Prosím o kontrolu logu Vyřešeno

[stafflik]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:18:43, on 12.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)

FIREFOX: 45.0.1 (x86 cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\stafflici\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Users\stafflici\Desktop\HijackThis.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x86__kzf8qxf38zg5c\SkypeHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\stafflici\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - C:\Program Files\Allway Sync\Bin\SyncService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @oem10.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 5358 bytes

[Reklama]

[stafflik]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2016
Ran by stafflici (administrator) on STAFFLICI-PC (12-11-2016 09:22:35)
Running from C:\Users\stafflici\Desktop
Loaded Profiles: stafflici (Available Profiles: stafflici & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Allway Sync\Bin\SyncService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [695456 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3365552 2000-01-01] (VIA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6889176 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2529728 2016-09-30] (NETGATE Technologies s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{68161319-427c-418e-998d-78a19ee70759}: [DhcpNameServer] 10.132.12.33 10.132.12.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-998340819-2083362510-1422415354-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)

FireFox:
========
FF ProfilePath: C:\Users\stafflici\AppData\Roaming\Mozilla\Firefox\Profiles\ua10fuh9.default-1469945597263 [2016-11-12]
FF NewTab: Mozilla\Firefox\Profiles\ua10fuh9.default-1469945597263 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\ua10fuh9.default-1469945597263 -> about:home
FF Extension: (Firefox Hotfix) - C:\Users\stafflici\AppData\Roaming\Mozilla\Firefox\Profiles\ua10fuh9.default-1469945597263\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [182784 2015-08-21] () [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1081688 2015-11-18] (Disc Soft Ltd)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [308024 2015-03-20] (NETGATE Technologies s.r.o.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [35088 2015-07-28] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [187072 2015-04-03] (AppEx Networks Corporation)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [89440 2015-08-23] (ASUS Corporation)
R3 BTATH_BUS; C:\WINDOWS\System32\drivers\btath_bus.sys [25248 2012-01-19] (Atheros)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2015-11-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [39992 2015-11-21] (Disc Soft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch.sys [25824 2015-11-21] (ASUS)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 netr28; C:\WINDOWS\system32\DRIVERS\netr28.sys [1527456 2015-06-12] (MediaTek Inc.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [944768 2015-06-03] (Ralink Technology, Corp.)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [566448 2000-01-01] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 09:22 - 2016-11-12 09:23 - 00008367 _____ C:\Users\stafflici\Desktop\FRST.txt
2016-11-12 09:22 - 2016-11-12 09:22 - 00000000 ____D C:\FRST
2016-11-12 09:21 - 2016-11-12 09:21 - 01759744 _____ (Farbar) C:\Users\stafflici\Desktop\FRST.exe
2016-11-12 09:16 - 2016-11-12 09:16 - 00000000 ___HD C:\OneDriveTemp
2016-11-12 09:12 - 2016-11-12 08:31 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-11-12 08:31 - 2016-11-12 09:07 - 00000000 ____D C:\zoek_backup
2016-11-12 08:31 - 2016-11-12 08:31 - 01309184 _____ C:\Users\stafflici\Desktop\zoek.exe
2016-11-12 07:00 - 2016-11-12 07:01 - 21215304 _____ C:\Users\stafflici\Desktop\RogueKiller.exe
2016-11-11 14:44 - 2016-11-11 14:44 - 00004106 _____ C:\Users\stafflici\Desktop\Rogue.txt
2016-11-11 12:38 - 2016-11-12 07:02 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-11 12:37 - 2016-11-11 14:45 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-11 07:03 - 2016-11-11 07:03 - 00001054 _____ C:\Users\stafflici\Desktop\protection-log-2016-11-11.xml
2016-11-11 06:31 - 2016-11-11 06:31 - 00000614 _____ C:\Users\stafflici\Desktop\JRT.txt
2016-11-11 06:17 - 2016-11-11 06:17 - 01631928 _____ (Malwarebytes) C:\Users\stafflici\Desktop\JRT.exe
2016-11-11 06:12 - 2016-11-11 06:12 - 00001260 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-11-11 06:12 - 2016-11-11 06:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-11-10 21:25 - 2016-11-10 21:25 - 00000000 ____D C:\Users\stafflici\AppData\Local\CEF
2016-11-10 21:24 - 2016-11-10 21:25 - 00000000 ____D C:\Users\stafflici\AppData\Local\Adobe
2016-11-10 18:22 - 2016-11-10 18:22 - 03910208 _____ C:\Users\stafflici\Desktop\AdwCleaner.exe
2016-11-10 18:15 - 2016-11-10 18:15 - 00448512 _____ (OldTimer Tools) C:\Users\stafflici\Desktop\TFC.exe
2016-11-10 16:46 - 2016-11-10 16:46 - 00159780 _____ C:\Users\stafflici\Desktop\cc_20161110_164628.reg
2016-11-10 16:22 - 2016-11-10 16:22 - 00388608 _____ (Trend Micro Inc.) C:\Users\stafflici\Desktop\HijackThis.exe
2016-11-10 08:02 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-10 08:02 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-10 08:02 - 2016-11-02 12:22 - 06020448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-10 08:02 - 2016-11-02 12:21 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-11-10 08:02 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-10 08:02 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-10 08:02 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-10 08:02 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-10 08:02 - 2016-11-02 12:05 - 00313088 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-11-10 08:02 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-10 08:02 - 2016-11-02 12:01 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-10 08:02 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-10 08:02 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-10 08:02 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-10 08:02 - 2016-11-02 11:51 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 08:02 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-10 08:02 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-10 08:02 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-10 08:02 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-10 08:02 - 2016-11-02 11:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-10 08:02 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-10 08:02 - 2016-11-02 11:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-10 08:02 - 2016-11-02 11:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-10 08:02 - 2016-11-02 11:44 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-10 08:02 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8.dll
2016-11-10 08:02 - 2016-11-02 11:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-10 08:02 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-10 08:02 - 2016-11-02 11:42 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-10 08:02 - 2016-11-02 11:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-10 08:02 - 2016-11-02 11:41 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-10 08:02 - 2016-11-02 11:40 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-10 08:02 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-10 08:02 - 2016-11-02 11:38 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-10 08:02 - 2016-11-02 11:38 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-10 08:02 - 2016-11-02 11:37 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-11-10 08:02 - 2016-11-02 11:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-10 08:02 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-10 08:02 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-10 08:02 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-10 08:02 - 2016-11-02 11:33 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-10 08:02 - 2016-11-02 11:32 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-10 08:02 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-10 08:02 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-10 08:02 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-11-10 08:02 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-10 08:02 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-10 08:02 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-10 08:02 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-10 08:02 - 2016-11-02 11:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-10 08:02 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-10 08:02 - 2016-11-02 11:28 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-10 08:02 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-10 08:02 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-10 08:02 - 2016-11-02 11:26 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-10 08:02 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-10 08:02 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-10 08:02 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-10 08:02 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-10 08:02 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-10 08:02 - 2016-10-28 04:11 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-10 08:01 - 2016-11-02 12:24 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-10 08:01 - 2016-11-02 12:24 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-10 08:01 - 2016-11-02 12:23 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-10 08:01 - 2016-11-02 12:21 - 00276320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-10 08:01 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-10 08:01 - 2016-11-02 12:09 - 00544088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-10 08:01 - 2016-11-02 12:06 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-10 08:01 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-10 08:01 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-10 08:01 - 2016-11-02 12:00 - 00042336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-10 08:01 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-10 08:01 - 2016-11-02 11:45 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-10 08:01 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-10 08:01 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-10 08:01 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-10 08:01 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-10 08:01 - 2016-11-02 11:42 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-10 08:01 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-10 08:01 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-10 08:01 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-10 08:01 - 2016-11-02 11:26 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-10 08:01 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-10 08:00 - 2016-11-02 12:23 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-10 08:00 - 2016-11-02 12:22 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-10 08:00 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-10 08:00 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-10 08:00 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-10 08:00 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-10 08:00 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-10 08:00 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-10 08:00 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-10 08:00 - 2016-11-02 11:42 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-10 08:00 - 2016-11-02 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2016-11-10 08:00 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-10 08:00 - 2016-11-02 11:40 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-10 08:00 - 2016-11-02 11:40 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-10 08:00 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-10 08:00 - 2016-11-02 11:39 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-10 08:00 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 08:00 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-10 08:00 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-10 08:00 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-10 08:00 - 2016-11-02 11:36 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-10 08:00 - 2016-11-02 11:32 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-10 08:00 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-10 08:00 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-10 08:00 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-10 08:00 - 2016-11-02 11:27 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-10 08:00 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-10 08:00 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-10 08:00 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-10 08:00 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-10 08:00 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 08:00 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-10 08:00 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-10 08:00 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 07:59 - 2016-11-02 12:21 - 01957216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-10 07:59 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-10 07:59 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-10 07:59 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-10 07:59 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2016-11-10 07:59 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-10 07:59 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-10 07:59 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-10 07:59 - 2016-11-02 11:46 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-10 07:59 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-10 07:59 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-10 07:59 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-10 07:59 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthExt.dll
2016-11-10 07:59 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-10 07:59 - 2016-11-02 11:42 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-10 07:59 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-11-10 07:59 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-10 07:59 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-10 07:59 - 2016-11-02 11:26 - 03595776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-10 07:59 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-10 07:59 - 2016-11-02 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-10 07:59 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-11-09 12:29 - 2016-11-10 07:35 - 00000000 ____D C:\Users\stafflici\AppData\Roaming\Spy Emergency
2016-11-09 12:29 - 2016-11-09 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
2016-11-09 12:29 - 2016-11-09 12:29 - 00000000 ____D C:\ProgramData\NETGATE
2016-11-09 12:29 - 2016-11-09 12:29 - 00000000 ____D C:\Program Files\NETGATE
2016-11-09 12:29 - 2015-03-09 12:26 - 00018872 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-11-09 12:29 - 2011-04-21 11:31 - 00020056 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_access.sys
2016-11-09 12:29 - 2011-04-21 11:31 - 00014168 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-11-09 12:23 - 2016-11-09 12:23 - 00001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-09 12:23 - 2016-11-09 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-09 12:22 - 2016-11-09 12:23 - 00000000 ____D C:\Program Files\CCleaner
2016-11-09 06:32 - 2016-11-09 06:32 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-29 19:23 - 2016-10-29 19:23 - 00142106 _____ C:\Users\stafflici\Desktop\MAP senzor.pdf
2016-10-28 12:40 - 2016-10-15 05:36 - 04970224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 12:40 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 12:40 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 12:40 - 2016-10-15 05:18 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 12:40 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 12:40 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 12:40 - 2016-10-15 05:14 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 12:40 - 2016-10-15 05:14 - 00802600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 12:40 - 2016-10-15 05:14 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 12:40 - 2016-10-15 05:11 - 01345504 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 12:40 - 2016-10-15 05:10 - 01968992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 12:40 - 2016-10-15 05:10 - 00482656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 12:40 - 2016-10-15 05:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 12:40 - 2016-10-15 04:58 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 12:40 - 2016-10-15 04:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 12:40 - 2016-10-15 04:55 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 12:40 - 2016-10-15 04:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 12:40 - 2016-10-15 04:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 12:40 - 2016-10-15 04:53 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 12:40 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 12:40 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2016-10-28 12:40 - 2016-10-15 04:51 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 12:40 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 12:40 - 2016-10-15 04:50 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 12:40 - 2016-10-15 04:50 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 12:40 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 12:40 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 12:40 - 2016-10-15 04:49 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 12:40 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 12:40 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 12:40 - 2016-10-15 04:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 12:40 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 12:40 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 12:40 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 12:40 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 12:40 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 12:40 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 12:40 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 12:40 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 12:40 - 2016-10-15 04:37 - 01485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 12:40 - 2016-10-15 04:37 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 12:40 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 12:40 - 2016-10-15 04:36 - 00528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 12:40 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 12:39 - 2016-10-15 06:11 - 01415520 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 12:39 - 2016-10-15 06:11 - 00486752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 12:39 - 2016-10-15 06:11 - 00224608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 12:39 - 2016-10-15 06:11 - 00115552 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 12:39 - 2016-10-15 06:11 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 12:39 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 12:39 - 2016-10-15 05:26 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 12:39 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 12:39 - 2016-10-15 05:20 - 01898336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 12:39 - 2016-10-15 05:20 - 00550752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 12:39 - 2016-10-15 05:20 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 12:39 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 12:39 - 2016-10-15 05:18 - 00067424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 12:39 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 12:39 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 12:39 - 2016-10-15 05:10 - 00781664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 12:39 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 12:39 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 12:39 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 12:39 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 12:39 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 12:39 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 12:39 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 12:39 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 12:39 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 12:39 - 2016-10-15 04:56 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 12:39 - 2016-10-15 04:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 12:39 - 2016-10-15 04:55 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 12:39 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 12:39 - 2016-10-15 04:55 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 12:39 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 12:39 - 2016-10-15 04:54 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 12:39 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 12:39 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 12:39 - 2016-10-15 04:54 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 12:39 - 2016-10-15 04:52 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 12:39 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 12:39 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 12:39 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 12:39 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 12:39 - 2016-10-15 04:48 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 12:39 - 2016-10-15 04:48 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 12:39 - 2016-10-15 04:48 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 12:39 - 2016-10-15 04:47 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 12:39 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 12:39 - 2016-10-15 04:43 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 12:39 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 12:39 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 12:39 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 12:39 - 2016-10-15 04:41 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 12:39 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 12:39 - 2016-10-15 04:40 - 01135616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 12:39 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 12:39 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 12:39 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 12:39 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 12:39 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 12:39 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 12:39 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 12:39 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 12:39 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 12:39 - 2016-10-15 04:37 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 12:39 - 2016-10-15 04:36 - 01523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 12:39 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 12:39 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 12:39 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 12:39 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 12:39 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 12:38 - 2016-10-15 06:11 - 01026400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 12:38 - 2016-10-15 06:11 - 00496992 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 12:38 - 2016-10-15 06:11 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 12:38 - 2016-10-15 06:11 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 12:38 - 2016-10-15 05:40 - 01126496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 12:38 - 2016-10-15 05:27 - 00421216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 12:38 - 2016-10-15 05:18 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 12:38 - 2016-10-15 05:18 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 12:38 - 2016-10-15 04:59 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 12:38 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 12:38 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 12:38 - 2016-10-15 04:55 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 12:38 - 2016-10-15 04:54 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 12:38 - 2016-10-15 04:51 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-28 12:38 - 2016-10-15 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 12:38 - 2016-10-15 04:43 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 12:38 - 2016-10-15 04:33 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-26 16:11 - 2016-10-26 16:11 - 00004608 _____ C:\Users\stafflici\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-23 10:34 - 2016-10-23 10:34 - 02605894 _____ C:\Users\stafflici\Videos\Obrázky\Africký song.mp4
2016-10-13 20:03 - 2016-10-13 20:03 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-10-13 17:06 - 2016-10-13 17:05 - 00000030 _____ C:\AVScanner.ini
2016-10-13 17:05 - 2016-10-13 17:05 - 00000000 ____D C:\ProgramData\McAfee

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 09:18 - 2015-11-18 20:57 - 00000000 ____D C:\Users\stafflici\AppData\Local\VirtualStore
2016-11-12 09:16 - 2015-11-21 12:43 - 00000000 ___RD C:\Users\stafflici\OneDrive
2016-11-12 09:14 - 2016-09-22 06:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-12 09:13 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-12 09:07 - 2009-07-14 03:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-11-11 21:48 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2016-11-11 21:35 - 2016-09-22 05:58 - 00000000 ____D C:\Users\stafflici
2016-11-11 21:27 - 2016-09-22 05:57 - 02055874 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-11 21:27 - 2016-07-16 18:01 - 00725462 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-11 21:27 - 2016-07-16 18:01 - 00175890 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-11 21:10 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-11 21:10 - 2015-09-10 05:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-11 21:06 - 2016-09-22 05:49 - 00992160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 21:03 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-11 20:58 - 2016-09-22 05:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-11 12:27 - 2016-09-22 06:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-11-11 12:17 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-11 08:46 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-11 08:42 - 2015-11-19 10:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-11 08:34 - 2015-11-19 10:37 - 138444440 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-11 08:25 - 2015-11-26 21:14 - 00000000 ____D C:\Program Files\TeamViewer
2016-11-11 06:43 - 2016-01-08 18:24 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-11 06:22 - 2016-01-06 18:27 - 00000000 ____D C:\AdwCleaner
2016-11-11 06:12 - 2016-01-17 19:48 - 00000000 ____D C:\Program Files\VS Revo Group
2016-11-10 18:10 - 2015-12-27 04:32 - 00000000 ____D C:\Users\stafflici\AppData\Local\Comms
2016-11-10 16:23 - 2016-06-21 08:35 - 00000000 ____D C:\Users\stafflici\Desktop\cheers
2016-11-10 16:13 - 2015-11-26 21:14 - 00000000 ____D C:\Users\stafflici\AppData\Roaming\TeamViewer
2016-11-09 19:17 - 2016-07-16 03:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-09 12:26 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-09 12:26 - 2016-06-05 20:46 - 00000000 ____D C:\Program Files\PDFCreator
2016-11-09 12:26 - 2015-11-21 18:36 - 00000000 ____D C:\Users\stafflici\AppData\Roaming\DAEMON Tools Lite
2016-11-09 06:32 - 2016-01-08 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-09 06:32 - 2016-01-08 18:23 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-11-09 06:07 - 2016-09-01 21:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-09 06:06 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\schemas
2016-11-09 01:30 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-08 18:58 - 2015-11-22 15:00 - 00000000 ____D C:\Users\stafflici\AppData\Local\Microsoft Help
2016-11-04 17:51 - 2016-01-29 10:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 18:44 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2016-10-31 17:51 - 2016-09-20 07:40 - 00018367 _____ C:\Users\stafflici\Desktop\dochazkovy-list-v-2.xlsx
2016-10-30 18:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-30 18:29 - 2016-07-16 09:30 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-29 00:56 - 2016-07-16 09:31 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 09:31 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-10-28 10:47 - 2015-11-19 10:27 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-13 20:49 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-13 20:49 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer

==================== Files in the root of some directories =======

2016-10-26 16:11 - 2016-10-26 16:11 - 0004608 _____ () C:\Users\stafflici\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-07 12:03

==================== End of FRST.txt ============================

[stafflik]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by stafflici (12-11-2016 09:25:08)
Running from C:\Users\stafflici\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-09-22 05:36:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-998340819-2083362510-1422415354-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-998340819-2083362510-1422415354-503 - Limited - Disabled)
Guest (S-1-5-21-998340819-2083362510-1422415354-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-998340819-2083362510-1422415354-1003 - Limited - Enabled)
stafflici (S-1-5-21-998340819-2083362510-1422415354-1000 - Administrator - Enabled) => C:\Users\stafflici

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Allway Sync version 15.2.1 (HKLM\...\Allway Sync_is1) (Version: - Botkind Inc)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.4.0.120 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Corel Applications (HKLM\...\Corel Applications) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (Version: 17.0 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Farming Simulator 15 (HKLM\...\FarmingSimulator2015CZ_is1) (Version: 1.4.1.0 - GIANTS Software)
GenoPro 3.0.0.7 (HKLM\...\GenoPro) (Version: - GenoPro Inc.)
HappyFoto-FOTO (HKLM\...\{E5C63B28-5C3E-46E2-AF51-0CA7FA36EFB5}) (Version: 3.0.0 - HappyFoto GmbH)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.8.1000 - Maxthon International Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 45.0.1 (x86 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Platform (Version: 1.43 - VIA Technologies, Inc.) Hidden
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998340819-2083362510-1422415354-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
CustomCLSID: HKU\S-1-5-21-998340819-2083362510-1422415354-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {046FB7DE-E59C-4CD8-8A14-657CE3497F94} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {077847CC-908D-4296-A0F2-A70D2359206B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {09D11996-472C-47BF-B150-8E3872A2FC3A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0A9F9FA6-A15B-4A27-BD36-88954F804228} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {0E97ABEC-4852-4EEE-B0AE-D08C3803E573} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12FDFDEA-5766-476D-BB17-4B82A76F1D65} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {179E2929-E01A-4CAF-98EA-D3C8B13BD733} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {2046BCE4-5E17-434F-B54D-45610DE53046} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B1EC484-F4B5-4702-B09A-919D423B84BA} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\Maxthon.exe [2016-02-24] (Maxthon International ltd.)
Task: {35437F07-79B9-460D-8F97-390A60F7A736} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36CA677E-74F3-4DA6-8E4D-230BBEA5AFFC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3A27CA78-0000-4F5C-8887-1E396244E1D3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B725E86-8C23-423B-BB89-7778139A6A44} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E44E502-2AF7-4707-9FDF-AC0AA39FEDC4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {4413DE8E-4C83-4909-BA36-BF813D0266B1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {498FE1F7-D964-4BDC-866F-50625EF70613} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {4C786A94-54DE-4DCC-AA56-5A0800DD401E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4E247891-6290-46AE-81A4-A67E3EF19835} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57FD211F-DD5F-4517-B98B-2B9DA0AF5B82} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6B8626A8-4BC5-489A-B9FD-B486E5B927E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {73DE8D9D-4E1C-416D-8A9B-964A5607F357} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7917F29A-12A3-42BD-9A0B-B34CDF5C4F96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {7BD87B37-BBA3-4F5F-83AF-721E43D87070} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C947EE3-A27B-46B0-907A-CDA5840443F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8E382D26-613F-4919-B411-625875F58F64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {93AC4230-4E18-4E17-8D10-059D153770D2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F25897A-DC9C-43EE-9FD3-AFEA12A6C0BB} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {9FCC7D95-8B54-433D-B456-04E7C1A62EFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A03D879B-AE84-4377-BF66-B6AD5274D64B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB1C3E6C-2F76-4D2D-911B-C79EC0AA7369} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C692D900-4D73-44F5-B160-A6884BDB50A0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C840661A-E25B-4A22-BED1-0A19D2B65FEC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C844E743-8DB7-429A-8C8E-2493EFFEA652} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8D9CF85-0DD4-4689-B15B-2D27264E4A00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D26EC188-57B0-4744-A10B-849495E9ABC0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D78E5E24-109C-4854-A9AB-0636FE05823D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1F05137-B0AB-44D6-B177-2DE0C55E8AD0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E4DB8845-C3BE-4A77-874A-2F98DB2A9847} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-11] (Microsoft Corporation)
Task: {E99A1004-7D43-465B-B272-44D0441F2976} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDB2D596-60A6-41A4-98B9-3AB64EE4E7EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {F17354C8-59C8-48E2-ABB9-1462A4472615} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F616FE2B-4E24-4357-AD8D-BAA4F3C50315} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F71E886B-B679-46FB-AAC5-EEF81EED83C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F9BEF21B-593A-4205-92EF-7F34E01F50D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 10:06 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-21 22:08 - 2015-08-21 22:08 - 00114688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-11-28 15:04 - 2015-08-21 12:43 - 00182784 _____ () C:\Program Files\Allway Sync\Bin\SyncService.exe
2016-09-30 10:06 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-22 06:47 - 2016-09-22 06:47 - 01383616 _____ () C:\Users\stafflici\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-10 07:59 - 2016-11-02 11:46 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-10 08:01 - 2016-11-02 11:31 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 08:01 - 2016-11-02 11:24 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-22 06:38 - 2016-09-22 06:38 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 08:01 - 2016-11-02 11:24 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 08:01 - 2016-11-02 11:26 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-07 21:53 - 2000-01-01 01:00 - 00080504 _____ () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2015-12-07 21:53 - 2000-01-01 01:00 - 00113272 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2016-09-22 06:48 - 2016-09-22 06:48 - 00118976 _____ () C:\Users\stafflici\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2015-11-20 16:34 - 2014-09-12 11:06 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll
2015-11-20 16:34 - 2014-09-12 11:06 - 00247096 _____ () C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll
2015-11-20 16:34 - 2014-09-12 11:06 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll
2015-11-20 16:34 - 2015-04-17 03:14 - 00887064 _____ () C:\Program Files\Maxthon\Core\Webkit\libglesv2.dll
2015-11-20 16:34 - 2015-04-17 03:14 - 00109336 _____ () C:\Program Files\Maxthon\Core\Webkit\libegl.dll
2015-11-20 16:34 - 2015-04-17 03:14 - 04055504 _____ () C:\Program Files\Maxthon\Core\Webkit\pdf.dll
2016-11-09 01:30 - 2016-11-09 01:30 - 19640512 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
2015-11-20 16:34 - 2015-04-17 03:14 - 02128152 _____ () C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll
2016-11-05 08:36 - 2016-11-05 08:39 - 00062464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2016-11-05 08:36 - 2016-11-05 08:39 - 00151552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-05 08:36 - 2016-11-05 08:39 - 29914112 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x86__kzf8qxf38zg5c\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-998340819-2083362510-1422415354-1000\...\zpskoda.cz -> hxxps://portal.zpskoda.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2016-11-12 08:38 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-998340819-2083362510-1422415354-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.132.12.33 - 10.132.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{F8EA7D9F-7862-416E-BCB2-365D76EA53EF}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
FirewallRules: [{B39229A9-337A-4278-8AB8-F66BA388E6DB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
FirewallRules: [{132B0734-DAD1-4836-8495-02C6D4E88406}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A13F0DE5-7020-47FC-B96C-4446C6166164}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{16E48248-8D2E-49FB-855A-38A5DEC6E215}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8B23FEED-9735-4F63-9CD2-BBD4AE641609}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{40FA5BE6-C3E3-46CC-8DB6-6D4119D508FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{F7001091-337F-489E-8F40-A8B45CF40983}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{DF393693-2C50-4FCC-995B-721CC12ACC1C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F893C4AB-AA4F-4D93-AB46-82CCBCDF14A6}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C018BA1F-3A38-4001-A893-4289578658A1}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{E9AB0615-5D2B-4C8C-B745-04211E0C5286}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{6CC0C1BB-B7E2-41B6-86EE-C577085742AB}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{0C24EBA2-2587-485A-9876-1286DE489E76}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{0A456755-196E-4BB0-91AD-7CC2DF160185}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C6248D2E-D5BA-4B0D-8065-EDF67454F192}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{937307A3-737C-42FF-A0AD-3F1694B70D00}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{8662F3AA-38BE-4C8D-8EDA-B63A96FB41F9}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{594CE7D9-5662-4B90-8659-B39CBF132DE4}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F8E18BCB-9FEB-4CF3-B44A-A0ABACDA5197}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{CF8A4584-571B-4158-81E3-1BA79CEB2C39}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{779B831B-8E70-4955-A2FC-392515B603FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4226E6E2-074C-4974-B47C-063B8B71BAA7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2016 08:37:36 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (11/12/2016 08:36:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/11/2016 08:41:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/11/2016 06:21:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\ati technologies\ati.ace\core-static\SLSTaskbar64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2016 06:21:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\amd\ati.ace\core-static\SLSTaskbar64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2016 06:16:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\ati technologies\ati.ace\core-static\SLSTaskbar64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2016 06:15:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\amd\ati.ace\core-static\SLSTaskbar64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2016 06:30:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner (3480) testing: Při otevírání souboru protokolu C:\Users\stafflici\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (11/10/2016 06:30:32 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner (3480) testing: Pokus o otevření souboru C:\Users\stafflici\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/10/2016 06:19:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SpyEmergency.exe verze 23.0.105.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1b4

Čas spuštění: 01d23ab5104f62aa

Čas ukončení: 403

Cesta k aplikaci: C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe

ID hlášení: 22d559c9-a705-11e6-a0c2-3085a92d75f8

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (11/12/2016 09:16:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/12/2016 09:14:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (11/12/2016 09:14:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba APXACC neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (11/12/2016 09:14:48 AM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (11/12/2016 09:07:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/12/2016 09:07:37 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/12/2016 09:07:37 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/12/2016 09:07:36 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/12/2016 09:07:36 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/12/2016 06:33:07 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


CodeIntegrity:
===================================
Date: 2016-11-11 21:49:02.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-10 19:18:24.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-09 19:13:22.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-09 06:53:46.806
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-06 10:12:07.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-31 06:30:09.607
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-23 16:27:41.763
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-14 19:33:15.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-13 18:30:28.149
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-02 08:15:20.997
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 70%
Total physical RAM: 1625.12 MB
Available physical RAM: 471.88 MB
Total Virtual: 3481.12 MB
Available Virtual: 2014.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:59.77 GB) NTFS
Drive d: () (Fixed) (Total:200.43 GB) (Free:161.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 298.1 GB) (Disk ID: 020FAA36)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Odinstaluj:
SpyEmergency
McAfee
použij tento program:
Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
dal šek na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.


A nainstaluj free antivir
Avast , Avira , Comodo nebo AVG


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\S-1-5-21-998340819-2083362510-1422415354-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Task: {077847CC-908D-4296-A0F2-A70D2359206B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {09D11996-472C-47BF-B150-8E3872A2FC3A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {498FE1F7-D964-4BDC-866F-50625EF70613} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {57FD211F-DD5F-4517-B98B-2B9DA0AF5B82} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6B8626A8-4BC5-489A-B9FD-B486E5B927E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8E382D26-613F-4919-B411-625875F58F64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9F25897A-DC9C-43EE-9FD3-AFEA12A6C0BB} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {9FCC7D95-8B54-433D-B456-04E7C1A62EFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D78E5E24-109C-4854-A9AB-0636FE05823D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1F05137-B0AB-44D6-B177-2DE0C55E8AD0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F17354C8-59C8-48E2-ABB9-1462A4472615} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F616FE2B-4E24-4357-AD8D-BAA4F3C50315} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F71E886B-B679-46FB-AAC5-EEF81EED83C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[stafflik]

Revo mi v seznamu nenabízí ani SpyEmergency, ani McAffe. Tudíž nejde odinstalovat.

[jaro3]

Musíš dávat hledat..

[stafflik]

I to jsem zkoušel. není to tam. Nechápu...

[stafflik]

Fixlog:
Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by stafflici (12-11-2016 10:56:51) Run:1
Running from C:\Users\stafflici\Desktop
Loaded Profiles: stafflici (Available Profiles: stafflici & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\S-1-5-21-998340819-2083362510-1422415354-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Task: {077847CC-908D-4296-A0F2-A70D2359206B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {09D11996-472C-47BF-B150-8E3872A2FC3A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {498FE1F7-D964-4BDC-866F-50625EF70613} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {57FD211F-DD5F-4517-B98B-2B9DA0AF5B82} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6B8626A8-4BC5-489A-B9FD-B486E5B927E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8E382D26-613F-4919-B411-625875F58F64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9F25897A-DC9C-43EE-9FD3-AFEA12A6C0BB} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {9FCC7D95-8B54-433D-B456-04E7C1A62EFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D78E5E24-109C-4854-A9AB-0636FE05823D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1F05137-B0AB-44D6-B177-2DE0C55E8AD0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F17354C8-59C8-48E2-ABB9-1462A4472615} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F616FE2B-4E24-4357-AD8D-BAA4F3C50315} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F71E886B-B679-46FB-AAC5-EEF81EED83C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => key removed successfully.
"HKU\S-1-5-21-998340819-2083362510-1422415354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{077847CC-908D-4296-A0F2-A70D2359206B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077847CC-908D-4296-A0F2-A70D2359206B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09D11996-472C-47BF-B150-8E3872A2FC3A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09D11996-472C-47BF-B150-8E3872A2FC3A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{498FE1F7-D964-4BDC-866F-50625EF70613}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{498FE1F7-D964-4BDC-866F-50625EF70613}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57FD211F-DD5F-4517-B98B-2B9DA0AF5B82}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57FD211F-DD5F-4517-B98B-2B9DA0AF5B82}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B8626A8-4BC5-489A-B9FD-B486E5B927E4}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B8626A8-4BC5-489A-B9FD-B486E5B927E4}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E382D26-613F-4919-B411-625875F58F64}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E382D26-613F-4919-B411-625875F58F64}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F25897A-DC9C-43EE-9FD3-AFEA12A6C0BB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F25897A-DC9C-43EE-9FD3-AFEA12A6C0BB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Windows 10 Start Menu helper" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FCC7D95-8B54-433D-B456-04E7C1A62EFD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FCC7D95-8B54-433D-B456-04E7C1A62EFD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D78E5E24-109C-4854-A9AB-0636FE05823D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D78E5E24-109C-4854-A9AB-0636FE05823D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1F05137-B0AB-44D6-B177-2DE0C55E8AD0}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1F05137-B0AB-44D6-B177-2DE0C55E8AD0}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F17354C8-59C8-48E2-ABB9-1462A4472615}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F17354C8-59C8-48E2-ABB9-1462A4472615}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F616FE2B-4E24-4357-AD8D-BAA4F3C50315}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F616FE2B-4E24-4357-AD8D-BAA4F3C50315}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F71E886B-B679-46FB-AAC5-EEF81EED83C6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71E886B-B679-46FB-AAC5-EEF81EED83C6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 3383104 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34049576 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 303109 B
Edge => 0 B
Chrome => 0 B
Firefox => 623317 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6144 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 1610 B
NetworkService => 22390 B
stafflici => 96773265 B
DefaultAppPool => 6144 B

RecycleBin => 0 B
EmptyTemp: => 128.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:57:15 ====

[Orcus]

Co problémy?

[stafflik]

Odpojování od netu je v cajku. Povedlo se mi odinstalovat SpyEmergency přímo ze složky v program files, ale to McAfee nemůžu nikde objevit.

[jaro3]

McAfee by měl být ve složkách , souborech a registrech. Museli bychom znovu udělat script na základě nového skenu.

ale pokud je v vše v pořádku , tak bych to možná nechal.

[stafflik]

Od McAfee to možná byly pozůstatky. Natahl jsem si to s nějakým programem a po zjištění že ho tam mám jsem to hned odinstaloval. Nikde ve složkách ani programech jsem nic nenašel. Tak na to dlabem. Hlavní problém je vyřešen, navíc jako bonus se zrychlil počítač, takže z mé sttrany obrovské DĚKUJI!! A dávám vyřešeno.