} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA1d257e7182871bd => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9129C3A3-44C2-4D70-90A8-60D5595F7F34} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A26D436C-4AAD-45E5-AA98-96DBA897042B} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8B4110E-44CB-4CD2-8680-195A0DF5D0D2} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2B09798-90A6-4DA9-B2D3-C08271EED48B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6521AEA-548F-4C65-9DEE-334FD4C5871D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C37CAFF9-2858-4940-8EC7-22E52CFF1352} => key not found.
C:\WINDOWS\System32\Tasks\DelayedItemsByChemtableSoftware\Google Update => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DelayedItemsByChemtableSoftware\Google Update => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D37EEB5D-2EAC-4B6A-AD4A-593461C939A5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7682B18-5524-412C-B05D-9C36FD57C18B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E683F12E-D6E4-401A-8DCB-1C3BBAB2DA8A} => key not found.
C:\WINDOWS\System32\Tasks\{AE135B0D-C28C-47DE-AF3A-0C6E5A8946C5} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AE135B0D-C28C-47DE-AF3A-0C6E5A8946C5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB0F4098-A267-4DED-8BD8-37515B4A7A7B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1F6C2DA0-6033-4C49-B47C-E82404351922} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCA667D8-BCC5-4CB4-8987-E15327D65260} => key not found.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core => key not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000Core.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592017923-1309911898-1257044881-1000UA.job => not found.
"C:\ProgramData\TEMP" => ":B755D674" ADS not found.
"C:\ProgramData\TEMP" => ":D78D6FF7" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67783727 B
Java, Flash, Steam htmlcache => 139946 B
Windows/system/drivers => 160264035 B
Edge => 1176963 B
Chrome => 0 B
Firefox => 371438826 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4108 B
NetworkService => 19552 B
Jarda => 22667861 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 594.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:05:08 ====

https://www.virustotal.com/cs/file/cafe ... 484335454/

https://www.virustotal.com/cs/file/768b ... 484335653/

https://www.virustotal.com/cs/file/8e00 ... 484335716/

Jen podotknu, že na FB je problém v tom, že jak roluju níž, po chvíli mi už skoro nejde rolovat. Seká se to, jako by to načítalo a načítalo a načítalo .... Nedej bůh, abych si chtěl přečíst něco z komentářů, které se musí rozkliknout. Sekne se to, musím shodit Mozillu a najet znovu na FB. Jinde ten problém nemám. Jo a k virustotal bylo: Klikni vpravo od okénka na Vybrat a v Exploreru najdi ... tak jsem to dělal na Exploreru a pomalu jsem se tam nedostal. Sekal se, musel jsem ho sodit, znovu sem na odkaz a asi třikrát, než se to rozchodilo. Ale to je možná tím, že Explorer vůbec nepoužívám.

Příspěvekod **jaro3** » 14 led 2017 09:43

Zadal si to téma do sekce BSOD?

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Re: Také prosím o kontrolu.

Kdo je online