Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.03.2019 01
Ran by Tom (administrator) on PC-SNOW (10-03-2019 17:29:42)
Running from E:\Downloads
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Programy\ESET\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET, spol. s r.o. -> ESET) C:\Programy\ESET\eguiProxy.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Tom\AppData\Local\FluxSoftware\Flux\flux.exe
() [File not signed] E:\Programy\Keyboard\Monitor.EXE
() [File not signed] E:\Programy\Keyboard\OSD.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Programy\ESET\ecmds.exe [177928 2019-02-27] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Gaming Keyboard] => E:\Programy\Keyboard\Monitor.exe [479232 2014-01-16] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3477891932-1313047034-2647399575-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19407360 2017-03-24] () [File not signed]
HKU\S-1-5-21-3477891932-1313047034-2647399575-1001\...\Run: [f.lux] => C:\Users\Tom\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3477891932-1313047034-2647399575-1001\...\Run: [DAEMON Tools Lite Automount] => E:\Programy\Daemon Tools\DAEMON Tools Lite\DTAgent.exe [4836032 2017-07-03] (Disc Soft Ltd -> Disc Soft Ltd)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3A56CCF2-6C38-4158-8DBE-4B0070E4ACBE}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3477891932-1313047034-2647399575-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Programy\Java\SE 8\bin\ssv.dll [2017-11-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Programy\Java\SE 8\bin\jp2ssv.dll [2017-11-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> E:\Programy\Java\SE 8\bin\dtplugin\npDeployJava1.dll [2017-11-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> E:\Programy\Java\SE 8\bin\plugin2\npjp2.dll [2017-11-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> E:\Programy\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com"
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2019-03-10]
CHR Extension: (Prezentace) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-06]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-02-21]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-06]
CHR Extension: (uBlock Origin) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-02-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-06]
CHR Extension: (Tabulky) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Late Night) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2017-05-06]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-18]
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-12-05]
OPR Extension: (I don't care about cookies) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2019-02-25]
OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2018-07-09]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-03-05]
OPR Extension: (Magic Actions for YouTube™) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2017-05-22]
OPR Extension: (Enhancer for YouTube) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofhehnfmgbgnkjaojifkmebjjgffjaeh [2019-02-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [1633008 2018-08-12] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R2 ekrn; C:\Programy\ESET\ekrn.exe [2359312 2019-02-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Programy\ESET\ekrn.exe [2359312 2019-02-27] (ESET, spol. s r.o. -> ESET)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2017-02-27] (Intel Corporation) [File not signed]
S3 MBAMService; E:\Programy\MalwareBytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d64x64.sys [564216 2017-04-25] (Intel(R) INTELND1617 -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-02-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-02-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-02-27] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2019-03-09] (ESET, spol. s r.o. -> ESET)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-10] (Malwarebytes Corporation -> Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
R3 tap0901t; C:\WINDOWS\system32\DRIVERS\tap0901t.sys [39464 2016-04-27] (Tunngle.net GmbH -> Tunngle.net GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-10 16:09 - 2019-03-10 16:09 - 000024958 _____ C:\Users\Tom\Desktop\FRST2.zip
2019-03-10 15:44 - 2019-03-10 15:45 - 000000000 ____D C:\AdwCleaner
2019-03-10 12:25 - 2019-03-10 12:25 - 000025683 _____ C:\Users\Tom\Desktop\FRST.zip
2019-03-10 12:20 - 2019-03-10 17:29 - 000000000 ____D C:\FRST
2019-03-10 12:20 - 2019-03-10 12:21 - 000058553 _____ C:\Users\Tom\Desktop\Addition.txt
2019-03-10 12:20 - 2019-03-10 12:21 - 000050632 _____ C:\Users\Tom\Desktop\FRST.txt
2019-03-10 12:07 - 2019-03-10 12:07 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-09 19:41 - 2019-03-10 01:00 - 000027648 ___SH C:\Users\Tom\Desktop\Thumbs.db
2019-03-09 18:43 - 2019-03-09 18:43 - 000000000 ____D C:\Users\Tom\AppData\Local\mbamtray
2019-03-09 18:43 - 2019-03-09 18:43 - 000000000 ____D C:\Users\Tom\AppData\Local\mbam
2019-03-09 18:43 - 2019-03-09 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-09 18:43 - 2019-03-09 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-09 18:43 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-09 18:40 - 2019-03-09 18:40 - 000000000 ____D C:\ProgramData\ESET
2019-03-09 18:28 - 2019-03-01 08:14 - 000133432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2019-03-09 18:27 - 2019-03-02 03:31 - 035481992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl64.dll
2019-03-09 18:27 - 2019-03-02 03:31 - 029988272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl32.dll
2019-03-09 18:27 - 2019-03-02 03:31 - 010319696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-03-09 18:27 - 2019-03-02 03:31 - 008784920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-03-09 18:27 - 2019-03-02 03:31 - 000419960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2019-03-09 18:27 - 2019-03-02 03:31 - 000163184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 020687200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 020102416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 017430376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 017148648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 004317080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 001168936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000959544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000915096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000524248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000450648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000182040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000168880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdlistx.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000159480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000147072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvdlist.dll
2019-03-09 18:27 - 2019-03-02 03:30 - 000141568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 020898688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtum64.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 000551624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 000456904 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-03-09 18:27 - 2019-03-01 23:34 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-03-09 18:27 - 2019-03-01 23:34 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-03-09 18:27 - 2019-03-01 23:34 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-03-09 18:27 - 2019-03-01 23:34 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-03-09 18:27 - 2019-03-01 23:33 - 071477352 _____ (NVIDIA Corp.) C:\WINDOWS\system32\nvoptix.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 040336288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 030017440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 020436624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2019-03-09 18:27 - 2019-03-01 23:33 - 004870256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 004340824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 002032032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 001734560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441935.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 001535392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 001468040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441935.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 001464304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 001130400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 000522168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 000419832 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-03-09 18:27 - 2019-03-01 23:33 - 000369000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-03-09 18:27 - 2019-03-01 23:32 - 040234912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-03-09 18:27 - 2019-03-01 23:32 - 035140696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-03-09 18:27 - 2019-03-01 23:32 - 000496384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcbl64.dll
2019-03-09 18:27 - 2019-03-01 11:27 - 000228768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-03-09 18:27 - 2019-03-01 11:27 - 000066792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-03-09 18:27 - 2019-03-01 11:27 - 000047592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-03-09 18:27 - 2019-03-01 11:27 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2019-03-09 18:27 - 2019-03-01 11:27 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2019-03-09 18:21 - 2019-03-09 18:21 - 000001426 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-03-09 18:21 - 2019-03-09 18:21 - 000000020 ___SH C:\Users\Tom\ntuser.ini
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Šablony
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Poslední
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-09 18:20 - 2019-03-09 18:20 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-03-09 18:19 - 2019-03-09 18:19 - 000022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-03-09 18:16 - 2019-03-09 18:16 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-03-09 18:15 - 2019-03-09 18:21 - 000000000 ____D C:\Users\Tom
2019-03-09 18:15 - 2019-03-09 18:19 - 000024768 _____ C:\WINDOWS\diagwrn.xml
2019-03-09 18:15 - 2019-03-09 18:19 - 000024768 _____ C:\WINDOWS\diagerr.xml
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Šablony
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Soubory cookie
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Poslední
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Okolní tiskárny
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Okolní síť
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Nabídka Start
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Dokumenty
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\Data aplikací
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 _SHDL C:\Users\Tom\AppData\Local\Data aplikací
2019-03-09 18:15 - 2019-03-09 18:15 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-03-09 18:15 - 2014-11-21 06:03 - 000000369 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2019-03-09 18:15 - 2014-11-21 06:03 - 000000369 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2019-03-09 18:12 - 2019-03-09 18:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-03-09 18:12 - 2019-03-09 18:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-03-09 18:12 - 2019-03-09 18:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\Program Files\Realtek
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\Program Files\ASUS
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\Program Files (x86)\ASUS
2019-03-09 18:12 - 2019-03-01 08:15 - 005364592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 002625008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 000450872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 000125424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-03-09 18:12 - 2019-03-01 08:15 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-03-09 18:12 - 2019-02-27 17:50 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-03-09 18:12 - 2019-02-26 11:36 - 008514902 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-03-09 18:12 - 2013-07-03 19:32 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2019-03-09 18:12 - 2013-07-03 19:32 - 000015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2019-03-09 18:11 - 2019-03-09 18:21 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-09 18:11 - 2019-03-09 18:11 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
2019-03-09 18:11 - 2019-03-09 18:11 - 000000000 ____D C:\Windows.old
2019-03-09 18:09 - 2019-03-09 18:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-03-09 18:09 - 2019-03-09 18:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-03-09 18:09 - 2019-03-09 18:09 - 000000000 ____D C:\Program Files\MSBuild
2019-03-09 18:09 - 2019-03-09 18:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-03-09 18:09 - 2019-03-09 18:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-03-09 18:08 - 2014-11-21 15:12 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-03-09 18:08 - 2014-11-21 15:12 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-03-09 18:08 - 2014-11-21 15:12 - 000124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-03-09 18:08 - 2014-11-21 15:12 - 000102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-03-09 18:08 - 2014-11-21 15:12 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-03-09 18:08 - 2014-11-21 15:12 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-03-09 17:58 - 2019-03-09 18:04 - 000000000 ___HD C:\$WINDOWS.~BT
2019-03-09 16:09 - 2019-03-09 17:04 - 000170280 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys
2019-03-09 15:52 - 2019-03-09 15:52 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-03-09 11:21 - 2019-03-09 11:21 - 002619392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartupCheckLibrary.dll
2019-03-07 22:38 - 2019-03-07 22:38 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Ndemic Creations
2019-03-07 22:32 - 2019-03-07 22:32 - 000000000 ____D C:\Users\Tom\AppData\Local\Ndemic Creations
2019-03-07 15:30 - 2019-03-09 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-02-27 14:59 - 2019-02-27 14:59 - 000000000 ____D C:\Users\Tom\AppData\Local\Origin
2019-02-27 14:25 - 2019-02-27 14:25 - 000000992 _____ C:\Users\Tom\Desktop\The Sims 4 Seasons.lnk
2019-02-27 14:17 - 2018-04-29 16:27 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-02-27 14:17 - 2018-01-29 00:09 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-02-27 11:27 - 2019-03-09 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2019-02-27 11:27 - 2019-02-27 11:27 - 000000000 ____D C:\Users\Tom\AppData\Roaming\DigitalVolcano
2019-02-24 07:59 - 2019-02-24 07:59 - 000001254 _____ C:\Users\Tom\Desktop\RimWorld.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-10 17:28 - 2017-04-16 18:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-10 17:28 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-10 17:26 - 2017-05-15 15:47 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Temp
2019-03-10 16:13 - 2014-11-21 05:54 - 001748728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-10 16:13 - 2014-11-21 05:10 - 000739580 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-10 16:13 - 2014-11-21 05:10 - 000151742 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-10 16:13 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2019-03-10 15:56 - 2017-04-16 17:34 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3477891932-1313047034-2647399575-1001
2019-03-10 15:56 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-10 15:46 - 2013-08-22 15:44 - 000536456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-10 11:58 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-10 11:51 - 2017-04-21 14:28 - 000000000 ____D C:\Users\Tom\AppData\Local\Adobe
2019-03-09 21:25 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-09 19:30 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2019-03-09 18:45 - 2017-04-16 19:42 - 000000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2019-03-09 18:29 - 2017-04-16 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-03-09 18:29 - 2017-04-16 17:22 - 000000000 ____D C:\Users\Tom\AppData\Local\VirtualStore
2019-03-09 18:22 - 2017-04-16 17:22 - 000000000 ____D C:\Users\Tom\AppData\Local\Packages
2019-03-09 18:20 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\Registration
2019-03-09 18:20 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Windows NT
2019-03-09 18:19 - 2013-08-22 16:36 - 000000000 __RSD C:\WINDOWS\Media
2019-03-09 18:19 - 2013-08-22 16:36 - 000000000 __RHD C:\Users\Public\Libraries
2019-03-09 18:17 - 2018-12-12 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle Mages
2019-03-09 18:17 - 2018-05-21 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2019-03-09 18:17 - 2018-05-21 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-03-09 18:17 - 2018-02-27 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2019-03-09 18:17 - 2017-12-15 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
2019-03-09 18:17 - 2017-11-16 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio
2019-03-09 18:17 - 2017-11-05 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2019-03-09 18:17 - 2017-11-04 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2019-03-09 18:17 - 2017-11-02 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2019-03-09 18:17 - 2017-06-14 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2019-03-09 18:17 - 2017-05-15 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-03-09 18:17 - 2017-04-30 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
2019-03-09 18:17 - 2017-04-30 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2019-03-09 18:17 - 2017-04-26 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-03-09 18:17 - 2017-04-25 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP210 series
2019-03-09 18:17 - 2017-04-21 14:30 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-03-09 18:17 - 2017-04-18 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-03-09 18:17 - 2017-04-17 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-09 18:17 - 2017-04-17 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Keyboard
2019-03-09 18:17 - 2017-04-17 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2019-03-09 18:17 - 2017-04-17 06:51 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-09 18:17 - 2017-04-17 06:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-09 18:17 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-09 18:17 - 2013-08-22 14:25 - 000008192 ___SH C:\WINDOWS\system32\config\ELAM
2019-03-09 18:16 - 2019-02-07 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-09 18:16 - 2018-12-14 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2019-03-09 18:16 - 2018-11-14 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypermax
2019-03-09 18:16 - 2018-03-06 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios
2019-03-09 18:16 - 2018-03-01 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-03-09 18:16 - 2018-01-28 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-03-09 18:16 - 2017-11-30 12:28 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-03-09 18:16 - 2017-04-25 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2019-03-09 18:16 - 2017-04-25 12:31 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2019-03-09 18:16 - 2017-04-17 06:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2019-03-09 18:16 - 2014-11-21 05:34 - 000000000 ____D C:\WINDOWS\ShellNew
2019-03-09 18:16 - 2014-11-21 05:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-03-09 18:16 - 2014-11-21 05:09 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2019-03-09 18:16 - 2014-11-21 05:09 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-03-09 18:16 - 2013-08-22 16:43 - 000000000 ____D C:\WINDOWS\DigitalLocker
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\spool
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\InputMethod
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\IME
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\Help
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\FileManager
2019-03-09 18:16 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-09 18:16 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2019-03-09 18:16 - 2013-08-22 14:36 - 000000000 ____D C:\Users\Default.migrated
2019-03-09 18:15 - 2018-12-03 18:38 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-03-09 18:15 - 2018-11-14 12:23 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hypermax
2019-03-09 18:15 - 2017-12-26 13:41 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-03-09 18:13 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-03-09 18:11 - 2013-08-22 16:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2019-03-09 18:09 - 2014-11-21 06:28 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-03-09 18:09 - 2014-11-21 06:28 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-03-09 18:09 - 2014-11-21 06:28 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-03-09 18:09 - 2014-11-21 06:28 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-03-09 18:09 - 2013-08-22 12:22 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-03-09 18:09 - 2013-08-22 12:22 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-03-09 18:09 - 2013-08-22 12:17 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-03-09 18:09 - 2013-08-22 12:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-03-09 18:09 - 2013-08-22 12:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-03-09 18:09 - 2013-08-22 04:56 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-03-09 18:09 - 2013-08-22 04:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-03-09 18:09 - 2013-08-22 04:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-03-09 18:09 - 2013-08-22 04:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-03-09 18:09 - 2013-08-22 04:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-03-09 17:04 - 2017-04-16 17:38 - 000000000 ____D C:\Programy
2019-03-09 16:35 - 2017-04-16 18:47 - 000000000 ____D C:\Users\Tom\AppData\Local\ElevatedDiagnostics
2019-03-09 16:15 - 2017-04-16 17:43 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-09 16:06 - 2017-04-26 09:11 - 000000000 ____D C:\Users\Tom\AppData\Roaming\vlc
2019-03-09 14:58 - 2019-02-05 13:48 - 000000000 ____D C:\Users\Tom\AppData\Local\LarianLauncher
2019-03-08 23:21 - 2017-11-16 20:11 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Factorio
2019-03-07 22:38 - 2017-04-20 20:18 - 000000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2019-03-07 15:30 - 2018-09-10 18:32 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002468 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 15:30 - 2017-05-15 15:50 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-07 15:30 - 2017-05-15 15:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-04 22:45 - 2017-04-16 17:56 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-02 03:31 - 2018-12-11 21:05 - 037299944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2019-03-02 03:31 - 2018-12-11 21:05 - 032004560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2019-03-02 03:31 - 2018-12-11 21:05 - 000506024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2019-03-02 03:30 - 2018-12-11 21:05 - 004874744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-03-01 11:27 - 2018-12-11 21:05 - 001682392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-03-01 11:27 - 2018-12-11 21:05 - 000047135 _____ C:\WINDOWS\system32\nvinfo.pb
2019-03-01 11:27 - 2017-04-16 18:29 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-02-28 20:30 - 2019-02-07 22:45 - 000001326 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-28 19:20 - 2017-04-16 17:38 - 000003832 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1492360722
2019-02-28 19:20 - 2017-04-16 17:38 - 000000000 ____D C:\Program Files\Opera
2019-02-27 09:59 - 2018-01-19 15:32 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-02-27 09:59 - 2017-03-09 20:55 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-02-27 09:59 - 2017-03-09 20:55 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-02-24 22:53 - 2018-12-03 18:38 - 000000000 ____D C:\Users\Tom\AppData\Roaming\discord
2019-02-24 08:10 - 2017-04-21 14:37 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 16:53 - 2019-01-17 15:31 - 000000087 _____ C:\Users\Tom\Desktop\Nový textový dokument (2).txt
2019-02-14 17:02 - 2017-04-21 14:37 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2017-04-21 15:01 - 2019-01-03 01:21 - 000000600 _____ () C:\Users\Tom\AppData\Roaming\winscp.rnd
2017-11-05 22:18 - 2018-05-29 23:05 - 000000600 _____ () C:\Users\Tom\AppData\Local\PUTTY.RND

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-09 18:11

==================== End of FRST.txt ============================