Prosím o kontrolu logu Vyřešeno

[drioton]

2016-09-30 19:00 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 19:00 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 19:00 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 19:00 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 19:00 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 19:00 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 19:00 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 19:00 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 19:00 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 19:00 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 19:00 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 19:00 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 19:00 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 19:00 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 19:00 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 19:00 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 19:00 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 19:00 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 19:00 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 19:00 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 19:00 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 19:00 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 19:00 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 19:00 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 19:00 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 19:00 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 19:00 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 19:00 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 19:00 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 19:00 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 19:00 - 2016-09-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-30 19:00 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 19:00 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 19:00 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 19:00 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 19:00 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 19:00 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 19:00 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 19:00 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 19:00 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 19:00 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 19:00 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 19:00 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 19:00 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-30 19:00 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 19:00 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 19:00 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 19:00 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 19:00 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 19:00 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 19:00 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 19:00 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 19:00 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 19:00 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 19:00 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 19:00 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 19:00 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 19:00 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 19:00 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 19:00 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 19:00 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 19:00 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 19:00 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 19:00 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 19:00 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 19:00 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 19:00 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 19:00 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 19:00 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 19:00 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 19:00 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 19:00 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 19:00 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 19:00 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 19:00 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 19:00 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 19:00 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 19:00 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 19:00 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 19:00 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 19:00 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 19:00 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 19:00 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 19:00 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 19:00 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 19:00 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 19:00 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 19:00 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 19:00 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 19:00 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 19:00 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 19:00 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 19:00 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 19:00 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 19:00 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 19:00 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 19:00 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 19:00 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 19:00 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 19:00 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 19:00 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 19:00 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 19:00 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 19:00 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 19:00 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 19:00 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 19:00 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 19:00 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 19:00 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 19:00 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 19:00 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 19:00 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-30 16:08 - 2016-09-30 16:24 - 00000000 ____D C:\Users\drioton\AppData\Roaming\Opera
2016-09-30 16:07 - 2016-09-30 16:24 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-29 16:32 - 2016-09-29 16:32 - 00000000 ____D C:\Users\drioton\AppData\Roaming\IP Hider Ever
2016-09-28 19:42 - 2016-10-12 13:17 - 00000000 ____D C:\Program Files (x86)\IP Hider Ever
2016-09-27 15:08 - 2016-09-27 15:08 - 00000000 ____D C:\Users\drioton\AppData\Roaming\dvdcss
2016-09-27 14:54 - 2016-10-18 15:01 - 00000000 ____D C:\Users\drioton\Desktop\New folder
2016-09-26 17:38 - 2016-09-26 17:38 - 00000000 ___HD C:\ProgramData\CanonIJScan
2016-09-26 17:37 - 2016-09-27 09:10 - 00000000 ____D C:\Users\drioton\AppData\Roaming\Canon
2016-09-26 17:37 - 2016-09-26 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series
2016-09-26 17:37 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_BBL.dll
2016-09-26 17:37 - 2012-01-26 10:28 - 00081920 _____ C:\WINDOWS\SysWOW64\CNC1764D.TBL
2016-09-26 17:37 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_BBU.dll
2016-09-26 17:37 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2016-09-26 11:55 - 2016-10-09 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-09-26 11:55 - 2016-09-26 11:55 - 00000000 ___HD C:\ProgramData\CanonIJEGV
2016-09-26 11:55 - 2016-09-26 11:55 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2016-09-26 11:53 - 2016-09-26 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series Manual
2016-09-26 11:52 - 2016-09-26 17:37 - 00000000 ____D C:\Program Files (x86)\Canon
2016-09-26 11:39 - 2016-09-26 11:39 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-09-26 11:39 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2016-09-26 11:39 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2016-09-26 11:39 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2016-09-26 11:37 - 2016-09-26 11:37 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-09-26 11:37 - 2016-09-26 11:37 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-09-26 11:37 - 2012-02-08 16:36 - 00363520 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BBL.dll
2016-09-26 11:37 - 2012-01-26 10:28 - 00081920 _____ C:\WINDOWS\system32\CNC1764D.TBL
2016-09-26 11:37 - 2012-01-16 14:21 - 00287744 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BBC.dll
2016-09-26 11:37 - 2012-01-16 14:20 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BBI.dll
2016-09-26 11:37 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2016-09-26 11:36 - 2016-09-26 11:36 - 00000000 ___HD C:\Program Files\CanonBJ
2016-09-26 11:36 - 2012-04-16 05:00 - 00389120 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBB.DLL
2016-09-25 14:33 - 2016-09-25 14:33 - 00000000 ____D C:\VolumeId
2016-09-25 13:42 - 2016-10-06 18:19 - 00000000 ____D C:\Program Files (x86)\Multiecuscan
2016-09-25 11:33 - 2016-09-25 14:38 - 00001465 _____ C:\Users\drioton\pcmscan.cfg
2016-09-25 11:32 - 2016-09-25 11:32 - 00000000 ____D C:\Users\drioton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCMSCAN
2016-09-25 11:32 - 2016-09-25 11:32 - 00000000 ____D C:\Program Files (x86)\PCMSCAN
2016-09-22 20:35 - 2016-09-22 20:35 - 01334784 _____ (CineForm Inc.) C:\WINDOWS\system32\CFHD.dll
2016-09-22 20:35 - 2016-09-22 20:35 - 01119744 _____ (CineForm Inc.) C:\WINDOWS\SysWOW64\CFHD.dll
2016-09-20 11:57 - 2016-09-20 11:57 - 00003678 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser_MyComGames

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-18 21:10 - 2016-07-20 11:32 - 00000000 ____D C:\Users\drioton\AppData\Roaming\vlc
2016-10-18 20:22 - 2016-08-02 23:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-18 17:46 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-18 17:23 - 2016-08-08 13:51 - 00000000 ____D C:\Users\drioton\AppData\Local\GoPro
2016-10-18 15:14 - 2016-08-03 23:08 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C20DA0D-B511-4ABC-AB15-FD6CD10BF203}
2016-10-18 15:12 - 2016-08-08 13:50 - 00000000 ____D C:\Users\Public\CineForm
2016-10-18 14:59 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-18 14:53 - 2016-09-03 18:55 - 01178240 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-18 14:53 - 2016-09-03 18:55 - 00924492 _____ C:\WINDOWS\system32\perfh01B.dat
2016-10-18 14:53 - 2016-09-03 18:55 - 00452556 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-18 14:53 - 2016-09-03 18:55 - 00265834 _____ C:\WINDOWS\system32\perfc01B.dat
2016-10-18 14:53 - 2016-08-02 23:09 - 05038340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-18 14:20 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-18 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-18 14:07 - 2016-08-02 23:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-10-18 14:07 - 2016-07-15 10:03 - 00000000 __SHD C:\Users\drioton\IntelGraphicsProfiles
2016-10-18 12:33 - 2016-08-02 23:15 - 00003470 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-10-18 10:45 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-18 09:45 - 2016-08-02 23:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-18 09:45 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-17 22:16 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-10-17 21:53 - 2016-08-02 23:09 - 00000000 ____D C:\Users\drioton
2016-10-17 21:52 - 2016-08-08 13:50 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-10-17 21:52 - 2016-08-08 13:50 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-10-17 21:52 - 2016-08-08 13:50 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-10-17 21:52 - 2016-08-08 13:50 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-10-16 20:39 - 2016-09-16 00:18 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-16 20:38 - 2016-09-16 00:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-16 20:34 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 21:34 - 2016-09-13 11:48 - 00000000 ____D C:\Users\drioton\AppData\Roaming\ViberPC
2016-10-13 11:19 - 2016-07-15 14:20 - 00000000 ____D C:\Users\drioton\AppData\Local\Comms
2016-10-12 20:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-12 14:04 - 2016-08-11 21:50 - 00000000 ____D C:\ProgramData\SOLIDWORKS
2016-10-12 13:56 - 2016-08-11 21:50 - 00000000 ____D C:\Program Files\SOLIDWORKS Corp
2016-10-12 13:53 - 2016-08-11 21:40 - 00000000 ____D C:\ProgramData\SOLIDWORKS Electrical
2016-10-12 13:44 - 2016-08-24 11:33 - 00000000 ____D C:\Users\drioton\AppData\Local\Package Cache
2016-10-12 13:44 - 2016-08-11 21:36 - 00000000 ____D C:\Users\drioton\Documents\SOLIDWORKS Downloads
2016-10-12 13:44 - 2016-07-15 10:19 - 00000000 ____D C:\Users\drioton\AppData\Local\Packages
2016-10-12 13:39 - 2016-08-31 21:54 - 00000000 ____D C:\Users\drioton\AppData\Roaming\NetBeans
2016-10-12 13:39 - 2016-08-31 21:32 - 00000000 ____D C:\Users\drioton\.nbi
2016-10-12 13:39 - 2016-08-24 14:52 - 00000000 ____D C:\Users\drioton\AppData\Roaming\Notepad++
2016-10-12 13:39 - 2016-08-24 14:52 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-10-12 13:36 - 2016-08-29 21:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-12 13:36 - 2016-08-29 21:03 - 00000000 ____D C:\Users\drioton\AppData\Local\Google
2016-10-12 12:52 - 2016-04-27 08:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 12:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 09:21 - 2016-07-15 10:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 09:17 - 2016-07-15 10:05 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 07:03 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-12 07:02 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 19:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-10-10 20:30 - 2016-08-22 21:11 - 00000000 ____D C:\Users\drioton\AppData\Roaming\AIMP
2016-10-09 19:53 - 2016-08-22 21:11 - 00000000 ____D C:\Program Files (x86)\AIMP
2016-10-04 20:15 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-01 09:47 - 2016-07-14 20:14 - 00000000 ____D C:\Users\drioton\AppData\Local\VirtualStore
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-30 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-30 22:53 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-30 22:53 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-30 22:53 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-29 20:29 - 2016-08-12 17:50 - 00000000 ____D C:\Users\drioton\Documents\Euro Truck Simulator 2
2016-09-29 20:14 - 2016-08-12 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-09-29 20:14 - 2016-08-12 17:49 - 00000000 ____D C:\Program Files\TruckersMP
2016-09-26 17:37 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-09-25 14:27 - 2016-07-14 22:24 - 00000000 ____D C:\Users\drioton\AppData\Roaming\TS3Client
2016-09-24 09:33 - 2016-07-14 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-24 09:11 - 2016-07-14 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Files in the root of some directories =======

2016-08-02 23:03 - 2016-08-02 23:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-16 20:26

==================== End of FRST.txt ============================

[Reklama]

[drioton]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by drioton (18-10-2016 21:17:18)
Running from C:\Users\drioton\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-02 21:20:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1503572120-3979715750-2530224055-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1503572120-3979715750-2530224055-503 - Limited - Disabled)
drioton (S-1-5-21-1503572120-3979715750-2530224055-1000 - Administrator - Enabled) => C:\Users\drioton
Guest (S-1-5-21-1503572120-3979715750-2530224055-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Altap Salamander 3.06 (x64) (HKLM\...\Altap Salamander 3.06 (x64)) (Version: 3.06 - ALTAP)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
Canon MG5400 series On-screen Manual (HKLM-x32\...\Canon MG5400 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Emporea (HKLM\...\Steam App 416450) (Version: - Pixel Federation)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ESET NOD32 Antivirus (HKLM\...\{0A550E73-F1EE-491C-B2D4-7AB832851AB2}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (x32 Version: 1.0.0 - Microsoft) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GoPro Studio (x32 Version: 5.10.4203 - GoPro, Inc.) Hidden
GoProCineFormDecoders 1.2.0 (HKLM-x32\...\GoProCineFormDecoders) (Version: 1.2.0 - CineForm, Inc & GoPro, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 102 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180102}) (Version: 8.0.1020.14 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (x32 Version: 3.0.7.25771 - ANDREA VACONDIO) Hidden
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 sk)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Multiecuscan (HKLM-x32\...\{803D46C0-7CE0-4F62-B85F-E32EA0C56747}) (Version: 2.2 - FES Soft Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Název společnosti:) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PCMSCAN (HKLM-x32\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering)
PowerXpressHybrid (x32 Version: 1.00.0000 - Název společnosti:) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quik (HKLM-x32\...\{cf9c2af2-c9e9-4cf2-a835-62cc01c339d5}) (Version: 2.0.0.4203 - GoPro, Inc.)
Quik (Version: 0.1.4203 - GoPro, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TruckersMP 0.2.1.1.3 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.1.3 Alpha - TruckersMP Team)
uRage Illuminated Driver (HKLM-x32\...\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}) (Version: 1.0 - Hama)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Viber (HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\{d96d3a07-b1fd-4625-b739-627196eb9aac}) (Version: 6.2.0.1306 - Viber Media Inc.)
Viber (x32 Version: 6.2.0.1306 - Viber Media Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Device Recovery Tool 3.9.20701 (HKLM-x32\...\{595ee79e-b90f-4335-8f6c-6d14f26ff5f1}) (Version: 3.9.20701 - Microsoft)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
World of Warships (HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
World Of Warships PublicTest version Alpha (HKLM-x32\...\{253BCA66-CD92-4ECB-A7C3-D67B77923DAE}_is1) (Version: Alpha - Wargaming)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
ZoneAlarm Firewall (x32 Version: 15.0.123.17051 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.0.123.17051 - Check Point)
ZoneAlarm Security (x32 Version: 15.0.123.17051 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1503572120-3979715750-2530224055-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\drioton\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1503572120-3979715750-2530224055-1000_Classes\CLSID\{C78B614C-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13CC4C18-509B-4278-9428-980ED070CDAF} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\drioton\AppData\Local\MyComGames\MyComGames.exe
Task: {22C56ED9-4FE8-4327-9707-FE9C9EB7F570} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BA3CD6B-7B3E-4D96-BA5F-C5B6D6C8A948} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3487B29C-EEF6-48BC-AA8C-0ACE63A2345B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36C2C008-248D-4D2F-9F51-1D192869E0A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {4145349A-AA6B-47C6-AB55-6855A35AE95E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44C0AC46-207B-4770-8E74-20CB62917F35} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48C08203-37AC-473E-9AC0-95D5EFC81AA1} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [2016-09-20] (ESET)
Task: {54A55721-9A78-4522-9BAA-A6A00D516E4D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {54E55D1B-EE56-4AE5-96E8-4B7D3781ABEA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5ABAAD1C-E474-469C-A09E-AA83CC9CB4C9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6E2B60D1-BC5B-4CE8-BD34-145C3FFC5426} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {72B1EDD7-8420-481B-A938-DAE013650B76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {7443C9C3-3DA4-406F-A1E3-BF71FAB284CA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A320299-6FB2-4AF4-8A23-A83F5B7B0BF5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {817FBA32-D0CE-426C-AD2E-501773E2DDDA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8778381C-C4C9-427A-B796-4FF43164C3CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {8BF54F3D-01CF-4EB4-A7B1-F4CD7F8BB4FF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {91C0AA9F-147B-4D88-8E67-A8485204461B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {99B31464-8493-4B15-A6CD-31CAA6E8BEC7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9A8BE4DD-1561-45A5-8903-C2E54BE87923} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0817869-332B-4E60-BB0F-E847899B1CE5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4E523DD-5EC4-4F80-A3B8-6AD24C4B986A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-03] (Advanced Micro Devices, Inc.)
Task: {B9767344-769F-4735-8BF2-4AE8673D581E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2988EC7-93E2-436D-9A31-82B9719BD9E1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2DA50B3-5350-4978-AD8A-17AC359CC1DD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EFBB762F-6F75-4B9C-9E45-BEAECF979796} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F47197CF-27F4-4694-9DEC-7CDCCD299A46} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\drioton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multiecuscan\Multiecuscan Web Site.lnk -> hxxp://www.multiecuscan.net/

==================== Loaded Modules (Whitelisted) ==============

2016-09-22 20:50 - 2016-09-22 20:50 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 19:01 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-30 19:01 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-04 04:55 - 2015-09-04 04:55 - 00406944 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-30 19:01 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-03 07:45 - 2016-08-03 07:45 - 00959168 _____ () C:\Users\drioton\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-15 18:16 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 07:28 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-12 07:28 - 2016-10-05 11:34 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-10-12 07:29 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-12 07:29 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 07:29 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-12 07:29 - 2016-10-05 11:13 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-12 07:29 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-12 07:29 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-10-18 09:33 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\drioton\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 10.20.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2016 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "PART2W~1"
HKLM\...\StartupApproved\Run32: => "win2"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "IP Hider Ever"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "PART2W~1"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "win2"
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\StartupApproved\Run: => "WarThunderLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A4E5297D-DD65-48CC-8CDB-8EBF83243C67}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E422B7F9-4D1E-43DE-A991-BE3D3C956232}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8FDA6EB4-746F-4F11-BFDB-6EA93C8CD163}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{61377718-50BF-43C6-B43B-CD4E07D4166F}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C56FE05D-9B2D-41C9-A78D-C65B6F3B3902}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C0CC704-5687-44C9-B0B7-C39CE94189F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0AEE5C9A-6EC3-48E6-ACE5-46B5B59E79C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9097161-30F4-4C09-B654-5571983C5AAD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{69008A19-1196-4487-8FFA-D98255FB610F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A96DE92-C8B7-477F-BF33-EEE962C8E37D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{895C71C4-C734-4CF6-BA65-F1AF754C17F5}] => (Allow) E:\Hry\steamapps\common\Emporea\Emporea.exe
FirewallRules: [{DFDAB746-EABF-4900-B25F-B911713E4A35}] => (Allow) E:\Hry\steamapps\common\Emporea\Emporea.exe
FirewallRules: [{FB133894-5658-4865-BB6B-365BB8909319}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{973801A8-D1BF-45EB-859F-020DDFA48D00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EB150C5-8961-4868-9800-9BD5EDC0FDDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FD88920B-EDE4-4BD6-B11E-3F4BF2B575A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4BB9DB0D-5F5F-415F-9DA3-2D5C67E88939}] => (Allow) E:\Hry\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{6B1A5588-72EE-4266-91E1-B3A2E3477954}] => (Allow) E:\Hry\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{FF1613EF-8E8C-4188-A2D9-20BFC46A4DF6}] => (Allow) E:\Hry\World_of_Warships\worldofwarships.exe
FirewallRules: [{89C83F9C-EB69-4B69-8B8A-94811C343BE1}] => (Allow) E:\Hry\World_of_Warships\worldofwarships.exe
FirewallRules: [{6364566A-8380-41EB-8A5E-86F0BCA6F6C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E6E16942-30C1-41CA-BBB9-119F8B697450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E40BB2C4-7BE6-4EE2-A405-3AECBC278F54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{14D9C2EA-F3A2-4748-B596-91BBF3F6B440}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EAF83A0C-C4F7-47C5-B602-9D07D8ACF044}] => (Allow) E:\Hry\WarThunder\launcher.exe
FirewallRules: [{1557DF43-980F-4331-8B40-B1B670FD1BEB}] => (Allow) E:\Hry\WarThunder\launcher.exe
FirewallRules: [TCP Query User{355880A6-E038-4D5D-AC15-6090041DB8E2}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{32987953-21CE-4F73-AFA0-0754E827BE80}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [{2D409EE6-A6AF-4E0A-BB7D-BFF33E26B907}] => (Allow) E:\Hry\World_of_Warplanes\WoWPLauncher.exe
FirewallRules: [{68AAE30C-628C-41B9-AD34-554E9345C16B}] => (Allow) E:\Hry\World_of_Warplanes\WoWPLauncher.exe
FirewallRules: [{9EAE935E-4D27-4F93-9CA9-57F927EF3EDD}] => (Allow) E:\Hry\World_of_Warplanes\worldofwarplanes.exe
FirewallRules: [{50919BA3-DE81-411C-BEE8-C0B936C718A1}] => (Allow) E:\Hry\World_of_Warplanes\worldofwarplanes.exe
FirewallRules: [TCP Query User{D8E76F7E-1A18-4688-A47B-5038A5EFCCE3}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{6FF55C60-3BAB-4850-B0C1-029CEE76857F}E:\hry\warthunder\win64\aces.exe] => (Allow) E:\hry\warthunder\win64\aces.exe
FirewallRules: [{1439B672-0115-44D3-A49F-BB189AC5ACB3}] => (Allow) E:\Hry\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{1C14EEBB-7AF3-44DF-8AC2-9831FD590235}] => (Allow) E:\Hry\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{B94B140A-52CD-4373-9028-074CCB6F8355}] => (Allow) E:\Hry\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{49170A9A-9BF9-4772-9673-EB200FCD5700}] => (Allow) E:\Hry\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{817019B4-3C49-4698-97EA-B6AFBBE3834E}] => (Allow) E:\Hry\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E066BB16-C389-4958-9203-76A56B38425E}] => (Allow) E:\Hry\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3DEB94D4-82D7-40A3-A6B5-D12968A0EB77}] => (Allow) E:\Hry\World_of_Tanks\worldoftanks.exe
FirewallRules: [{910B1A66-0F56-4A01-B4A8-B62256E99DF1}] => (Allow) E:\Hry\World_of_Tanks\worldoftanks.exe
FirewallRules: [{9CAEA2DF-15CE-425F-BBDC-CBEAEBD8E09F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BC94D0F6-C3F5-4E77-8D0E-CEF57DB30175}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{912FFE8D-F274-4732-BD5F-082EBF4C80AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{443B3D01-36B7-45AF-A0D7-5DB38E00885D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE296FBD-DF35-4A00-87A2-F85DF11209D2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FE0D9C5-6DBF-4D20-B297-B1CB536F1717}] => (Allow) LPort=2869
FirewallRules: [{0F991C4F-7BDA-493F-92B2-C13137B95868}] => (Allow) LPort=1900
FirewallRules: [{E0B277D0-0001-4BB3-A64A-1D0967A34A2A}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{EFD638DB-CB39-4292-93D8-364E08F90AF5}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3773FC35-3F93-43A2-81DD-FC3BED8B3BA2}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A3A6E0A5-979A-45E7-A541-B88465C352F8}] => (Allow) E:\Hry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3C275361-7307-4586-9F86-4002D9687416}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe
FirewallRules: [{E3E3E2BC-5E96-4E02-B781-8DD960968229}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{08DE9B94-F002-491E-BD6E-2376E8C6F179}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{73D7EF67-A07D-46EB-9140-B9DF77257112}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{C618267B-0952-4D16-9275-53AF70185F05}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{74F7C826-C7EB-49EE-B7D3-E73B13490EA3}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{58F1AD00-063D-4FFC-91B4-EB539FD6A7A0}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{98CE7145-054F-4A13-A4E6-C9394DF95E0E}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

==================== Restore Points =========================

17-10-2016 16:42:22 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2016 05:45:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (10/18/2016 05:44:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/18/2016 05:44:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (10/18/2016 05:43:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/18/2016 04:51:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WLXTranscode.exe, version: 16.4.3528.331, time stamp: 0x533a3ffb
Faulting module name: igd10iumd32.dll, version: 10.18.15.4279, time stamp: 0x55db7e87
Exception code: 0xc0000005
Fault offset: 0x0012d7bc
Faulting process ID: 0x1ffc
Faulting application start time: 0x01d2294f1dfdaede
Faulting application path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe
Faulting module path: C:\WINDOWS\SYSTEM32\igd10iumd32.dll
Report ID: 4e4aea76-d000-48d8-821c-d6ebd8164303
Faulting package full name:
Faulting package-relative application ID:

Error: (10/18/2016 02:06:36 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/18/2016 02:06:27 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/18/2016 09:45:59 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/18/2016 09:45:25 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/18/2016 12:50:30 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed


System errors:
=============
Error: (10/18/2016 03:33:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ERIKA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EA1822B8-6417-4A10-8421-FE4FD7A005E6}.
The master browser is stopping or an election is being forced.

Error: (10/18/2016 02:07:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (10/18/2016 02:06:28 PM) (Source: DCOM) (EventID: 10010) (User: lenovo)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2016-10-13 08:04:56.690
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:56.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:56.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:56.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:56.566
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:56.554
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:55.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:04:54.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:02:18.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-13 08:02:18.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 6060.36 MB
Available physical RAM: 4292.63 MB
Total Virtual: 12204.36 MB
Available Virtual: 10073.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:28.38 GB) NTFS
Drive e: (Lokálny disk) (Fixed) (Total:833.85 GB) (Free:45.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: 15C6337A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\MountPoints2: {4c80cc57-4e4f-11e6-bb4f-208984f95fec} - "H:\autorun.exe"
SearchScopes: HKU\S-1-5-21-1503572120-3979715750-2530224055-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
C:\ProgramData\DP45977C.lfl
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.


C:\Users\drioton\AppData\Roaming\Windows32--- podívej se , co je v této složce.

[drioton]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by drioton (19-10-2016 09:57:02) Run:1
Running from C:\Users\drioton\Desktop
Loaded Profiles: drioton (Available Profiles: drioton & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\MountPoints2: {4c80cc57-4e4f-11e6-bb4f-208984f95fec} - "H:\autorun.exe"
SearchScopes: HKU\S-1-5-21-1503572120-3979715750-2530224055-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
C:\ProgramData\DP45977C.lfl
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c80cc57-4e4f-11e6-bb4f-208984f95fec}" => key removed successfully
HKCR\CLSID\{4c80cc57-4e4f-11e6-bb4f-208984f95fec} => key not found.
"HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-1503572120-3979715750-2530224055-1000\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com => value removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully
idsvc => service removed successfully
iswSvc => service removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 77732574 B
Java, Flash, Steam htmlcache => 147694202 B
Windows/system/drivers => 344622 B
Edge => 195 B
Chrome => 0 B
Firefox => 387446095 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16294 B
NetworkService => 5888 B
drioton => 2313829776 B
DefaultAppPool => 0 B

RecycleBin => 3700529274 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:57:12 ====

V tom priečinku je PART2W~1.vbs

[Orcus]

Tu "windows32" složku celou smaž:
C:\Users\drioton\AppData\Roaming\Windows32

Co problémy?

[drioton]

Zatiaľ žiadne,vyzerá to byť ok. Ďakujem

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[drioton]

# DelFix v1.013 - Logfile created 19/10/2016 at 22:24:28
# Updated 17/04/2016 by Xplode
# Username : drioton - LENOVO
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #1 [zoek.exe restore point | 10/17/2016 14:42:22]
Deleted : RP #4 [Quik | 10/18/2016 20:14:25]

New restore point created !

########## - EOF - ##########