PC-HELP.CZ

Ahoj, poslední dobou mě trápí pomalé pc. Dřív stačil restart a vše šlapalo ale teď už ne.
Taky jedna zajímavá věc je, že když otevřu program Sony Vegas a chci v něm pracovat podle MSI Afterburner mám využití procesoru na 100% a podle správce úloh na 20%.

Log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:56, on 22.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Program Files (x86)\BOINC\charityengine.exe
C:\Program Files (x86)\BOINC\boinc.exe
C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe
C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe
C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\ProgramData\BOINC\projects\work.charityengine.com\wrapper_26014_windows_intelx86.exe
C:\ProgramData\BOINC\slots\0\ce11.exe
C:\Users\Filip\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={FF0D2C86-42D4-4789-9F60-C48C4CBA5DC2}&mid=3ca4ee2b869247ccb8720982cc2ce28b-47ca1d8189dcfc69093b5c435c0eb4b40ff889d3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-11-22 16:01:50&v=4.3.6.255&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll
O2 - BHO: (no name) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\charityengine.exe" /a /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Spotify] "C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Filip\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [LaCie Desktop Manager 2 Startup] "C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe" -daemon
O4 - Global Startup: Killer Network Manager.lnk = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Service V2 - Rivet Networks - C:\Program Files\Killer Networking\Network Manager\KillerService.exe
O23 - Service: LaCieDesktopManagerDaemon - Unknown owner - C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 13851 bytes


AdwCleaner

# AdwCleaner v6.030 - Logfile created 22/11/2016 at 19:59:26
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-21.2 [Server]
# Operating System : Windows 10 Enterprise (X64)
# Username : Filip - DESKTOP-0MHNNB4
# Running from : C:\Users\Filip\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found: vToolbarUpdater40.3.6
Service Found: WtuSystemSupport


***** [ Folders ] *****

Folder Found: C:\Users\Filip\AppData\Local\FileViewPro
Folder Found: C:\Users\Filip\AppData\Local\avg web tuneup
Folder Found: C:\Program Files\avg web tuneup
Folder Found: C:\Program Files\Common Files\AVG Secure Search
Folder Found: C:\ProgramData\AVG Secure Search
Folder Found: C:\ProgramData\AVG Security Toolbar
Folder Found: C:\ProgramData\avg web tuneup
Folder Found: C:\ProgramData\Application Data\AVG Secure Search
Folder Found: C:\ProgramData\Application Data\AVG Security Toolbar
Folder Found: C:\ProgramData\Application Data\avg web tuneup
Folder Found: C:\Program Files (x86)\avg web tuneup
Folder Found: C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Solvusoft


***** [ Files ] *****

File Found: C:\WINDOWS\SysNative\roboot64.exe


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\csastats
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\csastats
Key Found: HKLM\SOFTWARE\AVG Tuneup
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\csastats
Data Found: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={FF0D2C86-42D4-4789-9F60-C48C4CBA5DC2}&mid=3ca4ee2b869247ccb872
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={FF0D2C86-42D4-4789-9F60-C48C4CBA5DC2}&mid=3ca4ee2b869247ccb8720982cc2ce28b-47ca1d8189dcfc69093b5c435c0eb4b4
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={FF0D2C86-42D4-4789-9F60-C48C4CBA5DC2}&mid=3ca4ee2b869247ccb8720982cc2ce28b-47ca1d8189dcfc69093b5c435c0eb4
Key Found: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Value Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
Key Found: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found: HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web data] - utorrent.en.softonic.com
Chrome pref Found: [C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hegneaniplmfjcmohoclabblbahcbjoe

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [6285 Bytes] - [22/11/2016 19:59:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6358 Bytes] ##########


Malwarebytes

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.11.2016
Čas skenování: 20:05
Protokol: malware.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.22.10
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Filip

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 303709
Uplynulý čas: 12 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 16
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder0, , [97bb962d2b6f63d363d43ba803fe12ee],
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder2, , [3d15398aa9f147ef71c6e7fc9c65728e],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\07B51C13962E8BF49BAFEA042FB2D4A6, , [61f1e1e2980270c68c9d7b3ce02323dd],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\186D389D270858A4C8FADCDAC6035E94, , [bd95913257432313c0693d7a3bc8e719],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\2ED7E00B721712A4FA8BEAC0C097B2A6, , [e270ebd86535340262c7b007aa599f61],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\31036AD7276C7154FB17E0492323197E, , [a4aefcc7cad055e1f732ddda0ff4bd43],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\53A68272C76F4494DA9263A8898F3BC4, , [df73358e0397f14595948730db28f907],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\5F2625D37BFC9EE49A9870C9134575A1, , [e86a4182485276c0ec3daf08c73c3cc4],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\6526DDC3E4053B84CA3349CF9A29E406, , [73dfb60ddbbf2a0c1e0be4d361a24cb4],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\8E64601C02B9B8A49B2094D918AAB059, , [1042b70c4159bf77f7328d2a20e317e9],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A139670AC5F063A409103EC6C72644F6, , [8ec4d0f3930746f04ddc13a44bb8916f],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A8107D1477279A04C9C3396464CBF7C0, , [252d5271f6a40135f63342758f7408f8],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\AF70C113ECEA42B46B60F3B0F849D237, , [bc9690339505e15562c71b9ced163cc4],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\FDA820609ED99FE429BB97DBAF654779, , [cc864380edad251175b405b2699af40c],
PUP.Optional.InstallCore, HKU\S-1-5-21-1168380901-2450625125-913325223-1001\SOFTWARE\csastats, , [98ba02c1aaf089ad28624a8fb54dc13f],
PUP.Optional.ProductSetup, HKU\S-1-5-21-1168380901-2450625125-913325223-1001\SOFTWARE\PRODUCTSETUP, , [b9991fa4564443f32ef3574015edb050],

Hodnoty registru: 13
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\07B51C13962E8BF49BAFEA042FB2D4A6|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\SuiteClient.dll, , [61f1e1e2980270c68c9d7b3ce02323dd]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\186D389D270858A4C8FADCDAC6035E94|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\SuiteService.exe, , [bd95913257432313c0693d7a3bc8e719]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\2ED7E00B721712A4FA8BEAC0C097B2A6|00000000000000000000000000000000, C:\ProgramData\Solvusoft\Programs Bar\, , [e270ebd86535340262c7b007aa599f61]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\31036AD7276C7154FB17E0492323197E|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\MachineId.exe, , [a4aefcc7cad055e1f732ddda0ff4bd43]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\53A68272C76F4494DA9263A8898F3BC4|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\SolvusoftLauncher.exe, , [df73358e0397f14595948730db28f907]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\5F2625D37BFC9EE49A9870C9134575A1|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\sfhtml.dll, , [e86a4182485276c0ec3daf08c73c3cc4]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\6526DDC3E4053B84CA3349CF9A29E406|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\LogFilesCollector.exe, , [73dfb60ddbbf2a0c1e0be4d361a24cb4]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\8E64601C02B9B8A49B2094D918AAB059|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe, , [1042b70c4159bf77f7328d2a20e317e9]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A139670AC5F063A409103EC6C72644F6|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\MsgSys.exe, , [8ec4d0f3930746f04ddc13a44bb8916f]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A8107D1477279A04C9C3396464CBF7C0|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\ShortcutLauncher.exe, , [252d5271f6a40135f63342758f7408f8]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\AF70C113ECEA42B46B60F3B0F849D237|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\sfhtml.dll, , [bc9690339505e15562c71b9ced163cc4]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\FDA820609ED99FE429BB97DBAF654779|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\MachineIdGateway.dll, , [cc864380edad251175b405b2699af40c]
PUP.Optional.ProductSetup, HKU\S-1-5-21-1168380901-2450625125-913325223-1001\SOFTWARE\PRODUCTSETUP|tb, 0D1F1Q2Z1G1B2R0C1L1U1I1M1S0X1J, , [b9991fa4564443f32ef3574015edb050]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 3
PUP.Optional.FileViewPro, C:\Users\Filip\AppData\Local\FileViewPro, , [f55d5d6666347fb7deaf2d4e0300f40c],
PUP.Optional.FileViewPro, C:\Users\Filip\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm, , [f55d5d6666347fb7deaf2d4e0300f40c],
PUP.Optional.FileViewPro, C:\Users\Filip\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.2.1.0, , [f55d5d6666347fb7deaf2d4e0300f40c],

Soubory: 4
HackTool.IdleKMS, C:\Program Files\KMSpico\AutoPico.exe, , [c58d92317a2067cfe3c23ad4d22fcd33],
PUP.Optional.SysTweak, C:\Windows\System32\roboot64.exe, , [68ea03c0495100360a8a0a23dd24de22],
PUP.Optional.Solvusoft, C:\Users\Filip\Downloads\Setup_DriverDoc_2016.exe, , [6ae8dce7950511256f1a07a019eae61a],
PUP.Optional.FileViewPro, C:\Users\Filip\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.2.1.0\user.config, , [f55d5d6666347fb7deaf2d4e0300f40c],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

vegas pro si normálně bere dost , zvláště při práci s HD ap. Jaký máš CPU a kolik RAM?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Scan“, po prohledání klikni na „ Clean“

Program provede opravu, po automatickém restartu klikni na „Log Manager“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY

64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Před týdnem pc šlapal. Teď se ve Vegasu nedá absolutně pracovat. Náhled videa se extrémně seká. (Zvuk jde v poho) Není to jen Vegas ale i ostatní programy. (To samé např. v Premieře). Příjde mi, že i projíždění internetu je sekavé a načítání ikon ve složce.

PC:
Intel Core i5-6500
MSI GTX 960 GAMING 4G 4GB
MSI B150 GAMING M3 - Intel B150
Kingston HyperX Fury Black 16GB (2x8GB) DDR4 2133

AdwCleaner

# AdwCleaner v6.030 - Logfile created 23/11/2016 at 10:11:21
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-22.1 [Server]
# Operating System : Windows 10 Enterprise (X64)
# Username : Filip - DESKTOP-0MHNNB4
# Running from : C:\Users\Filip\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.6
[-] Service deleted: WtuSystemSupport


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Filip\AppData\Local\FileViewPro
[-] Folder deleted: C:\Users\Filip\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Program Files\avg web tuneup
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Security Toolbar
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Solvusoft


***** [ Files ] *****

[-] File deleted: C:\WINDOWS\SysNative\roboot64.exe


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\csastats
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\csastats
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Data restored: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe


***** [ Web browsers ] *****

[-] [C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: utorrent.en.softonic.com
[-] [C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: hegneaniplmfjcmohoclabblbahcbjoe


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6462 Bytes] - [23/11/2016 10:11:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [6497 Bytes] - [22/11/2016 19:59:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [6570 Bytes] - [23/11/2016 10:10:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6681 Bytes] ##########


Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Enterprise x64
Ran by Filip (Administrator) on 23.11.2016 at 10:27:50,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOC.EXE-4817B2A2.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOCSETUP.EXE-F9C2AA60.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOCSETUP.EXE-FDFDCDB8.pf (File)



Registry: 1

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.11.2016 at 10:31:10,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.11.2016
Čas skenování: 10:35
Protokol: 01.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.23.05
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Filip

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 302484
Uplynulý čas: 8 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 14
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder0, , [d2dfcff41585f73fb5823fa425dc738d],
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder2, , [3e730bb861396ec8191e2fb441c005fb],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\07B51C13962E8BF49BAFEA042FB2D4A6, , [f0c100c3e9b17eb884a58235d72c7c84],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\186D389D270858A4C8FADCDAC6035E94, , [743d0bb83b5f2d092207a01730d37888],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\2ED7E00B721712A4FA8BEAC0C097B2A6, , [c2efd4efb1e920160623ebcc9c67f907],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\31036AD7276C7154FB17E0492323197E, , [bef3b50e5d3de94d1e0bc8efb251669a],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\53A68272C76F4494DA9263A8898F3BC4, , [9e13764db9e19b9b48e12f88d033e020],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\5F2625D37BFC9EE49A9870C9134575A1, , [8130c00351496ec858d187308e75e719],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\6526DDC3E4053B84CA3349CF9A29E406, , [f5bcf3d0d8c24de9e5447344897a20e0],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\8E64601C02B9B8A49B2094D918AAB059, , [7140a320b3e79a9c2207fcbb778c5fa1],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A139670AC5F063A409103EC6C72644F6, , [efc27053d7c39e984cdd7542c53e32ce],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A8107D1477279A04C9C3396464CBF7C0, , [f3be2e95e3b70234f633a6112fd48e72],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\AF70C113ECEA42B46B60F3B0F849D237, , [07aac5fe87135fd791982394ef14df21],
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\FDA820609ED99FE429BB97DBAF654779, , [8e239a291d7dc373c96012a54fb458a8],

Hodnoty registru: 12
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\07B51C13962E8BF49BAFEA042FB2D4A6|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\SuiteClient.dll, , [f0c100c3e9b17eb884a58235d72c7c84]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\186D389D270858A4C8FADCDAC6035E94|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\SuiteService.exe, , [743d0bb83b5f2d092207a01730d37888]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\2ED7E00B721712A4FA8BEAC0C097B2A6|00000000000000000000000000000000, C:\ProgramData\Solvusoft\Programs Bar\, , [c2efd4efb1e920160623ebcc9c67f907]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\31036AD7276C7154FB17E0492323197E|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\MachineId.exe, , [bef3b50e5d3de94d1e0bc8efb251669a]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\53A68272C76F4494DA9263A8898F3BC4|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\SolvusoftLauncher.exe, , [9e13764db9e19b9b48e12f88d033e020]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\5F2625D37BFC9EE49A9870C9134575A1|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\sfhtml.dll, , [8130c00351496ec858d187308e75e719]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\6526DDC3E4053B84CA3349CF9A29E406|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\LogFilesCollector.exe, , [f5bcf3d0d8c24de9e5447344897a20e0]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\8E64601C02B9B8A49B2094D918AAB059|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe, , [7140a320b3e79a9c2207fcbb778c5fa1]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A139670AC5F063A409103EC6C72644F6|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\MsgSys.exe, , [efc27053d7c39e984cdd7542c53e32ce]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\A8107D1477279A04C9C3396464CBF7C0|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\ShortcutLauncher.exe, , [f3be2e95e3b70234f633a6112fd48e72]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\AF70C113ECEA42B46B60F3B0F849D237|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\Tray\sfhtml.dll, , [07aac5fe87135fd791982394ef14df21]
PUP.Optional.Solvusoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INSTALLER\USERDATA\S-1-5-18\COMPONENTS\FDA820609ED99FE429BB97DBAF654779|00000000000000000000000000000000, C:\?Program Files (x86)\Solvusoft\MachineIdGateway.dll, , [8e239a291d7dc373c96012a54fb458a8]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
HackTool.IdleKMS, C:\Program Files\KMSpico\AutoPico.exe, , [c5ec06bdfd9d38fe7f26a46aa9582dd3],
PUP.Optional.Solvusoft, C:\Users\Filip\Downloads\Setup_DriverDoc_2016.exe, , [446d9a29930771c5deab0b9c6c974bb5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)


Sophos Virus Removal Tool - splněno

RogueKiller - spuštěn pouze test, něco našlo ale neodstraňoval jsem.

RogueKiller V12.8.2.0 (x64) [Nov 21 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.14393) 64 bits version
Spuštěno : Normální režim
Uživatel : Filip [Práva správce]
Started from : C:\Users\Filip\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 11/23/2016 15:15:27 (Duration : 00:52:34)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll) -> Nalezeno
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.20.30.1 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4ac616c6-e3ea-4b3e-baec-396539773426} | DhcpNameServer : 10.20.30.1 ([]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 7 ¤¤¤
[PUP][Soubor] C:\Windows\SECOH-QAD.exe -> Nalezeno
[Tr.Generic][Soubor] C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe -> Nalezeno
[Tr.Generic][Soubor] C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Nalezeno
[Tr.Generic][Soubor] C:\Users\Filip\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe -> Nalezeno
[PUP.HackTool][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\scripts\Log.cmd -> Nalezeno
[PUP.HackTool][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\UninsHs.exe /u0=KMSpico -> Nalezeno
[PUP.HackTool][Složka] C:\Program Files\KMSpico -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 120GB +++++
--- User ---
[MBR] e4ccabb729bee723805a11832d5135b3
[BSP] 15c7184f13a74dcdc96ef5be86a5284d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD20EZRX-00D8PB0 +++++
--- User ---
[MBR] 56c210d038cd741ebc1721052bb792cc
[BSP] 9fe4055477afb2e82a5a2164627e2fc4 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Super PC!

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

Tak jsem udělal vše ale problémy jsou stále stejné. Nic se nezměnilo. U Rogue killer jsem na poprvé přehlédl, že nejsou zatržítka u všeho, tak jsem to pak musel skenovat ještě jednou, protože nešlo soubory doodstranit.

Malwarebytes' Anti-Malware
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.11.2016
Čas skenování: 20:47
Protokol: malware.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.23.14
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Filip

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 304968
Uplynulý čas: 9 min, 27 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

RogueKiller

RogueKiller V12.8.2.0 (x64) [Nov 21 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.14393) 64 bits version
Spuštěno : Normální režim
Uživatel : Filip [Práva správce]
Started from : C:\Users\Filip\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 11/23/2016 21:55:54 (Duration : 00:51:21)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll) -> Smazáno
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll) -> Smazáno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.20.30.1 ([]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4ac616c6-e3ea-4b3e-baec-396539773426} | DhcpNameServer : 10.20.30.1 ([]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 120GB +++++
--- User ---
[MBR] e4ccabb729bee723805a11832d5135b3
[BSP] 15c7184f13a74dcdc96ef5be86a5284d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD20EZRX-00D8PB0 +++++
--- User ---
[MBR] 56c210d038cd741ebc1721052bb792cc
[BSP] 9fe4055477afb2e82a5a2164627e2fc4 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Zoek


Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Filip on 23.11.2016 at 23:16:38,25.
Microsoft Windows 10 Enterprise 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Filip\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.11.2016 23:17:38 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\EaseFab deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Filip\AppData\Local\CrashDumps deleted successfully
C:\Users\Filip\AppData\Local\PDFCreator deleted successfully
C:\Users\Filip\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Filip\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\pdf_architect_4_conv@pdfarchitect.org deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ISVCU@iSkysoft.com deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\EaseFab not found
C:\PROGRA~3\iSkysoft iMedia Converter Deluxe deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== Chromium Look ======================

Google Chrome Version: 31.0.1650.59

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]


==== Chromium Fix ======================

C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.org_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.org_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3b3ehuo35wzeh.cloudfront.net_0.localstorage deleted successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3b3ehuo35wzeh.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

==== Reset Google Chrome ======================

C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\BAHOBZ81 will be deleted at reboot
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\LC08KS08 will be deleted at reboot
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\TIV6ARO9 will be deleted at reboot
C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\Z8BTZHT3 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=157 folders=71 79173559 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Filip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\BAHOBZ81" not found
"C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\LC08KS08" not found
"C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\TIV6ARO9" not found
"C:\Users\Filip\AppData\Local\Microsoft\Windows\INetCache\IE\Z8BTZHT3" not found

==== EOF on 23.11.2016 at 23:58:19,58 ======================

HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:59:01, on 23.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Filip\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Filip\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Users\Filip\Desktop\HijackThis.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Program Files (x86)\BOINC\charityengine.exe
C:\Program Files (x86)\BOINC\boinc.exe
C:\ProgramData\BOINC\projects\work.charityengine.com\wrapper_26014_windows_intelx86.exe
C:\ProgramData\BOINC\slots\0\ce11.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\charityengine.exe" /a /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Spotify] "C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Filip\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [LaCie Desktop Manager 2 Startup] "C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe" -daemon
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Network Manager.lnk = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Service V2 - Rivet Networks - C:\Program Files\Killer Networking\Network Manager\KillerService.exe
O23 - Service: LaCieDesktopManagerDaemon - Unknown owner - C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13405 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Příjde mi, že PC se ještě víc zpomalil, i načítání systému trvá znatelně dýl.

HJT - Fixnuto

aswMBR
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-11-24 11:47:20
-----------------------------
11:47:20.387 OS Version: Windows x64 6.2.9200
11:47:20.388 Number of processors: 4 586 0x5E03
11:47:20.389 ComputerName: DESKTOP-0MHNNB4 UserName: Filip
11:47:21.252 Initialize success
11:47:21.439 VM: initialized successfully
11:47:21.441 VM: Intel CPU supported
11:47:45.197 VM: not used
11:48:03.273 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
11:48:03.285 Disk 0 Vendor: Samsung_SSD_850_EVO_120GB EMT01B6Q Size: 114473MB BusType: 11
11:48:03.291 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000039
11:48:03.297 Disk 1 Vendor: WDC_WD20EZRX-00D8PB0 80.00A80 Size: 1907729MB BusType: 11
11:48:03.309 Disk 0 MBR read successfully
11:48:03.315 Disk 0 MBR scan
11:48:03.321 Disk 0 Windows 7 default MBR code
11:48:03.328 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 500 MB offset 2048
11:48:03.335 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 113971 MB offset 1026048
11:48:03.349 Disk 0 scanning C:\WINDOWS\system32\drivers
11:48:05.014 Service scanning
11:48:10.367 Modules scanning
11:48:10.388 Disk 0 trace - called modules:
11:48:10.408 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
11:48:10.420 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffff8d8706931060]
11:48:10.429 3 CLASSPNP.SYS[fffff80c2aff5efb] -> nt!IofCallDriver -> [0xffff8d87066a3c40]
11:48:10.439 5 ACPI.sys[fffff80c2a264571] -> nt!IofCallDriver -> [0xffff8d87066a17c0]
11:48:10.449 7 ACPI.sys[fffff80c2a264571] -> nt!IofCallDriver -> \Device\00000038[0xffff8d87066d6330]
11:48:10.458 Disk 0 statistics 59933/0/0 @ 31,67 MB/s
11:48:10.471 Scan finished successfully
11:48:18.722 Disk 0 MBR has been saved successfully to "C:\Users\Filip\Desktop\MBR.dat"
11:48:18.732 The log file has been saved successfully to "C:\Users\Filip\Desktop\aswMBR.txt"

Zemana AntiMalware

Zemana AntiMalware 2.60.2.1 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016.11.24
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
BIOS Mode : Legacy
CUID : 12098277AE7D56BB5E9192
Scan Type : Smart Scan
Duration : 3m 28s
Scanned Objects : 77071
Detected Objects : 8
Excluded Objects : 0
Read Level : Normal
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Shortcut
Status : Scanned
Object : --app-window-size=1920,1080
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

Chrome Shortcut
Status : Scanned
Object : --app=http://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=2b3ab7fcfea9b9e2f9c14d8d034a712b0583284b
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Shortcut

Keygen.exe
Status : Scanned
Object : %userprofile%\desktop\sony vegas pro 13.0 build 453 (x64) + patch di\keygen & patch by di\keygen.exe
MD5 : 4C174ED76448F529F042A83DF8231FA4
Publisher : -
Size : 2088960
Version : -
Detection : PUA:Win32/SoftCrack.Gen
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\desktop\sony vegas pro 13.0 build 453 (x64) + patch di\keygen & patch by di\keygen.exe

25034libfoxloader.dll
Status : Scanned
Object : %appdata%\seznam.cz\bin\25034libfoxloader.dll
MD5 : E58EACA639CD7EB45A4E2E22460727E3
Publisher : Seznam.cz, a.s.
Size : 78504
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\25034libfoxloader.dll
DLL - 6360 - C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
DLL - 9988 - C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe
DLL - 768 - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
DLL - 2840 - C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
DLL - 8016 - C:\Program Files (x86)\BOINC\boinctray.exe
DLL - 6336 - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
DLL - 8480 - C:\Program Files (x86)\BOINC\charityengine.exe
DLL - 9124 - C:\Program Files (x86)\BOINC\boinc.exe

lightspeed.dll
Status : Scanned
Object : %appdata%\seznam.cz\bin\lightspeed.dll
MD5 : 7B12697B8A8D362F5694774A9D3055F8
Publisher : Seznam.cz, a.s.
Size : 862888
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\lightspeed.dll
DLL - 6360 - C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

listicka-x64.exe
Status : Scanned
Object : %appdata%\seznam.cz\bin\listicka-x64.exe
MD5 : 69F5AC0038561D256C803BF01C85CBD7
Publisher : Seznam.cz, a.s.
Size : 73896
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\listicka-x64.exe
Process - 9916 - C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe

szndesktop.exe
Status : Scanned
Object : %appdata%\seznam.cz\bin\szndesktop.exe
MD5 : 0A54B0BCD8BC203684C803FC3FB5C5A2
Publisher : Seznam.cz, a.s.
Size : 457384
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\seznam.cz\bin\szndesktop.exe
Process - 6360 - C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

szninstall.exe
Status : Scanned
Object : %programfiles%\seznam.cz\distribution\szninstall.exe
MD5 : 919F88F5158350947FB255358CEA4907
Publisher : Seznam.cz, a.s.
Size : 1062472
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\seznam.cz\distribution\szninstall.exe
Registry Entry - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\seznam-listicka-distribuce = "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

浄ϖ浬ϖ힌ό涔ϖ涼ϖ톼ω淤ϖ渌ϖ渴ϖힼόퟬό퇜ω셬ϙ詔ϓ퇼ω툜ωϖ툼ω湜ϖ퉜ω퉼ω�ό⃔ϔ솴ϙ誌ϓ�ό溄ϖ�ϔ�ϔ�ϔ쇼ϙ諄ϓ諼ϓ�ϔ�ϔ튜ω튼ω∌Ϛ쉄ϙ溬ϖ틜ω틼ω팜ω팼ω滔ϖ滼ϖ謴ϓ譬ϓ�ό�ό�ό漤ϖϒ�ϔ�όϖ퍜ω�ό认ϓ潌ϖ潴ϖ诜ϓ�ϔ퍼ω澜ϖ펜ω�ό�ό펼ω谔ϓ豌ϓ�ό�ό�ό�ό폜ω�ό폼ω�ό퐜ω濄ϖ濬ϖ貄ϓ퐼ω표ω푼ω瀔ϖ瀼ϖ�ό�ό�ό�ό灤ϖ�ό�ό炌ϖ�ό貼ϓ賴ϓ炴ϖ烜ϖ焄ϖ焬ϖ�ό�ϔ煔ϖ煼ϖ�ό熤ϖ�ό�ό燌ϖ풜ω�ό燴ϖϖ爜ϖ牄ϖ牬ϖ犔ϖ풼ω犼ϖ狤ϖ贬ϓ赤ϓ퓜ω퓼ω픜ω피ω한ω핼ω햜ω햼ω헜ω헼ω혜ω혼ω활ω홼ω횜ω횼ω猌ϖ훜ωϖ훼ω휜ω猴ϖ獜ϖ

FarbarRecovery Scan Tool

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by Filip (administrator) on DESKTOP-0MHNNB4 (24-11-2016 11:58:49)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 10 Enterprise Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(LaCie) C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\IECacheWinInetLdr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\IECacheWinInetLdr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16092.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragBackend64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [693432 2016-10-07] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13900016 2016-11-09] (Zemana Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\charityengine.exe [3757712 2014-03-07] (Charity Engine)
HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\Run: [Spotify] => C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-12] (Spotify Ltd)
HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\Run: [Spotify Web Helper] => C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-12] (Spotify Ltd)
HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\Run: [LaCie Desktop Manager 2 Startup] => C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe [872736 2015-06-09] (LaCie)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.20.30.1
Tcpip\..\Interfaces\{4ac616c6-e3ea-4b3e-baec-396539773426}: [DhcpNameServer] 10.20.30.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1168380901-2450625125-913325223-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Prezentace Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-24]
CHR Extension: (Dokumenty Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-24]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-11-24]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-11-24]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-24]
CHR Extension: (Tabulky Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-24]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-24]
CHR Extension: (Skype) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-24]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-11-24]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [413696 2015-07-07] (Rivet Networks) [File not signed]
R2 LaCieDesktopManagerDaemon; C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe [1149728 2015-06-09] (LaCie)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13900016 2016-11-09] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [114736 2015-07-07] (Rivet Networks, LLC.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2016-09-09] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2016-09-09] (Windows (R) Win 7 DDK provider)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [281896 2015-11-22] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [170128 2016-02-05] (Qualcomm Atheros, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-10-12] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-11-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-11-24] (Zemana Ltd.)
U3 aswMBR; C:\Users\Filip\AppData\Local\Temp\aswMBR.sys [62728 2016-11-24] () [File not signed]
U3 aswVmm; C:\Users\Filip\AppData\Local\Temp\aswVmm.sys [224896 2016-11-24] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-24 11:58 - 2016-11-24 11:59 - 00019920 _____ C:\Users\Filip\Desktop\FRST.txt
2016-11-24 11:58 - 2016-11-24 11:58 - 00000000 ____D C:\FRST
2016-11-24 11:57 - 2016-11-24 11:57 - 00006258 _____ C:\Users\Filip\Desktop\2016.11.24-11.52.52-i0-t92-d8.txt
2016-11-24 11:49 - 2016-11-24 11:58 - 00016944 _____ C:\WINDOWS\ZAM.krnl.trace
2016-11-24 11:49 - 2016-11-24 11:58 - 00006625 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-11-24 11:49 - 2016-11-24 11:49 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-11-24 11:49 - 2016-11-24 11:49 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2016-11-24 11:49 - 2016-11-24 11:49 - 00001217 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-11-24 11:49 - 2016-11-24 11:49 - 00000000 ____D C:\Users\Filip\AppData\Local\Zemana
2016-11-24 11:49 - 2016-11-24 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-11-24 11:49 - 2016-11-24 11:49 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-11-24 11:48 - 2016-11-24 11:48 - 00002026 _____ C:\Users\Filip\Desktop\aswMBR.txt
2016-11-24 11:48 - 2016-11-24 11:48 - 00000512 _____ C:\Users\Filip\Desktop\MBR.dat
2016-11-24 11:46 - 2016-11-24 11:46 - 00000000 ____D C:\Users\Filip\Desktop\backups
2016-11-24 11:41 - 2016-11-24 11:42 - 02412032 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2016-11-24 11:41 - 2016-11-24 11:41 - 05426600 _____ ( ) C:\Users\Filip\Desktop\Zemana.AntiMalware.Setup.exe
2016-11-24 11:41 - 2016-11-24 11:41 - 05200384 _____ (AVAST Software) C:\Users\Filip\Desktop\aswmbr.exe
2016-11-24 10:36 - 2016-11-24 10:36 - 00000000 ____D C:\Users\Filip\AppData\Local\PeerDistRepub
2016-11-24 10:31 - 2016-11-24 10:31 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2016-11-23 23:58 - 2016-11-23 23:58 - 00009903 _____ C:\Users\Filip\Desktop\zoek-results.txt
2016-11-23 23:51 - 2016-11-23 23:16 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-11-23 23:16 - 2016-11-23 23:48 - 00000000 ____D C:\zoek_backup
2016-11-23 23:10 - 2016-11-23 23:10 - 00004628 _____ C:\Users\Filip\Desktop\01.txt
2016-11-23 20:57 - 2016-11-23 20:57 - 00001138 _____ C:\Users\Filip\Desktop\malware.txt
2016-11-23 20:45 - 2016-11-23 20:45 - 01309184 _____ C:\Users\Filip\Desktop\zoek.exe
2016-11-23 16:46 - 2016-11-23 16:47 - 11020396 _____ C:\Users\Filip\Downloads\DIB_brief2017cze.pdf
2016-11-23 15:15 - 2016-11-23 21:55 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-23 15:14 - 2016-11-23 16:10 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-23 11:56 - 2016-11-23 11:56 - 00000000 ____D C:\ProgramData\Sophos
2016-11-23 11:54 - 2016-11-23 11:54 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2016-11-23 11:54 - 2016-11-23 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-11-23 11:54 - 2016-11-23 11:54 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-11-23 10:05 - 2016-11-23 10:05 - 01631928 _____ (Malwarebytes) C:\Users\Filip\Desktop\JRT.exe
2016-11-22 20:03 - 2016-11-23 20:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-22 20:02 - 2016-11-22 20:02 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-22 20:02 - 2016-11-22 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-22 20:02 - 2016-11-22 20:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-22 20:02 - 2016-11-22 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-22 20:02 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-22 20:02 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-22 20:02 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-22 19:31 - 2016-11-22 19:35 - 25546312 _____ C:\Users\Filip\Desktop\RogueKillerX64.exe
2016-11-22 19:28 - 2016-11-23 10:11 - 00000000 ____D C:\AdwCleaner
2016-11-22 18:43 - 2016-11-22 18:44 - 22851472 _____ (Malwarebytes ) C:\Users\Filip\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-22 18:42 - 2016-11-22 18:42 - 03910208 _____ C:\Users\Filip\Desktop\AdwCleaner.exe
2016-11-22 18:41 - 2016-11-22 18:42 - 00448512 _____ (OldTimer Tools) C:\Users\Filip\Desktop\TFC.exe
2016-11-22 18:25 - 2016-11-23 19:34 - 00000457 _____ C:\Users\Filip\Desktop\PC SESTAVA.txt
2016-11-22 16:34 - 2016-11-22 16:34 - 00388608 _____ (Trend Micro Inc.) C:\Users\Filip\Desktop\HijackThis.exe
2016-11-22 16:08 - 2016-11-22 16:09 - 05659276 _____ (Swearware) C:\Users\Filip\Desktop\ComboFix.exe
2016-11-22 16:04 - 2016-11-22 16:13 - 155707248 _____ (Sophos Limited) C:\Users\Filip\Desktop\Sophos Virus Removal Tool.exe
2016-11-22 10:49 - 2016-11-22 10:49 - 00002284 _____ C:\Users\Public\Desktop\LaCie Desktop Manager.lnk
2016-11-22 10:49 - 2016-11-22 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LaCie
2016-11-22 10:49 - 2016-11-22 10:49 - 00000000 ____D C:\ProgramData\LaCie
2016-11-22 10:49 - 2016-11-22 10:49 - 00000000 ____D C:\Program Files (x86)\LaCie
2016-11-21 21:38 - 2016-11-21 21:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-21 21:38 - 2016-11-17 01:46 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-11-21 21:38 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-11-21 21:38 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-11-21 21:38 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-11-21 21:38 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-11-21 21:37 - 2016-11-17 01:58 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-21 21:33 - 2016-11-17 03:06 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 28203576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 10354800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 02953152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 02586048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 01038904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00642576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00617880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-11-21 21:33 - 2016-11-17 03:06 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-11-21 21:33 - 2016-11-17 03:06 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-11-21 20:24 - 2016-11-21 20:24 - 00001111 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2016-11-21 20:24 - 2016-11-21 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-11-21 20:23 - 2016-11-21 20:23 - 00000000 ____D C:\ProgramData\Sony
2016-11-21 20:23 - 2016-11-21 20:23 - 00000000 ____D C:\Program Files\Sony
2016-11-21 20:23 - 2016-11-21 20:23 - 00000000 ____D C:\Program Files (x86)\Sony
2016-11-21 20:22 - 2016-11-21 20:22 - 00000000 ____D C:\Users\Filip\Desktop\Vegas Pro 13.0
2016-11-21 20:13 - 2016-11-17 02:03 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-21 20:13 - 2016-11-16 10:52 - 07529957 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-21 20:08 - 2016-10-01 22:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-11-21 20:08 - 2016-10-01 22:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
2016-11-21 19:43 - 2016-11-22 15:35 - 00000000 ____D C:\Users\Filip\AppData\LocalLow\uTorrent
2016-11-21 19:24 - 2016-11-21 19:50 - 357061032 _____ (NVIDIA Corporation) C:\Users\Filip\Downloads\373.06-desktop-win10-64bit-international-whql.exe
2016-11-21 18:35 - 2016-11-21 18:36 - 00000000 ____D C:\Users\Filip\Desktop\Sony Vegas Pro 13.0 Build 453 (x64) + Patch DI
2016-11-21 17:01 - 2016-11-21 17:01 - 00000000 ____D C:\Users\Filip\Desktop\OpenColorIO
2016-11-21 16:58 - 2016-11-21 16:58 - 00000000 ____D C:\Users\Filip\Desktop\Video Plug-Ins
2016-11-21 16:58 - 2016-11-21 16:58 - 00000000 ____D C:\Users\Filip\Desktop\OFX Video Plug-Ins
2016-11-21 16:13 - 2016-11-21 16:13 - 00002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-11-21 16:13 - 2016-11-02 13:19 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-11-21 15:33 - 2016-11-21 20:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-21 15:30 - 2016-11-17 03:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll
2016-11-21 15:30 - 2016-11-17 03:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll
2016-11-19 14:55 - 2016-11-19 15:13 - 324820640 _____ (BlueStack Systems Inc.) C:\Users\Filip\Downloads\BlueStacks2_native.exe
2016-11-19 14:16 - 2016-11-19 14:35 - 410375472 _____ C:\Users\Filip\Desktop\TRAILER - zdr.mp4
2016-11-19 10:54 - 2016-11-19 10:54 - 00014382 _____ C:\Users\Filip\Downloads\Zdravka_program.odt
2016-11-17 22:20 - 2016-11-11 00:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll
2016-11-17 22:20 - 2016-11-11 00:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
2016-11-17 20:29 - 2016-10-25 21:21 - 00106040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-17 20:29 - 2016-10-25 21:21 - 00095800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-11-17 17:00 - 2016-11-17 17:00 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-17 17:00 - 2016-11-17 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-17 17:00 - 2016-11-17 17:00 - 00000000 ____D C:\Program Files\iTunes
2016-11-17 17:00 - 2016-11-17 17:00 - 00000000 ____D C:\Program Files\iPod
2016-11-17 16:32 - 2016-11-17 16:36 - 102355077 _____ C:\Users\Filip\Desktop\Projekt Xela další zasraná verze.mp4
2016-11-16 21:40 - 2016-11-16 21:44 - 102444646 _____ C:\Users\Filip\Desktop\Projekt Xela.mp4
2016-11-16 17:08 - 2016-11-16 17:08 - 00107485 _____ C:\Users\Filip\Downloads\Intouchables.srt
2016-11-16 17:08 - 2016-11-16 17:08 - 00106850 _____ C:\Users\Filip\Downloads\Intouchables BRRip 720p CODY.srt
2016-11-16 17:05 - 2016-11-16 17:05 - 00031799 _____ C:\Users\Filip\Downloads\intouchables.zip
2016-11-15 13:22 - 2016-11-15 13:23 - 46796789 _____ C:\Users\Filip\Desktop\OA - Wall Street - TRAILER.mp4
2016-11-13 13:13 - 2016-11-13 13:14 - 00529181 _____ C:\Users\Filip\Downloads\Doklad_2162031398.pdf
2016-11-13 13:13 - 2016-11-13 13:13 - 00531646 _____ C:\Users\Filip\Downloads\Doklad_2162911147.pdf
2016-11-13 13:13 - 2016-11-13 13:13 - 00525676 _____ C:\Users\Filip\Downloads\Doklad_2162115506.pdf
2016-11-13 10:48 - 2016-11-13 10:50 - 26152943 _____ C:\Users\Filip\Downloads\P3S_FW_V01.09.0060.zip
2016-11-10 18:41 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-10 18:41 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-10 18:41 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-10 18:41 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-10 18:41 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-10 18:41 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-10 18:41 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-10 18:41 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-10 18:41 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-10 18:41 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-10 18:41 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-10 18:41 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-10 18:41 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-10 18:41 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-10 18:41 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-10 18:41 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-10 18:41 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-10 18:41 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-10 18:41 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-10 18:41 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-10 18:41 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-10 18:41 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-10 18:41 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-10 18:41 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-10 18:41 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-10 18:41 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-10 18:41 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-10 18:41 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-10 18:41 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-10 18:41 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-10 18:41 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-10 18:41 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-10 18:41 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-10 18:41 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-10 18:41 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-10 18:41 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-10 18:41 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-10 18:41 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-10 18:41 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-10 18:41 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-10 18:41 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-10 18:41 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-10 18:41 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-10 18:41 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-10 18:41 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-10 18:41 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-10 18:41 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-10 18:41 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-10 18:41 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-10 18:41 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-10 18:41 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-10 18:41 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-10 18:41 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-10 18:41 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-10 18:41 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-10 18:41 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-10 18:41 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-10 18:41 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-10 18:41 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-10 18:41 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-10 18:41 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-10 18:41 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-10 18:41 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-10 18:41 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-10 18:41 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-10 18:41 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-10 18:41 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-10 18:41 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-10 18:41 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-10 18:41 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-10 18:41 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-10 18:41 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-10 18:41 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-10 18:41 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-10 18:41 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-10 18:41 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-10 18:41 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-10 18:41 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-10 18:41 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-10 18:41 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-10 18:41 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-10 18:41 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-10 18:41 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-10 18:41 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-10 18:41 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-10 18:41 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-10 18:41 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-10 18:41 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-10 18:41 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-10 18:41 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-10 18:41 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-10 18:41 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-10 18:41 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-10 18:41 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-10 18:41 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-10 18:41 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-10 18:41 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-10 18:41 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-10 18:41 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-10 18:41 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-10 18:41 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-10 18:41 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 18:41 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-10 18:40 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-10 18:40 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-10 18:40 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-10 18:40 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-10 18:40 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-10 18:40 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-10 18:40 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-10 18:40 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-10 18:40 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-10 18:40 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-10 18:40 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-10 18:40 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-10 18:40 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-10 18:40 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-10 18:40 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-10 18:40 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-10 18:40 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-10 18:40 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-10 18:40 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-10 18:40 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-10 18:40 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-10 18:40 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-10 18:40 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-10 18:40 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-10 18:40 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-10 18:40 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-10 18:40 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-10 18:40 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-10 18:40 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-10 18:40 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-10 18:40 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-10 18:40 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-10 18:40 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-10 18:40 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-10 18:40 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-10 18:40 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-10 18:40 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-10 18:40 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-10 18:40 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-10 18:40 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-10 18:40 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-10 18:40 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-10 18:40 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-10 18:40 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-10 18:40 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-10 18:40 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-10 18:40 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-10 18:40 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 18:40 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-10 18:40 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-10 18:40 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-10 18:40 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-10 18:40 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-10 18:40 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation)

C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-10 18:40 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-10 18:40 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-10 18:40 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-10 18:40 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-10 18:40 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-10 18:40 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-10 18:40 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-10 18:40 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-10 18:40 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-10 18:40 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-10 18:40 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-10 18:40 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-10 18:40 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-10 18:40 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-10 18:40 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-10 18:40 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-10 18:40 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-10 18:40 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-10 18:40 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-10 18:40 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-10 18:40 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-10 18:40 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 18:40 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-10 18:40 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-10 18:40 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-10 18:40 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-10 18:40 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-10 18:40 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-10 18:40 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-10 18:40 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-10 18:40 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-10 18:40 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-10 18:40 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-10 18:40 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-10 18:40 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-10 18:40 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-10 18:40 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-10 18:40 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-10 18:40 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-10 18:40 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-10 18:40 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-10 18:40 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-10 18:40 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-10 18:40 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-10 18:40 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-10 18:40 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-10 18:40 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-10 18:40 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-10 18:40 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-10 18:40 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-10 18:40 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-10 18:40 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-08 11:01 - 2016-11-23 19:27 - 00000990 _____ C:\Users\Filip\Desktop\steanbest ebay.txt
2016-11-05 19:01 - 2016-11-05 19:01 - 00003206 _____ C:\WINDOWS\System32\Tasks\Nahimic2UILauncherRun
2016-11-05 19:01 - 2016-11-05 19:01 - 00003194 _____ C:\WINDOWS\System32\Tasks\Nahimic2Svc64Run
2016-11-05 19:01 - 2016-11-05 19:01 - 00003186 _____ C:\WINDOWS\System32\Tasks\Nahimic2Svc32Run
2016-11-05 19:01 - 2016-11-05 19:01 - 00002156 _____ C:\Users\Public\Desktop\Nahimic 2.lnk
2016-11-05 19:01 - 2016-11-05 19:01 - 00000000 ____D C:\ProgramData\Nahimic22.3.7
2016-11-05 19:01 - 2016-11-05 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2
2016-11-05 10:00 - 2016-11-05 10:02 - 68715298 _____ C:\Users\Filip\Desktop\zásada, desná léto.mp4
2016-11-05 09:55 - 2016-11-05 09:55 - 00019951 _____ C:\Users\Filip\Downloads\filipsolc-2016-0032.pdf
2016-11-04 16:58 - 2016-11-04 20:38 - 3453247807 _____ C:\Users\Filip\Downloads\Zelená-Míle.1999.1080p.BR.x264.CZ+EN.mkv
2016-11-03 21:49 - 2016-11-03 21:50 - 10886912 _____ (TeamViewer GmbH) C:\Users\Filip\Downloads\TeamViewer_Setup_cs.exe
2016-11-03 21:28 - 2016-11-03 21:28 - 00000000 ____D C:\Users\Filip\AppData\Local\ElevatedDiagnostics
2016-11-03 21:12 - 2016-11-03 21:12 - 00000000 ____D C:\Program Files\Realtek
2016-11-03 21:11 - 2016-10-21 13:16 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-11-03 21:11 - 2016-10-21 13:16 - 23547552 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 23447360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 17398624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 10532056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 07310217 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-11-03 21:11 - 2016-10-21 13:16 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 06198144 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-11-03 21:11 - 2016-10-21 13:16 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 05371912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-11-03 21:11 - 2016-10-21 13:16 - 05341360 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03295072 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03190560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 03014152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-11-03 21:11 - 2016-10-21 13:16 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02819632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02201096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01921016 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-11-03 21:11 - 2016-10-21 13:16 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01618264 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01360528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01186824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01166168 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 01003336 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00999864 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00962128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00865920 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00859232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00850416 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00721808 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00601152 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00571384 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00499160 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00179608 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-11-03 21:11 - 2016-10-21 13:16 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-11-03 21:11 - 2016-10-21 13:16 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-11-03 21:06 - 2016-09-22 14:55 - 02839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-11-03 20:44 - 2016-11-05 19:00 - 00000000 ____D C:\MSI
2016-11-03 20:44 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2016-11-03 20:00 - 2016-11-03 20:07 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\Filip\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-11-03 19:57 - 2016-11-03 19:57 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-11-03 19:56 - 2016-11-24 10:31 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Seznam.cz
2016-11-03 19:55 - 2016-11-03 19:56 - 11638808 _____ C:\Users\Filip\Downloads\everesthome220.exe
2016-11-03 19:42 - 2016-11-03 19:51 - 00000000 ____D C:\Users\Filip\AppData\Local\IIIQF
2016-11-03 18:08 - 2016-11-21 16:20 - 00000000 ____D C:\Users\Filip\Desktop\SŠ
2016-11-03 16:16 - 2016-11-03 16:16 - 00177078 _____ C:\Users\Filip\Downloads\Oznameni_zmen_pojistence.pdf
2016-11-03 12:07 - 2016-11-03 12:07 - 00604105 _____ C:\Users\Filip\Downloads\Steanbest s.r.o..pdf
2016-11-03 10:57 - 2016-11-03 11:26 - 00000000 ____D C:\Users\Filip\Desktop\clo
2016-11-01 16:49 - 2016-11-01 16:50 - 19955754 _____ C:\Users\Filip\Downloads\How to Pretend Like a Pro Hacker.mp4
2016-11-01 16:45 - 2016-11-01 16:45 - 01582570 _____ C:\Users\Filip\Downloads\Loading Screen HD with Sound.mp4
2016-11-01 09:22 - 2016-11-01 09:25 - 42372256 _____ C:\Users\Filip\Downloads\ThunderbirdSetup45.4.0.exe
2016-10-31 13:55 - 2016-10-31 14:30 - 40542029 _____ C:\Users\Filip\Desktop\preciosa zásada, desná.mp4
2016-10-31 12:36 - 2016-10-31 12:36 - 00990293 _____ C:\Users\Filip\Downloads\Skenovany_dokument-3.pdf
2016-10-31 12:34 - 2016-10-31 12:34 - 00441938 _____ C:\Users\Filip\Downloads\scan01.pdf
2016-10-28 15:58 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 15:58 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 15:58 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 15:58 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 15:58 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 15:58 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 15:58 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 15:58 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 15:58 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 15:58 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 15:58 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 15:58 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 15:58 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 15:58 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 15:58 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 15:58 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 15:58 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:58 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 15:58 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 15:58 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:58 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 15:58 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 15:58 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:58 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 15:58 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 15:58 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 15:58 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 15:58 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 15:58 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 15:58 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 15:57 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 15:57 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 15:57 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 15:57 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 15:57 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 15:57 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 15:57 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 15:57 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 15:57 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 15:57 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 15:57 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 15:57 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 15:57 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 15:57 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 15:57 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 15:57 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 15:57 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 15:57 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 15:57 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 15:57 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 15:57 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 15:57 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 15:57 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 15:57 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 15:57 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 15:57 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 15:57 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 15:57 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 15:57 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 15:57 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 15:57 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 15:57 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 15:57 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 15:57 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 15:57 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 15:57 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 15:57 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 15:57 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 15:57 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 15:57 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 15:57 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 15:57 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 15:57 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 15:57 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 15:57 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 15:57 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 15:57 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 15:57 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 15:57 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 15:57 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 15:57 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 15:57 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 15:57 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 15:57 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 15:57 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 15:57 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 15:57 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 15:57 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 15:57 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 15:57 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 15:57 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 15:57 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 15:57 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 15:57 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 15:57 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 15:57 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 15:57 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 15:57 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 15:57 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 15:57 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 15:57 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 15:57 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 15:57 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 15:57 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 15:57 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 15:57 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 15:57 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 15:57 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 15:57 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 15:57 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 15:57 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 15:57 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 15:57 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 15:57 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 15:57 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 15:57 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 15:57 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 15:57 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 15:57 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:57 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 15:57 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 15:57 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:57 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 15:57 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:57 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 15:57 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 15:57 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 15:57 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 15:57 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 15:57 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 15:57 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 15:57 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 15:57 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 15:57 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 15:57 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 15:57 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 15:57 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 15:57 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 15:57 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 15:57 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 15:57 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 15:57 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 15:57 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 15:57 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 15:57 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 15:57 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 15:57 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 15:57 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 15:57 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 15:57 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-24 11:59 - 2015-11-21 21:41 - 00000000 ____D C:\ProgramData\MFAData
2016-11-24 11:56 - 2016-08-04 09:08 - 00000000 ____D C:\ProgramData\BOINC
2016-11-24 11:43 - 2015-12-30 20:18 - 00000000 ____D C:\Users\Filip\AppData\Local\Spotify
2016-11-24 11:41 - 2015-12-30 20:16 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Spotify
2016-11-24 10:52 - 2016-09-30 09:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-24 10:27 - 2015-11-22 12:33 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Skype
2016-11-24 10:26 - 2016-09-30 09:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-24 10:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-24 00:04 - 2016-09-30 18:58 - 00905142 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-24 00:04 - 2016-09-30 18:58 - 00228220 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-24 00:04 - 2015-11-22 11:34 - 02331852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-23 23:58 - 2016-09-30 09:08 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-11-23 23:57 - 2016-09-30 09:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-23 23:57 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-23 23:47 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-11-23 21:53 - 2015-11-22 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-11-23 15:09 - 2016-09-30 09:04 - 00000000 ____D C:\Users\Filip
2016-11-23 10:47 - 2016-07-16 15:24 - 00000000 ____D C:\WINDOWS\RemotePackages
2016-11-23 10:19 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 19:46 - 2016-08-04 09:14 - 00000000 ____D C:\Users\Filip\AppData\Roaming\uTorrent
2016-11-22 18:47 - 2015-11-22 12:00 - 00000000 ____D C:\Users\Filip\AppData\Roaming\vlc
2016-11-22 16:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-22 15:15 - 2015-11-21 22:34 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-22 10:21 - 2015-11-22 11:22 - 00000000 ____D C:\Users\Filip\AppData\Local\Packages
2016-11-21 21:39 - 2016-09-30 09:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-21 21:39 - 2015-11-21 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-21 21:37 - 2016-09-30 09:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-21 21:37 - 2016-09-30 09:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-21 21:00 - 2016-10-09 15:17 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-21 20:23 - 2015-11-21 22:42 - 00000000 ____D C:\Users\Filip\AppData\Local\Sony
2016-11-21 20:23 - 2015-11-21 22:40 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Sony
2016-11-21 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2016-11-21 19:07 - 2015-11-21 22:40 - 00015928 _____ C:\WINDOWS\system32\--traceoff
2016-11-21 17:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-21 16:23 - 2016-03-23 15:32 - 00000000 ____D C:\Users\Filip\Desktop\Turnov TV
2016-11-21 16:21 - 2015-11-24 13:08 - 00000000 ____D C:\Users\Filip\AppData\Local\Microsoft Help
2016-11-21 16:20 - 2016-09-30 19:02 - 00000000 ___DC C:\WINDOWS\Panther
2016-11-21 16:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-21 16:13 - 2015-11-21 21:39 - 00000000 ____D C:\ProgramData\Avg
2016-11-21 16:13 - 2015-11-21 21:39 - 00000000 ____D C:\Program Files (x86)\AVG
2016-11-21 16:13 - 2015-11-21 21:36 - 00000000 ____D C:\Users\Filip\AppData\Local\AvgSetupLog
2016-11-21 16:13 - 2015-11-21 21:36 - 00000000 ____D C:\Users\Filip\AppData\Local\Avg
2016-11-19 16:02 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-19 16:01 - 2016-08-12 09:51 - 00000000 ____D C:\Users\Filip\AppData\Local\Bluestacks
2016-11-19 15:16 - 2015-11-22 12:37 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-11-19 14:09 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-17 20:30 - 2016-10-05 08:49 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-17 20:30 - 2016-10-05 08:48 - 00004002 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 20:30 - 2016-10-05 08:48 - 00003974 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 20:30 - 2016-10-05 08:48 - 00003938 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 20:30 - 2016-10-05 08:48 - 00003912 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 20:30 - 2016-10-05 08:48 - 00003750 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 20:30 - 2016-10-05 08:48 - 00003708 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-17 17:00 - 2016-03-07 21:34 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-17 03:06 - 2016-09-28 18:54 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 08761376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-17 03:06 - 2016-09-28 18:54 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-11-17 03:06 - 2016-09-28 18:54 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-16 15:03 - 2016-02-20 20:22 - 00000361 _____ C:\Users\Filip\AppData\LocalLow\QuickTime.qtp
2016-11-12 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-12 12:45 - 2015-11-22 12:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-12 12:45 - 2015-11-22 12:33 - 00000000 ____D C:\ProgramData\Skype
2016-11-12 12:44 - 2016-09-30 09:03 - 05014520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-12 12:44 - 2015-11-22 11:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-11 15:49 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 18:21 - 2015-11-22 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-10 18:19 - 2015-11-22 12:11 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 15:20 - 2015-11-27 16:04 - 00000000 ____D C:\Users\Filip\Documents\OFX Presets
2016-11-05 19:01 - 2015-11-22 11:43 - 00000000 ____D C:\Program Files\Nahimic
2016-11-05 18:14 - 2015-12-05 11:21 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Audacity
2016-11-03 21:12 - 2016-09-30 09:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-11-03 21:12 - 2016-09-30 09:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-11-03 21:12 - 2015-11-22 11:40 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-03 19:43 - 2015-07-10 12:04 - 00000230 _____ C:\WINDOWS\win.ini
2016-11-02 10:43 - 2016-09-18 19:18 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-02 10:43 - 2015-11-21 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-10-29 00:56 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 22:56 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-28 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-25 21:21 - 2016-10-05 08:49 - 01854008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-10-25 21:21 - 2016-10-05 08:49 - 01756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-10-25 21:21 - 2016-10-05 08:49 - 01318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-10-25 21:21 - 2016-10-05 08:49 - 00121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-10-25 21:21 - 2016-10-05 08:48 - 01454136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-10-25 21:21 - 2016-07-22 16:37 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== Files in the root of some directories =======

2016-09-30 09:03 - 2016-09-30 09:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-19 10:32

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by Filip (24-11-2016 12:00:20)
Running from C:\Users\Filip\Desktop
Windows 10 Enterprise Version 1607 (X64) (2016-09-30 08:09:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1168380901-2450625125-913325223-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1168380901-2450625125-913325223-503 - Limited - Disabled)
Filip (S-1-5-21-1168380901-2450625125-913325223-1001 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-1168380901-2450625125-913325223-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\uTorrent) (Version: 3.4.9.42923 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Audition CS5.5 (HKLM-x32\...\{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (Version: 2.3.701 - Nahimic) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AudioLaunchpadConfigurator (Version: 2.3.701 - Nahimic) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.111.2.45832 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.62.2.46691 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.62.4 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Charity Engine (HKLM-x32\...\{7309D717-F38D-436D-9537-066AA0AC7639}) (Version: 7.0.80 - Charity Engine)
CheckDevicesConfigurator (Version: 2.3.701 - Nahimic) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4274 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1095 - Rivet Networks)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LaCie Desktop Manager 2.7.0 (HKLM-x32\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 2.7.0 - LaCie)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LauncherSetup (Version: 2.3.701 - Nahimic) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Nahimic 2 (HKLM-x32\...\{51d850bf-aca6-4eac-b215-2792260adafd}) (Version: 2.3.7 - Nahimic)
Nahimic2UISetup (Version: 2.3.701 - Nahimic) Hidden
Neat Video v3.1.0 Pro plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version: - Neat Video team, ABSoft)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 375.95 (Version: 375.95 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
ProductDaemonSetup (Version: 2.3.701 - Nahimic) Hidden
ProductNSConfigurator (Version: 2.3.701 - Nahimic) Hidden
QuickTime (HKLM-x32\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SonicMapperConfigurator (Version: 2.3.701 - Nahimic) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Spotify (HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
UIInstallUpgrade (Version: 2.3.701 - Nahimic) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.60.1 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03ECA4FC-1ABE-4F12-8619-6D02CCF6E209} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {04A23F5D-6004-4D73-A42F-002B7C99C50B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-11-10] (Microsoft Corporation)
Task: {05743780-0E71-4317-9D88-761096FEAC01} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-11-02] (AVG Technologies CZ, s.r.o.)
Task: {07BB1541-E23E-4C59-8E9B-AC81FA686F6E} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
Task: {10C48AB8-B5EE-4C07-8B3A-CC21B22CBD5E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {233DFF35-0B42-486A-A818-292097703636} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe
Task: {6BF8BF54-A3AA-4461-B071-78B911C9BE81} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {7CD70E90-D69F-4E2C-8246-ED859ADCF5DC} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2016-10-07] ()
Task: {7F7C627C-211E-46CA-9C5E-61779787A986} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2016-10-07] ()
Task: {866FDF68-B9D5-4202-B204-3BF5B779945A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {8AA650FD-AC74-4EF7-8E3A-A1BE30A94E1B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {9881BCB4-E996-4D68-A6DD-93FD9F9C30B3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {99CC5BF5-1387-42C9-91F9-2FC32159ABB2} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2016-10-07] ()
Task: {A6C22402-E33E-4EA3-BBC8-ECE74002ABD3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {AB7154BF-2D68-46E0-A924-1E9AC9C56075} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {BEC764F4-0C9A-4FDA-B71F-B7D5822BA583} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
Task: {F159AA9A-367C-4286-8F93-0B3CEA279A24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=2b3ab7fcfea9b9e2f9c14d8d034a712b0583284b --app-window-size=1920,1080

==================== Loaded Modules (Whitelisted) ==============

2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 08:48 - 2016-10-25 21:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-05 08:48 - 2016-10-25 21:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-05 08:49 - 2016-10-25 21:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-02 13:10 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-21 20:13 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-02 13:10 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-03 19:57 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\Filip\AppData\Roaming\Seznam.cz\bin\25034libfoxloader-x64.dll
2016-10-07 16:27 - 2016-10-07 16:27 - 00200888 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2016-10-07 16:27 - 2016-10-07 16:27 - 00272568 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2016-10-02 13:10 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-30 09:14 - 2016-09-30 09:14 - 01864384 _____ () C:\Users\Filip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2016-09-30 19:00 - 2016-09-30 19:00 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-10 18:41 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-10 18:40 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 18:41 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 18:40 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 18:40 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 18:40 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-07 16:24 - 2016-10-07 16:24 - 00693432 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2016-10-07 16:25 - 2016-10-07 16:25 - 02024632 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2016-10-07 16:28 - 2016-10-07 16:28 - 00495288 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2016-11-17 10:09 - 2016-11-17 10:14 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 10:09 - 2016-11-17 10:14 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 10:09 - 2016-11-17 10:14 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-11-23 10:11 - 2016-11-23 10:17 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 10:11 - 2016-11-23 10:17 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-16 11:20 - 2016-08-16 11:21 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 10:11 - 2016-11-23 10:17 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 10:11 - 2016-11-23 10:17 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2015-11-21 21:52 - 2016-10-25 21:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-05 08:48 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-05 08:48 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-05 08:48 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-05 08:48 - 2016-10-25 21:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-05 08:48 - 2016-10-25 21:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-05 08:48 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-05 08:48 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-05 08:48 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-05 08:48 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-07 16:21 - 2016-10-07 16:21 - 00250552 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-10-07 16:23 - 2016-10-07 16:23 - 00175800 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2016-10-05 08:48 - 2016-10-25 21:20 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2016-11-23 23:18 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1168380901-2450625125-913325223-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.20.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKU\S-1-5-21-1168380901-2450625125-913325223-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{EC5B6F08-5C4F-4696-B622-76D080E1F719}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\filip\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{155CA760-1DE4-4C30-84D3-6A9B44C6D478}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\filip\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6CC6AA7E-D6ED-4F78-9329-3A61DA4992C6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{EE50F13C-9490-47A0-89FE-83B862C64F1B}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{36FF03EA-24F6-4141-AE87-1057F327D8B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{183386B3-6743-4FF3-BF95-FC1A0BAE06BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF35A6F8-E588-4D31-9C3C-02398ECF554E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7F40BBDB-0C9E-4628-B2F7-C5B6F49E0563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75F7C467-7C4B-4512-9251-0BC95867C318}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{A847E47A-388D-4683-A9EB-3A6E14FA0F15}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8B72E02D-7294-455C-BD8E-8300B9F425DC}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{673EC04E-26B6-4B75-B91F-42AB27C159DA}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{029B0BC2-4C27-49ED-A286-DD4869E71CF0}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{30A0DAE7-1C24-4C3F-8AFD-A4979DCEF5FD}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{25C0BB4B-146C-4A70-B4AA-2670B1DAB7CF}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{F85A39B9-BC94-4FF0-9802-79D8BAB6EEFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{891999BC-2DE2-4B15-BEAC-84FA5AF4E147}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C51FB967-DD18-4FDA-AF3C-677E5A36B540}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DDBA7414-8A9D-4992-9793-DDA22293FB43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{610B520B-A7EA-493D-B121-5A24BB26B60B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1B002392-45F1-42FA-9E6F-E7B9F4E4A54B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{57B80097-28BE-421F-97FE-BCDBEFD1F5A9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F96B40A9-B2C4-4825-902B-C2FF5C6D58FF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{F89ACD10-04A6-41A7-9D9E-77CFEB9F5BBC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{A67C1E53-164C-4CCC-99D9-E697B5F7FFF4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{44C7EF48-1293-4487-A1FA-28A72E8A5324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{AA1137CE-278E-400D-B9B5-B31FE6914AF5}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\filip\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C607E321-93B9-4C7E-84E4-17FE21172B0E}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\filip\appdata\roaming\utorrent\utorrent.exe

==================== Restore Points =========================

23-11-2016 23:17:18 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2016 11:50:56 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2016 11:50:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2016 11:50:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2016 11:50:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2016 10:26:42 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (11/24/2016 10:25:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007139F
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2016 10:25:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007139F
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/23/2016 11:58:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/23/2016 11:58:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007139F
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/23/2016 11:17:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (11/24/2016 10:26:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/24/2016 12:11:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avgsvc bylo dosaženo časového limitu (30000 ms).

Error: (11/23/2016 11:58:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (11/23/2016 11:58:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/23/2016 11:47:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2016 11:47:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2016 11:47:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2016 11:47:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2016 11:47:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2016 09:51:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
a APPID
{7006698D-2974-4091-A424-85DD0B909E23}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2016-11-24 11:58:36.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:58:36.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:58:17.364
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:58:17.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.294
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.288
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.278
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 11:49:28.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 17%
Total physical RAM: 16323.63 MB
Available physical RAM: 13545.34 MB
Total Virtual: 18755.63 MB
Available Virtual: 15557.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:41.71 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:770.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 111.8 GB) (Disk ID: 07958678)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 1863 GB) (Disk ID: 4746162C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

AVG PC TuneUp -- odinstalovat , třeba pomocí CCleaner--nástroje. Nebo Revo Uninstaller

C:\Program Files (x86)\Temp --- mrkni se , co je v té složce.

PC stále pomalý.

FRST

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by Filip (25-11-2016 10:40:30) Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1168380901-2450625125-913325223-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
C:\ProgramData\DP45977C.lfl
Task: {10C48AB8-B5EE-4C07-8B3A-CC21B22CBD5E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1168380901-2450625125-913325223-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKCR\PROTOCOLS\Handler\WSISVCUchrome" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10C48AB8-B5EE-4C07-8B3A-CC21B22CBD5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10C48AB8-B5EE-4C07-8B3A-CC21B22CBD5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73031175 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 72970 B
Edge => 43162 B
Chrome => 495500874 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11482 B
NetworkService => 0 B
Filip => 11151832 B

RecycleBin => 0 B
EmptyTemp: => 553.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:40:45 ====

AVG PC TuneUp odinstalováno

C:\Program Files (x86)\Temp - nenalezeno, ani to nevidím ani to pc nenajde.