Prosím o kontrolu logu, PC nefunguje Vyřešeno

[mgilan]

tady je mbam:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12. 1. 2016
Čas skenování: 13:49
Protokol:
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2016.01.12.05
Databáze rootkitů: v2016.01.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: učitel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 375444
Uplynulý čas: 14 min, 5 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Reklama]

[mgilan]

a tady je HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:07, on 12. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
C:\Users\učitel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\učitel\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\učitel\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe
C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\učitel\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\učitel\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\učitel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\učitel\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skitch] C:\Program Files (x86)\Evernote\Skitch\Skitch.exe -start-on-hide
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\učitel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe

--
End of file - 15069 bytes

[mgilan]

log FRST:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by učitel (2016-01-12 15:00:28)
Running from C:\Users\učitel\Desktop
Windows 10 Home (X64) (2016-01-05 03:53:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1410552932-3896170908-3864751245-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1410552932-3896170908-3864751245-503 - Limited - Disabled)
Guest (S-1-5-21-1410552932-3896170908-3864751245-501 - Limited - Disabled)
nový (S-1-5-21-1410552932-3896170908-3864751245-1007 - Limited - Enabled)
učitel (S-1-5-21-1410552932-3896170908-3864751245-1001 - Administrator - Enabled) => C:\Users\učitel
work (S-1-5-21-1410552932-3896170908-3864751245-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AutoCAD 2016 – Čeština (Czech) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.9 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.68.3 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.69 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Ovládací panel NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.787.787.111213 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0235 - REALTEK Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skitch (HKLM-x32\...\Skitch 2.3.0.159) (Version: 2.3.0.159 - Evernote Corp.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_EN_is1) (Version: 18.0.1.6 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {095CD17F-608C-4089-A10F-614DD3F94FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0D733ADD-6278-44F1-956A-8E0EB1DD865B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1E8C9179-A706-4C4E-B5CF-5FAC9D38BE69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1F4B2DE9-BF65-48DD-A0FB-FE8F29CAEBEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1FFB181C-3DA2-4F2C-9C6E-C640BD73A9E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {21A5041D-9F81-4880-8968-998FA640D5F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {282A07B2-CD73-4710-834A-BC23D336B061} - System32\Tasks\Opera scheduled Autoupdate 1452002218 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {32EFEE81-324B-4EAB-8D01-A3A74ABD8BA6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3E6AB912-DEBC-4A97-BFE3-00A80A7B7EB4} - System32\Tasks\wpiayzmq => C:\Program Files\Common Files\x4ksfcfy\d031cxo0ubw2r.exe [2016-01-06] () <==== ATTENTION
Task: {48305F64-032B-4C06-A5B1-D959D9C0E33D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {56BBFC07-EC5A-43CA-BFBB-8CD5087BC7EF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5D1064EC-5B8D-41AB-88AC-10F0B8ED5ADB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {603F6D83-E2BB-4813-A228-D6B776F3D38E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {62C0D9CE-4074-4CCE-9F5C-64EE25F57C22} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {76B7EB47-76BC-4A22-A08E-CE4D7439828A} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-19] (Lenovo)
Task: {78A4E32A-1E89-4A41-B77A-3979A01A9144} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8A92A431-900D-45E4-BD76-4287EDCA8F9E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8BD95AAA-311A-48B7-840E-A56054650502} - System32\Tasks\2dojma01 => C:\Program Files\Common Files\zpxqa5to\a7440133l0cz0.exe [2016-01-06] () <==== ATTENTION
Task: {94C26B4B-8A1A-4EFD-9346-F348C1E4E15C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9AC7BAB7-A4FA-40BB-AB9F-14410CF43C59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9DDADEAF-FC10-4F72-8CCA-E6ECC525FA49} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {AA0C44DA-1BB8-4140-9C49-DC58B35B891E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B12846AA-EE41-4FE3-8359-23ED363D9D29} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C40E0CCE-C865-4439-AC21-6084116BACA4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C827BBF1-B092-4366-820B-1641717E4FBF} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {E50D97B0-E0B4-4272-A000-540C0FEB2538} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {EBB0BB7E-033A-40EC-BCFC-F96BC92523BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-31] (Microsoft Corporation)
Task: {EEBA3D8E-2D77-430E-A622-EE78D8DE13C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {F6A9C522-BBFC-423A-A972-3E9120CD139F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-19 17:35 - 2014-08-19 17:35 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-19 17:41 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-25 18:14 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\15715libfoxloader-x64.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-06 08:34 - 2016-01-06 08:35 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-08-19 16:58 - 2014-02-26 04:13 - 00053248 _____ () C:\windows\SysWOW64\UMonit64.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2014-08-19 17:35 - 2014-08-19 17:35 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-08-19 17:35 - 2014-08-19 17:35 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-03-26 20:50 - 2014-08-19 17:49 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-08-19 17:44 - 2014-08-19 17:44 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-12-25 18:14 - 2015-05-26 12:38 - 00457384 _____ () C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-12-25 18:14 - 2015-05-26 12:36 - 00073896 _____ () C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-01-27 21:23 - 2015-01-27 21:23 - 00232328 _____ () C:\Program Files\Autodesk\Autodesk Sync\qjson_Ad_0.dll
2015-01-27 21:23 - 2015-01-27 21:23 - 00048520 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2015-01-27 21:23 - 2015-01-27 21:23 - 00059784 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2015-01-27 21:23 - 2015-01-27 21:23 - 00922504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00151040 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOfficeAddin.CZE
2016-01-11 14:04 - 2015-11-17 03:33 - 00103968 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-01-11 14:04 - 2015-11-17 03:33 - 00055328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-01-06 08:34 - 2016-01-06 08:35 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-06 08:34 - 2016-01-06 08:35 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-08-19 17:44 - 2014-08-19 17:44 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2015-12-25 18:14 - 2015-05-26 12:37 - 00078504 _____ () C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\15712libfoxloader.dll
2014-08-19 17:35 - 2014-08-19 17:35 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2014-08-19 17:35 - 2014-08-19 17:35 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2015-12-25 18:14 - 2015-05-26 12:38 - 00862888 _____ () C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-01-12 14:51 - 2016-01-12 14:51 - 00098816 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32api.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00110080 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\pywintypes27.dll
2016-01-12 14:51 - 2016-01-12 14:51 - 00364544 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\pythoncom27.dll
2016-01-12 14:51 - 2016-01-12 14:51 - 00046080 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_socket.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 01208320 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_ssl.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00320512 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32com.shell.shell.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00776704 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_hashlib.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 01176576 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._core_.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00806400 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._gdi_.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00816128 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._windows_.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 01067008 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._controls_.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00733184 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._misc_.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00682496 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\pysqlite2._sqlite.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00088064 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_ctypes.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00119808 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32file.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00108544 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32security.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00007168 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\hashobjs_ext.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00017920 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\thumbnails_ext.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00079360 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\usb_ext.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00167936 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32gui.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00018432 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32event.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00128512 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_elementtree.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00127488 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\pyexpat.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00013824 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\common.time34.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00036864 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_psutil_windows.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00038912 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32inet.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00525640 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\windows._lib_cacheinvalidation.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00011264 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32crypt.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00077312 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._html2.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00027136 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_multiprocessing.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00020480 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\_yappi.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00035840 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32process.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00686080 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\unicodedata.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00123392 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._wizard.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00024064 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32pipe.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00010240 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\select.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00025600 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32pdh.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00017408 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32profile.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00022528 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\win32ts.pyd
2016-01-12 14:51 - 2016-01-12 14:51 - 00078848 _____ () C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602\wx._animate.pyd
2014-08-19 16:52 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-12 14:51 - 2015-11-17 03:33 - 00103968 _____ () C:\Users\učitel\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-01-12 08:40 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\učitel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{95C4CDFB-7EAD-4669-B089-B6B1D2FE75D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CA9589C8-CA49-4476-A8CE-0329FBC312FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{445E74D4-36DD-4239-B895-E3D34D45E177}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F2EA7ECE-8BFD-45D1-80C3-9AF1C879BC4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{52FECA5E-1BFB-4F08-A75F-BEEA402E372F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{316D1191-BF40-47F3-8800-E1210B5A06A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA690ED0-89A0-4307-8896-78DA1D4BB29F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{359A98A6-2747-4D1F-8DAF-09A7AD8E1BAC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{10C38170-7371-4996-9A83-22CAFB005C8E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{5F21D9AE-00FB-42BE-AE4B-D9C4E34EB78A}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{2CE2D736-87FC-4E27-B577-031A8F03F21C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{0EC66E2F-A60D-4EFD-B1EC-908472FDCC81}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D49E21CF-2C4E-4CBB-9E68-5D30F5CA5930}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{36003728-C171-45AA-8354-605200EE7875}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{2BC687C9-8CC5-436C-A8BA-01996273B154}] => (Allow) LPort=55100
FirewallRules: [{79FD62F6-91D5-41FD-BE68-04A12FFBEA96}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{087CB3FD-8D71-45EC-A34E-0508CC221252}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe
FirewallRules: [TCP Query User{B5010D3E-86A0-4AE8-9E9D-01E72A847AD1}C:\users\učitel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\učitel\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A69C0D88-6F76-47CF-95D6-698ED590A461}C:\users\učitel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\učitel\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3E22CB28-E70F-48A4-9044-B85EC69FB10C}] => (Allow) LPort=50248

==================== Restore Points =========================

05-01-2016 11:10:32 Instalováno Realtek Ethernet Controller Driver
06-01-2016 14:15:13 Installed Adobe Acrobat DC.
11-01-2016 11:26:38 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/12/2016 02:52:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x12e8
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x1634
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x1d7c
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x1248
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (01/12/2016 02:47:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/12/2016 02:47:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/12/2016 02:47:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/12/2016 02:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.35, časové razítko: 0x566503dc
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.35, časové razítko: 0x566505e8
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fcc8b
ID chybujícího procesu: 0x20ac
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5


System errors:
=============
Error: (01/12/2016 02:53:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/12/2016 02:47:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_76fe4 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/12/2016 02:47:57 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: CortanaUI

Error: (01/12/2016 02:47:55 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: CortanaUI

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/12/2016 02:47:52 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


CodeIntegrity:
===================================
Date: 2016-01-12 13:43:05.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-12 13:43:05.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-12 08:30:47.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-11 14:08:14.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-11 13:39:19.965
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-11 13:39:19.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-10 19:28:43.484
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-10 19:28:43.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-08 21:40:44.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 13:35:27.349
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 60%
Total physical RAM: 4004.01 MB
Available physical RAM: 1592.27 MB
Total Virtual: 5412.01 MB
Available Virtual: 2742.3 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:422.87 GB) (Free:345.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.67 GB) NTFS
Drive f: (FL 2016) (Removable) (Total:0.94 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2E09F925)

Partition: GPT.

========================================================
Disk: 1 (Size: 965 MB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[mgilan]

druhý log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by učitel (administrator) on LENOVO-PC (12-01-2016 14:58:57)
Running from C:\Users\učitel\Desktop
Loaded Profiles: učitel (Available Profiles: učitel)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(© 2015 Microsoft Corporation) C:\Users\učitel\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Akamai Technologies, Inc.) C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Autodesk Inc.) C:\Users\učitel\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_95e4f9a171a1ad95\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3742112 2015-09-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek semiconductor)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [396688 2015-07-17] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-19] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-19] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-08-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1856184 2015-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [BingSvc] => C:\Users\učitel\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-22] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4739392 2013-12-31] (Evernote)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\učitel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [Akamai NetSession Interface] => C:\Users\učitel\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\RunOnce: [Uninstall C:\Users\u**itel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{728031b1-d26c-4f23-99f5-1e540e9f9f48}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e2f718e2-ad7e-42ca-99f7-9a59a8706d09}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {0370B177-5839-4931-826C-B5AAD2546DE6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {15C48A23-3C3C-431B-9392-27282649E337} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {172C7945-F360-4880-91CA-6725C737121D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4039705D-4597-4C4F-ABCF-340B1A192FA5} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4847FB56-D0BA-4FCE-927D-C4EED7487349} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {848970A5-AD9C-41AE-B19E-B86210D14AFE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {B722290B-606C-40A9-8CD5-AFD251EF5229} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {C0822CD8-6816-413A-A88D-29DE76534126} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-10-22] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-01-06] [not signed]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-12]
CHR Extension: (Dokumenty Google) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-12]
CHR Extension: (Disk Google) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Vyhledávání Google) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-12]
CHR Extension: (Bing) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-01-12]
CHR Extension: (Tabulky Google) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-12]
CHR Extension: (Excel Online) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2016-01-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-12]
CHR Extension: (Gmail) - C:\Users\učitel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-09-23] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-19] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-19] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-19] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-08-19] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-08-19] (Lenovo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-08-19] (Lenovo)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [30808 2015-09-23] (ELAN Microelectronic Corp.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [615728 2015-06-04] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 14:58 - 2016-01-12 15:00 - 00027590 _____ C:\Users\učitel\Desktop\FRST.txt
2016-01-12 14:58 - 2016-01-12 14:58 - 00000000 ____D C:\FRST
2016-01-12 14:54 - 2016-01-12 14:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\učitel\Downloads\HijackThis.exe
2016-01-12 13:19 - 2016-01-12 13:19 - 00000000 ____D C:\Users\učitel\Downloads\Výkresy_překlad-2016-01-12
2016-01-12 13:16 - 2016-01-12 13:17 - 06726447 _____ C:\Users\učitel\Downloads\Výkresy_překlad-2016-01-12.zip
2016-01-12 13:15 - 2016-01-12 13:25 - 00000000 ____D C:\Users\učitel\Desktop\komplet
2016-01-12 12:53 - 2016-01-12 12:53 - 00001040 _____ C:\Users\učitel\Desktop\Adobe Lightroom.lnk
2016-01-12 12:53 - 2016-01-12 12:53 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-01-12 12:52 - 2016-01-12 12:52 - 00000000 ____D C:\Program Files\Adobe
2016-01-12 12:51 - 2016-01-12 12:51 - 00001630 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-01-12 12:51 - 2016-01-12 12:51 - 00001618 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-01-12 12:23 - 2016-01-12 12:23 - 00000000 ____D C:\Users\učitel\AppData\Local\NetworkTiles
2016-01-12 11:04 - 2016-01-12 11:05 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-12 10:27 - 2016-01-12 10:27 - 03674910 _____ () C:\Program Files\Common Files\lpj4zi1p.exe
2016-01-12 10:27 - 2016-01-12 10:27 - 03674910 _____ () C:\Program Files\Common Files\bafqgk2k.exe
2016-01-12 10:15 - 2016-01-12 14:58 - 02370560 _____ (Farbar) C:\Users\učitel\Desktop\FRST64.exe
2016-01-12 09:07 - 2016-01-12 09:07 - 00000000 ____D C:\Users\učitel\AppData\Local\ActiveSync
2016-01-12 09:00 - 2016-01-12 08:39 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-01-12 08:37 - 2016-01-12 08:57 - 00000000 ____D C:\zoek_backup
2016-01-12 08:36 - 2016-01-12 08:37 - 01309184 _____ C:\Users\učitel\Desktop\zoek.exe
2016-01-11 14:05 - 2016-01-11 14:05 - 00000000 ____D C:\Users\učitel\Documents\Autodesk Application Manager
2016-01-11 14:02 - 2016-01-11 14:02 - 00002087 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-01-11 13:52 - 2016-01-11 13:52 - 00002168 _____ C:\Users\Public\Desktop\Autodesk ReCap 2016.lnk
2016-01-11 13:52 - 2016-01-11 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016
2016-01-11 13:52 - 2016-01-11 13:52 - 00000000 ____D C:\ProgramData\FARO
2016-01-11 13:39 - 2016-01-11 14:01 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-01-11 13:38 - 2016-01-11 13:38 - 00002198 _____ C:\Users\Public\Desktop\AutoCAD 2016 – Čeština (Czech).lnk
2016-01-11 13:37 - 2016-01-12 11:04 - 00000000 ____D C:\Users\učitel\AppData\Local\Autodesk
2016-01-11 13:37 - 2016-01-11 13:37 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-01-11 13:36 - 2016-01-11 13:36 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-01-11 13:35 - 2016-01-11 13:35 - 00000000 ____D C:\Users\učitel\Documents\Inventor Server SDK ACAD 2016
2016-01-11 13:33 - 2016-01-11 13:33 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2016-01-11 13:07 - 2016-01-11 14:04 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-01-11 13:07 - 2016-01-11 14:01 - 00000000 ____D C:\Program Files\Autodesk
2016-01-11 13:02 - 2016-01-11 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-01-11 13:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-01-11 13:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-01-11 13:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-01-11 13:00 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-01-11 13:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-01-11 13:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-01-11 13:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-01-11 13:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-01-11 13:00 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-01-11 13:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-01-11 13:00 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-01-11 13:00 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-01-11 13:00 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-01-11 13:00 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-01-11 13:00 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-01-11 13:00 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-01-11 13:00 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-01-11 13:00 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-01-11 12:13 - 2016-01-11 23:35 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-11 12:13 - 2016-01-11 12:13 - 00036608 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-11 12:05 - 2016-01-12 11:05 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Autodesk
2016-01-11 12:05 - 2016-01-12 11:05 - 00000000 ____D C:\ProgramData\Autodesk
2016-01-11 12:00 - 2016-01-11 12:01 - 00000000 ____D C:\Users\učitel\AppData\Local\Akamai
2016-01-11 12:00 - 2016-01-11 12:00 - 00000000 ____D C:\Autodesk
2016-01-11 11:58 - 2016-01-11 12:13 - 25044040 _____ C:\Users\učitel\Desktop\RogueKillerX64.exe
2016-01-11 11:11 - 2016-01-11 11:26 - 01600184 _____ (Malwarebytes) C:\Users\učitel\Desktop\JRT.exe
2016-01-10 22:38 - 2016-01-10 22:38 - 00000218 _____ C:\Users\učitel\AppData\Local\recently-used.xbel
2016-01-10 22:38 - 2016-01-10 22:38 - 00000000 ____D C:\Users\učitel\AppData\Local\fontconfig
2016-01-10 22:36 - 2016-01-10 22:36 - 00000000 ____D C:\Users\učitel\AppData\Roaming\inkscape
2016-01-10 18:13 - 2016-01-10 18:13 - 00001186 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-10 18:13 - 2016-01-10 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-10 18:13 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-10 18:13 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-10 18:13 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-10 18:02 - 2016-01-11 10:56 - 00000000 ____D C:\AdwCleaner
2016-01-10 17:59 - 2016-01-10 18:02 - 01749504 _____ C:\Users\učitel\Desktop\AdwCleaner.exe
2016-01-08 13:13 - 2016-01-08 13:13 - 00000000 ____D C:\Users\učitel\Downloads\VERSIONS FILM VIDEO PRIMLAND
2016-01-07 11:12 - 2016-01-07 11:12 - 00000110 ____H C:\Users\učitel\Downloads\DSC_1457.JPG.uid-zps
2016-01-07 11:10 - 2016-01-12 12:58 - 00000000 ____D C:\Users\učitel\AppData\Roaming\NVIDIA
2016-01-07 11:02 - 2016-01-07 11:02 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Zoner
2016-01-07 11:02 - 2016-01-07 11:02 - 00000000 ____D C:\Users\učitel\AppData\Local\Zoner
2016-01-07 11:01 - 2016-01-12 14:57 - 00000000 ____D C:\Users\učitel\AppData\Local\CrashDumps
2016-01-07 11:01 - 2016-01-07 11:01 - 00002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk
2016-01-07 11:01 - 2016-01-07 11:01 - 00000000 ____D C:\Program Files\Zoner
2016-01-07 10:30 - 2016-01-07 10:30 - 00000000 ____D C:\Users\učitel\Cropped
2016-01-07 10:29 - 2016-01-07 10:29 - 00000000 ____D C:\Users\učitel\AppData\Roaming\JPEGCrops
2016-01-07 10:16 - 2016-01-07 11:16 - 00000000 ____D C:\Program Files (x86)\JPEGCrops
2016-01-07 10:09 - 2016-01-07 10:26 - 00008192 ____H C:\Users\učitel\Downloads\photothumb.db
2016-01-07 10:06 - 2016-01-12 14:57 - 00000000 ____D C:\Users\učitel\AppData\Roaming\PhotoScape
2016-01-07 10:05 - 2016-01-07 10:06 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-01-07 10:05 - 2016-01-07 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-01-07 08:18 - 2016-01-07 08:18 - 03689844 _____ () C:\Program Files\Common Files\xhuewpt3.exe
2016-01-06 15:55 - 2016-01-06 15:55 - 00000000 ____D C:\Users\učitel\PRIM'LAND - FL 2016
2016-01-06 15:55 - 2016-01-06 15:55 - 00000000 ____D C:\Users\učitel\AppData\Local\CEF
2016-01-06 15:53 - 2016-01-06 15:53 - 00043560 _____ C:\Users\učitel\02 - A.pdf
2016-01-06 15:45 - 2016-01-06 15:45 - 00000000 ____D C:\Users\učitel\AppData\Roaming\FileZilla Server
2016-01-06 14:20 - 2016-01-06 16:01 - 00000000 ____D C:\Users\učitel\AppData\LocalLow\Adobe
2016-01-06 14:19 - 2016-01-12 12:53 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-01-06 14:19 - 2016-01-08 09:59 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-06 14:18 - 2016-01-12 12:58 - 00000000 ____D C:\Users\učitel\AppData\Local\Adobe
2016-01-06 14:17 - 2016-01-09 20:14 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-01-06 14:17 - 2016-01-09 20:14 - 00002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-01-06 14:16 - 2016-01-12 12:58 - 00000000 ____D C:\ProgramData\Adobe
2016-01-06 14:16 - 2016-01-06 14:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-06 14:03 - 2016-01-06 14:03 - 00000000 ____D C:\Users\učitel\AppData\Local\Okidata
2016-01-06 14:00 - 2012-11-06 19:00 - 00167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPPMN025.DLL
2016-01-06 14:00 - 2006-02-21 18:06 - 00039936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPUSB025.DLL
2016-01-06 14:00 - 2005-09-28 21:35 - 00072704 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPE02LOC.DLL
2016-01-06 14:00 - 2005-09-28 21:27 - 00065536 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPSLD025.DLL
2016-01-06 14:00 - 2005-09-12 10:17 - 00039424 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPC02LOC.DLL
2016-01-06 14:00 - 2005-09-12 10:08 - 00039424 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPCLB025.DLL
2016-01-06 14:00 - 2005-09-09 18:39 - 00037376 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPDVA025.DLL
2016-01-06 13:23 - 2016-01-06 13:23 - 00000000 ____D C:\ProgramData\Okidata

[mgilan]

2016-01-06 12:12 - 2016-01-12 09:01 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-06 11:18 - 2016-01-12 14:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-06 11:17 - 2016-01-06 11:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-06 11:01 - 2016-01-06 11:01 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-06 11:01 - 2016-01-06 11:01 - 00000000 ____D C:\Program Files\CCleaner
2016-01-06 10:26 - 2016-01-12 14:45 - 00000000 ____D C:\ProgramData\Airtostrong
2016-01-06 10:26 - 2016-01-06 10:26 - 03679243 _____ () C:\Program Files\Common Files\ioz1v4tz.exe
2016-01-06 10:26 - 2016-01-06 10:26 - 03679243 _____ () C:\Program Files\Common Files\dwld0qoz.exe
2016-01-06 10:26 - 2016-01-06 10:26 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Mozilla
2016-01-06 09:24 - 2016-01-06 09:24 - 00003440 _____ C:\WINDOWS\System32\Tasks\wpiayzmq
2016-01-06 09:24 - 2016-01-06 09:24 - 00000000 ____D C:\Program Files\Common Files\x4ksfcfy
2016-01-06 08:32 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-01-06 08:31 - 2016-01-06 08:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-01-06 08:14 - 2016-01-06 08:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\2dojma01
2016-01-06 08:14 - 2016-01-06 08:14 - 00000000 ____D C:\Program Files\Common Files\zpxqa5to
2016-01-05 14:58 - 2016-01-05 14:58 - 00041472 _____ C:\Users\učitel\AppData\Local\Hexit.dat
2016-01-05 14:57 - 2016-01-06 12:19 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-05 14:57 - 2016-01-05 14:57 - 00003950 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1452002218
2016-01-05 14:57 - 2016-01-05 14:57 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Opera Software
2016-01-05 14:57 - 2016-01-05 14:57 - 00000000 ____D C:\Users\učitel\AppData\Local\Opera Software
2016-01-05 14:38 - 2016-01-08 14:57 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-05 14:03 - 2016-01-05 14:00 - 00000967 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-01-05 13:54 - 2016-01-05 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-01-05 13:54 - 2016-01-05 13:54 - 00000000 ____D C:\Program Files\7-Zip
2016-01-05 13:43 - 2016-01-05 13:45 - 00000000 ____D C:\Users\učitel\Desktop\Adobe Acrobat
2016-01-05 11:57 - 2016-01-05 11:57 - 00000000 ____D C:\Users\učitel\AppData\Local\ElevatedDiagnostics
2016-01-05 11:11 - 2015-05-29 10:14 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-05 11:11 - 2015-05-29 10:14 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-05 08:12 - 2016-01-05 08:12 - 00000020 ___SH C:\Users\učitel\ntuser.ini
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Šablony
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Poslední
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-01-05 04:52 - 2016-01-05 04:52 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-01-05 04:44 - 2016-01-12 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-05 04:36 - 2016-01-06 12:19 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-05 04:36 - 2016-01-05 04:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-01-05 04:36 - 2016-01-05 04:36 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-01-05 04:36 - 2016-01-05 04:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-01-05 04:36 - 2016-01-05 04:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-01-05 04:32 - 2016-01-05 04:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-01-05 04:30 - 2016-01-07 10:30 - 00000000 ____D C:\Users\učitel
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Šablony
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Soubory cookie
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Poslední
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Okolní tiskárny
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Okolní síť
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Nabídka Start
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Dokumenty
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Documents\Obrázky
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Documents\Hudba
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Documents\Filmy
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\Data aplikací
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-01-05 04:30 - 2016-01-05 04:30 - 00000000 _SHDL C:\Users\učitel\AppData\Local\Data aplikací
2016-01-05 04:27 - 2016-01-05 04:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-05 04:27 - 2015-07-23 02:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-05 04:27 - 2015-07-23 02:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-05 04:27 - 2015-07-23 02:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-05 04:27 - 2015-07-22 05:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-05 04:26 - 2016-01-12 14:50 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-05 04:26 - 2016-01-05 04:38 - 00000000 ____D C:\Program Files\Elantech
2016-01-05 04:26 - 2016-01-05 04:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-05 04:26 - 2016-01-05 04:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-05 04:26 - 2016-01-05 04:26 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-05 04:26 - 2016-01-05 04:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-01-05 04:26 - 2016-01-05 04:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01009.Wdf
2016-01-05 04:26 - 2015-07-17 22:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-01-05 04:26 - 2015-07-17 22:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-01-05 04:25 - 2016-01-05 04:32 - 00000000 ____D C:\Program Files\Intel
2016-01-05 04:25 - 2016-01-05 04:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-05 04:24 - 2016-01-05 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-05 04:24 - 2016-01-05 04:24 - 00000000 ____D C:\Program Files\Realtek
2016-01-05 04:23 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-05 04:19 - 2016-01-11 23:37 - 00488824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-05 04:17 - 2016-01-06 11:04 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-05 04:13 - 2016-01-05 04:13 - 00000000 ____D C:\Windows.old
2016-01-05 04:12 - 2016-01-05 04:12 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-05 04:12 - 2016-01-05 04:12 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-01-05 04:12 - 2016-01-05 04:12 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-05 04:12 - 2016-01-05 04:12 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-05 04:12 - 2016-01-05 04:12 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-05 04:12 - 2016-01-05 04:12 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-05 04:12 - 2016-01-05 04:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-05 04:12 - 2016-01-05 04:12 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-01-05 04:12 - 2016-01-05 04:12 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-01-05 04:12 - 2016-01-05 04:12 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-01-05 04:12 - 2016-01-05 04:12 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-01-05 04:12 - 2016-01-05 04:12 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-01-05 04:12 - 2016-01-05 04:12 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-01-05 04:12 - 2016-01-05 04:12 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-01-05 04:12 - 2016-01-05 04:12 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-01-05 04:12 - 2016-01-05 04:12 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll

[mgilan]

2016-01-05 04:11 - 2016-01-05 04:11 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-01-05 04:11 - 2016-01-05 04:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-01-05 04:11 - 2016-01-05 04:11 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-01-05 04:11 - 2016-01-05 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-01-05 04:08 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2016-01-05 04:08 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2016-01-05 04:08 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2016-01-05 04:08 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2016-01-05 04:07 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-01-05 04:07 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-01-05 04:07 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-01-05 04:07 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-01-05 04:07 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-01-05 03:56 - 2016-01-05 03:56 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-01-05 03:54 - 2016-01-05 03:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-01-05 03:54 - 2016-01-05 03:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-01-05 03:54 - 2016-01-05 03:54 - 00000000 ____D C:\Program Files\MSBuild
2016-01-05 03:54 - 2016-01-05 03:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-01-05 03:54 - 2016-01-05 03:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-05 03:53 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-01-05 03:53 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-05 03:53 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-01-05 03:53 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-01-05 03:53 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-01-05 03:53 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-03 15:28 - 2016-01-03 15:28 - 00000000 ____D C:\Users\učitel\Documents\Vlastní šablony Office
2016-01-03 13:09 - 2016-01-12 14:51 - 00000000 ___RD C:\Users\učitel\Disk Google
2016-01-03 13:07 - 2016-01-05 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-27 22:04 - 2016-01-11 08:14 - 00000000 ____D C:\Users\učitel\AppData\Roaming\vlc
2015-12-27 10:27 - 2015-12-27 10:27 - 00001084 _____ C:\Users\učitel\Desktop\WTRAN32 – zástupce.lnk
2015-12-27 10:26 - 2015-12-27 10:26 - 00001084 _____ C:\Users\učitel\Desktop\WDICT32 – zástupce.lnk
2015-12-27 10:23 - 2015-12-27 10:26 - 00000000 ____D C:\Users\učitel\AppData\Roaming\LangSoft
2015-12-27 10:03 - 2015-12-27 10:26 - 00000000 ____D C:\Program Files (x86)\TRANSLAT
2015-12-25 18:15 - 2016-01-07 08:19 - 00002359 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-12-25 18:15 - 2016-01-07 08:19 - 00002359 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-12-25 18:14 - 2015-12-25 18:14 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-25 18:13 - 2016-01-12 14:56 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Seznam.cz
2015-12-25 17:55 - 2015-12-25 17:55 - 00000000 ____D C:\Users\učitel\AppData\Local\Evernote
2015-12-25 17:54 - 2016-01-05 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-12-25 17:54 - 2015-12-25 17:54 - 00000000 ____D C:\Users\učitel\AppData\LocalLow\Evernote
2015-12-25 17:46 - 2016-01-12 13:05 - 00000000 ____D C:\Users\učitel\AppData\Local\Skitch
2015-12-25 17:41 - 2016-01-05 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch
2015-12-25 17:41 - 2015-12-25 17:54 - 00000000 ____D C:\Program Files (x86)\Evernote
2015-12-25 17:40 - 2016-01-06 12:18 - 00001062 _____ C:\Users\učitel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-12-25 17:38 - 2016-01-05 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-25 17:38 - 2015-12-25 17:39 - 00000000 ____D C:\Program Files\Inkscape
2015-12-25 17:37 - 2015-12-25 17:37 - 00000000 ____D C:\Users\učitel\AppData\Local\MicrosoftEdge
2015-12-25 17:35 - 2015-12-25 17:35 - 00000000 ____D C:\Program Files (x86)\VideoLAN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 14:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-12 14:57 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-12 14:55 - 2015-10-30 19:31 - 00752310 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-12 14:55 - 2015-10-30 19:31 - 00151396 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-12 14:55 - 2015-09-21 22:42 - 01774890 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-12 14:50 - 2015-09-23 00:48 - 00000000 __SHD C:\Users\učitel\IntelGraphicsProfiles
2016-01-12 14:50 - 2015-08-18 03:37 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 14:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-12 14:48 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-12 14:42 - 2015-01-14 06:04 - 00004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{85F6BE88-ABAB-4442-9ECC-0DF9FB58F55C}
2016-01-12 14:18 - 2014-08-19 17:56 - 00000000 ____D C:\ProgramData\LU
2016-01-12 12:59 - 2014-12-18 23:41 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Adobe
2016-01-12 12:23 - 2014-12-18 23:41 - 00000000 ____D C:\Users\učitel\AppData\Local\Packages
2016-01-12 08:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-01-12 08:07 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-11 13:34 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-11 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-01-10 19:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-09 19:23 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-07 19:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-06 12:19 - 2014-08-19 17:47 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Transfer.lnk
2016-01-06 12:19 - 2014-08-19 17:44 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartVoiceToast.lnk
2016-01-06 12:18 - 2015-09-23 00:54 - 00002405 _____ C:\Users\učitel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-06 12:18 - 2015-09-23 00:54 - 00000000 ___RD C:\Users\učitel\OneDrive
2016-01-06 12:18 - 2015-08-18 03:00 - 00001283 _____ C:\Users\učitel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2016-01-06 12:10 - 2014-08-19 17:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-01-06 10:47 - 2014-12-18 23:41 - 00000000 ____D C:\Users\učitel\AppData\Local\VirtualStore
2016-01-06 10:26 - 2015-08-18 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-05 13:07 - 2015-08-18 03:34 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-05 11:14 - 2014-08-19 16:56 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-05 08:30 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-01-05 08:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-01-05 08:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-01-05 08:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-05 08:12 - 2015-09-10 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-05 04:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-05 04:53 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-05 04:52 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2016-01-05 04:52 - 2015-09-21 21:44 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2016-01-05 04:52 - 2015-09-21 21:44 - 00019053 _____ C:\WINDOWS\diagerr.xml
2016-01-05 04:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-01-05 04:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-01-05 04:45 - 2015-09-21 22:47 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-01-05 04:45 - 2015-08-18 03:37 - 00003492 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-05 04:44 - 2015-08-18 03:37 - 00003268 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-05 04:44 - 2014-12-18 23:47 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1410552932-3896170908-3864751245-1001
2016-01-05 04:44 - 2014-08-19 17:44 - 00002476 _____ C:\WINDOWS\System32\Tasks\Lenovo Smart Voice
2016-01-05 04:44 - 2014-08-19 17:44 - 00002256 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2016-01-05 04:44 - 2014-08-19 16:58 - 00002404 _____ C:\WINDOWS\System32\Tasks\UMonitor Task
2016-01-05 04:44 - 2014-08-19 16:52 - 00003254 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2016-01-05 04:44 - 2014-08-19 16:52 - 00002876 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2016-01-05 04:44 - 2014-08-19 16:11 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1410552932-3896170908-3864751245-500
2016-01-05 04:43 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-05 04:43 - 2014-08-19 16:52 - 01771468 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-05 04:38 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\ShellNew
2016-01-05 04:38 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-05 04:38 - 2015-08-19 00:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-05 04:38 - 2014-08-19 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2016-01-05 04:38 - 2014-08-19 17:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-01-05 04:38 - 2014-08-19 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-05 04:38 - 2014-08-19 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-01-05 04:38 - 2014-08-19 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-05 04:38 - 2014-08-19 16:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-05 04:36 - 2015-07-10 10:47 - 00000000 ____D C:\Users\Default.migrated
2016-01-05 04:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-01-05 04:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-01-05 04:33 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\OCR
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-05 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-01-05 04:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-01-05 04:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-01-05 04:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-05 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-01-05 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-05 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-05 04:32 - 2014-08-19 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2016-01-05 04:31 - 2014-12-18 23:42 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-05 04:30 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-05 04:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2016-01-05 04:19 - 2015-10-30 19:41 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-01-05 04:17 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-05 04:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-01-05 04:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-05 04:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-05 04:13 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-01-05 04:13 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-01-05 04:06 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-01-05 04:06 - 2015-10-30 19:31 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-01-05 04:06 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-01-05 04:06 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2016-01-05 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-01-05 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-01-05 03:36 - 2015-10-30 20:11 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-03 13:07 - 2015-08-18 03:37 - 00000000 ____D C:\Users\učitel\AppData\Local\Google
2016-01-03 13:07 - 2015-08-18 03:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-31 18:08 - 2015-08-19 00:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-31 18:07 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-31 11:27 - 2015-08-18 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-31 11:21 - 2015-08-18 12:11 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-27 10:33 - 2015-08-18 03:37 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-25 08:04 - 2015-11-22 22:36 - 00000000 ____D C:\Users\učitel\AppData\Roaming\Skype
2015-12-25 08:04 - 2015-11-22 02:07 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2016-01-12 10:27 - 2016-01-12 10:27 - 3674910 _____ () C:\Program Files\Common Files\bafqgk2k.exe
2016-01-06 10:26 - 2016-01-06 10:26 - 3679243 _____ () C:\Program Files\Common Files\dwld0qoz.exe
2016-01-06 10:26 - 2016-01-06 10:26 - 3679243 _____ () C:\Program Files\Common Files\ioz1v4tz.exe
2016-01-12 10:27 - 2016-01-12 10:27 - 3674910 _____ () C:\Program Files\Common Files\lpj4zi1p.exe
2016-01-07 08:18 - 2016-01-07 08:18 - 3689844 _____ () C:\Program Files\Common Files\xhuewpt3.exe
2016-01-05 14:58 - 2016-01-05 14:58 - 0041472 _____ () C:\Users\učitel\AppData\Local\Hexit.dat
2016-01-10 22:38 - 2016-01-10 22:38 - 0000218 _____ () C:\Users\učitel\AppData\Local\recently-used.xbel
2016-01-05 04:25 - 2016-01-05 04:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-11 13:33 - 2016-01-11 13:33 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-05 04:18

==================== End of FRST.txt ============================

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\učitel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\učitel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\učitel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {095CD17F-608C-4089-A10F-614DD3F94FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0D733ADD-6278-44F1-956A-8E0EB1DD865B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1E8C9179-A706-4C4E-B5CF-5FAC9D38BE69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1F4B2DE9-BF65-48DD-A0FB-FE8F29CAEBEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1FFB181C-3DA2-4F2C-9C6E-C640BD73A9E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {32EFEE81-324B-4EAB-8D01-A3A74ABD8BA6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3E6AB912-DEBC-4A97-BFE3-00A80A7B7EB4} - System32\Tasks\wpiayzmq => C:\Program Files\Common Files\x4ksfcfy\d031cxo0ubw2r.exe [2016-01-06] () <==== ATTENTION
Task: {56BBFC07-EC5A-43CA-BFBB-8CD5087BC7EF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5D1064EC-5B8D-41AB-88AC-10F0B8ED5ADB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {78A4E32A-1E89-4A41-B77A-3979A01A9144} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8A92A431-900D-45E4-BD76-4287EDCA8F9E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8BD95AAA-311A-48B7-840E-A56054650502} - System32\Tasks\2dojma01 => C:\Program Files\Common Files\zpxqa5to\a7440133l0cz0.exe [2016-01-06] () <==== ATTENTION
Task: {AA0C44DA-1BB8-4140-9C49-DC58B35B891E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B12846AA-EE41-4FE3-8359-23ED363D9D29} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E50D97B0-E0B4-4272-A000-540C0FEB2538} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {0370B177-5839-4931-826C-B5AAD2546DE6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {15C48A23-3C3C-431B-9392-27282649E337} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {172C7945-F360-4880-91CA-6725C737121D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4039705D-4597-4C4F-ABCF-340B1A192FA5} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4847FB56-D0BA-4FCE-927D-C4EED7487349} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {848970A5-AD9C-41AE-B19E-B86210D14AFE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {B722290B-606C-40A9-8CD5-AFD251EF5229} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {C0822CD8-6816-413A-A88D-29DE76534126} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
C:\Program Files\Common Files\lpj4zi1p.exe
C:\Program Files\Common Files\bafqgk2k.exe
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
C:\Program Files\Common Files\xhuewpt3.exe
C:\WINDOWS\System32\Tasks\wpiayzmq
C:\Program Files\Common Files\x4ksfcfy
C:\WINDOWS\System32\Tasks\2dojma01
C:\Program Files\Common Files\zpxqa5to
C:\Users\učitel\AppData\Local\Hexit.dat
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
2016-01-05 04:45 - 2015-08-18 03:37 - 00003492 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-05 04:44 - 2015-08-18 03:37 - 00003268 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 10:33 - 2015-08-18 03:37 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Common Files\bafqgk2k.exe
C:\Program Files\Common Files\dwld0qoz.exe
C:\Program Files\Common Files\ioz1v4tz.exe
C:\Program Files\Common Files\lpj4zi1p.exe
C:\Program Files\Common Files\xhuewpt3.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[mgilan]

díky, zde je fixlog:


Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by učitel (2016-01-13 08:46:54) Run:1
Running from C:\Users\učitel\Desktop
Loaded Profiles: učitel (Available Profiles: učitel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Task: {095CD17F-608C-4089-A10F-614DD3F94FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0D733ADD-6278-44F1-956A-8E0EB1DD865B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1E8C9179-A706-4C4E-B5CF-5FAC9D38BE69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1F4B2DE9-BF65-48DD-A0FB-FE8F29CAEBEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1FFB181C-3DA2-4F2C-9C6E-C640BD73A9E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {32EFEE81-324B-4EAB-8D01-A3A74ABD8BA6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3E6AB912-DEBC-4A97-BFE3-00A80A7B7EB4} - System32\Tasks\wpiayzmq => C:\Program Files\Common Files\x4ksfcfy\d031cxo0ubw2r.exe [2016-01-06] () <==== ATTENTION
Task: {56BBFC07-EC5A-43CA-BFBB-8CD5087BC7EF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5D1064EC-5B8D-41AB-88AC-10F0B8ED5ADB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {78A4E32A-1E89-4A41-B77A-3979A01A9144} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8A92A431-900D-45E4-BD76-4287EDCA8F9E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8BD95AAA-311A-48B7-840E-A56054650502} - System32\Tasks\2dojma01 => C:\Program Files\Common Files\zpxqa5to\a7440133l0cz0.exe [2016-01-06] () <==== ATTENTION
Task: {AA0C44DA-1BB8-4140-9C49-DC58B35B891E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B12846AA-EE41-4FE3-8359-23ED363D9D29} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E50D97B0-E0B4-4272-A000-540C0FEB2538} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {0370B177-5839-4931-826C-B5AAD2546DE6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {15C48A23-3C3C-431B-9392-27282649E337} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {172C7945-F360-4880-91CA-6725C737121D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4039705D-4597-4C4F-ABCF-340B1A192FA5} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {4847FB56-D0BA-4FCE-927D-C4EED7487349} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {848970A5-AD9C-41AE-B19E-B86210D14AFE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {B722290B-606C-40A9-8CD5-AFD251EF5229} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1410552932-3896170908-3864751245-1001 -> {C0822CD8-6816-413A-A88D-29DE76534126} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
C:\Program Files\Common Files\lpj4zi1p.exe
C:\Program Files\Common Files\bafqgk2k.exe
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
C:\Program Files\Common Files\xhuewpt3.exe
C:\WINDOWS\System32\Tasks\wpiayzmq
C:\Program Files\Common Files\x4ksfcfy
C:\WINDOWS\System32\Tasks\2dojma01
C:\Program Files\Common Files\zpxqa5to
C:\Users\učitel\AppData\Local\Hexit.dat
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
2016-01-05 04:45 - 2015-08-18 03:37 - 00003492 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-05 04:44 - 2015-08-18 03:37 - 00003268 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 10:33 - 2015-08-18 03:37 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Common Files\bafqgk2k.exe
C:\Program Files\Common Files\dwld0qoz.exe
C:\Program Files\Common Files\ioz1v4tz.exe
C:\Program Files\Common Files\lpj4zi1p.exe
C:\Program Files\Common Files\xhuewpt3.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{095CD17F-608C-4089-A10F-614DD3F94FC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{095CD17F-608C-4089-A10F-614DD3F94FC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D733ADD-6278-44F1-956A-8E0EB1DD865B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D733ADD-6278-44F1-956A-8E0EB1DD865B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E8C9179-A706-4C4E-B5CF-5FAC9D38BE69}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E8C9179-A706-4C4E-B5CF-5FAC9D38BE69}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F4B2DE9-BF65-48DD-A0FB-FE8F29CAEBEB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F4B2DE9-BF65-48DD-A0FB-FE8F29CAEBEB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1FFB181C-3DA2-4F2C-9C6E-C640BD73A9E4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FFB181C-3DA2-4F2C-9C6E-C640BD73A9E4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32EFEE81-324B-4EAB-8D01-A3A74ABD8BA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32EFEE81-324B-4EAB-8D01-A3A74ABD8BA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E6AB912-DEBC-4A97-BFE3-00A80A7B7EB4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E6AB912-DEBC-4A97-BFE3-00A80A7B7EB4}" => key removed successfully
C:\WINDOWS\System32\Tasks\wpiayzmq => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wpiayzmq" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56BBFC07-EC5A-43CA-BFBB-8CD5087BC7EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56BBFC07-EC5A-43CA-BFBB-8CD5087BC7EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D1064EC-5B8D-41AB-88AC-10F0B8ED5ADB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D1064EC-5B8D-41AB-88AC-10F0B8ED5ADB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78A4E32A-1E89-4A41-B77A-3979A01A9144}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78A4E32A-1E89-4A41-B77A-3979A01A9144}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A92A431-900D-45E4-BD76-4287EDCA8F9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A92A431-900D-45E4-BD76-4287EDCA8F9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD95AAA-311A-48B7-840E-A56054650502}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD95AAA-311A-48B7-840E-A56054650502}" => key removed successfully
C:\WINDOWS\System32\Tasks\2dojma01 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2dojma01" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA0C44DA-1BB8-4140-9C49-DC58B35B891E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA0C44DA-1BB8-4140-9C49-DC58B35B891E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B12846AA-EE41-4FE3-8359-23ED363D9D29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B12846AA-EE41-4FE3-8359-23ED363D9D29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E50D97B0-E0B4-4272-A000-540C0FEB2538}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E50D97B0-E0B4-4272-A000-540C0FEB2538}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\UITEL~1\AppData\Local\Temp\_MEI75602 => moved successfully
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0370B177-5839-4931-826C-B5AAD2546DE6}" => key removed successfully
HKCR\CLSID\{0370B177-5839-4931-826C-B5AAD2546DE6} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C48A23-3C3C-431B-9392-27282649E337}" => key removed successfully
HKCR\CLSID\{15C48A23-3C3C-431B-9392-27282649E337} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{172C7945-F360-4880-91CA-6725C737121D}" => key removed successfully
HKCR\CLSID\{172C7945-F360-4880-91CA-6725C737121D} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4039705D-4597-4C4F-ABCF-340B1A192FA5}" => key removed successfully
HKCR\CLSID\{4039705D-4597-4C4F-ABCF-340B1A192FA5} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4847FB56-D0BA-4FCE-927D-C4EED7487349}" => key removed successfully
HKCR\CLSID\{4847FB56-D0BA-4FCE-927D-C4EED7487349} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{848970A5-AD9C-41AE-B19E-B86210D14AFE}" => key removed successfully
HKCR\CLSID\{848970A5-AD9C-41AE-B19E-B86210D14AFE} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B722290B-606C-40A9-8CD5-AFD251EF5229}" => key removed successfully
HKCR\CLSID\{B722290B-606C-40A9-8CD5-AFD251EF5229} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0822CD8-6816-413A-A88D-29DE76534126}" => key removed successfully
HKCR\CLSID\{C0822CD8-6816-413A-A88D-29DE76534126} => key not found.
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd" => key removed successfully
"HKU\S-1-5-21-1410552932-3896170908-3864751245-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
C:\Program Files\Common Files\lpj4zi1p.exe => moved successfully
C:\Program Files\Common Files\bafqgk2k.exe => moved successfully
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc => moved successfully
C:\Program Files\Common Files\xhuewpt3.exe => moved successfully
"C:\WINDOWS\System32\Tasks\wpiayzmq" => not found.
C:\Program Files\Common Files\x4ksfcfy => moved successfully
"C:\WINDOWS\System32\Tasks\2dojma01" => not found.
C:\Program Files\Common Files\zpxqa5to => moved successfully
C:\Users\učitel\AppData\Local\Hexit.dat => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\Program Files\Common Files\bafqgk2k.exe" => not found.
C:\Program Files\Common Files\dwld0qoz.exe => moved successfully
C:\Program Files\Common Files\ioz1v4tz.exe => moved successfully
"C:\Program Files\Common Files\lpj4zi1p.exe" => not found.
"C:\Program Files\Common Files\xhuewpt3.exe" => not found.
EmptyTemp: => 147.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 08:47:04 ====

[jaro3]

Co problémy?

[mgilan]

jo, vypadá to že pohoda :)) nic nevyskakuje a tak akorát přeinstaluju ten Adobe , všecko funguje, paráda, děkuju moc

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt


Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[mgilan]

# DelFix v1.011 - Logfile created 13/01/2016 at 13:37:09
# Updated 18/08/2015 by Xplode
# Username : učitel - LENOVO-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\učitel\Desktop\Addition.txt
Deleted : C:\Users\učitel\Desktop\AdwCleaner.exe
Deleted : C:\Users\učitel\Desktop\Fixlog.txt
Deleted : C:\Users\učitel\Desktop\FRST.txt
Deleted : C:\Users\učitel\Desktop\FRST64.exe
Deleted : C:\Users\učitel\Desktop\JRT.exe
Deleted : C:\Users\učitel\Desktop\RogueKillerX64.exe
Deleted : C:\Users\učitel\Desktop\zoek.exe
Deleted : C:\Users\učitel\Downloads\HijackThis.exe
Deleted : C:\Users\učitel\Downloads\hijackthis.log
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

########## - EOF - ##########
# DelFix v1.011 - Logfile created 13/01/2016 at 13:38:55
# Updated 18/08/2015 by Xplode
# Username : učitel - LENOVO-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...


~ Cleaning system restore ...

Deleted : RP #3 [JRT Pre-Junkware Removal | 01/11/2016 10:26:38]
Deleted : RP #4 [Removed Adobe Acrobat DC. | 01/13/2016 08:50:30]

New restore point created !

########## - EOF - ##########