Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by jura (administrator) on JURA-PC (MSI MS-7788) (10-02-2020 10:46:00)
Running from C:\Users\jura\Downloads
Loaded Profiles: jura (Available Profiles: jura)
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) D:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoUserNameInStartMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoCommonGroups] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoPrinterTabs] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoPrinters] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoFavoritesMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoChangeAnimation] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoChangeKeyboardNavigationIndicators] 0
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\Policies\Explorer: [NoThemesTab] 0
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026F5BEC-BE64-4CA2-8028-8FB16C2EA894} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A1FA701-ECA3-4E6C-A5E3-2525B6457D69} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-11] (Microsoft Corporation) [File not signed]
Task: {20A5398C-33A5-49D4-AF4F-054BF771C18E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28CA2029-25A1-44C9-87BB-7AC241326930} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3082198E-8A2A-4FA0-89EC-B43DD9F9107F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BB8C36C-4977-419A-9B27-52FC9A9742F1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {3C3241FF-D98B-43D4-ADD4-D13E2F469D9A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3FA223B9-2F9E-4DC7-AB74-CF25343538B8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {415027C7-2CB9-482E-99D1-B356559849C7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {47BAD927-5CA5-4BD0-9420-C574896DFE74} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4830B7C6-0A1E-4A18-B170-63CA204D0F71} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4C9F7455-09EE-450B-B3D3-1421BB7949D5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {599E5D00-218A-49A3-85C4-00F05E3CF05E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {69EF663A-A7B8-45C0-8EF5-3D953BDD445F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A394FF2-A0F9-4153-9E2F-C5CA475B8577} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6C9E43D0-7E9B-4E5F-B26C-DA8450C2ABA9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D9DA90E-3FAD-48BF-A283-D9C7237EE494} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {772B6158-EACA-4F98-B196-958B4794AC83} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7CBBEA6E-13A6-40A7-AF3A-E4FE3602B7CE} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-11] (Microsoft Corporation) [File not signed]
Task: {87DC4791-28F7-47B7-BB12-8FA98C2498DC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {99D52067-3559-44B0-9B30-B06610D9ABCA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A43DD4F6-FD39-47F5-956E-E34660685FB7} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {A4883C38-EE50-429D-9B64-DA22D4332810} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB0CDAAE-8668-4CE9-8692-92B20B576266} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B634BFC5-2776-41B5-A0C6-82D7046B6858} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {B859F5E3-219F-456F-A7CE-9C219FC3CDD7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C733EA4A-3B42-4A3D-BD6A-B34021F0CDAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBA2F0D4-14CB-4AA5-84DB-F57F433893CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CFE5DCE5-1323-4396-B230-40C592F50563} - System32\Tasks\{D5AE7165-B81C-4108-A833-5DFE3500605E} => C:\adb\adb.exe [944128 2015-10-09] () [File not signed]
Task: {E571FF74-A425-45C6-BD44-4283B958B0EC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB2F9225-3707-4A45-AD33-A1B3318178A8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECE3CAE1-94A7-430D-9D1D-EA9D8220EA22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F17F1745-4E05-4C9E-92E1-13902B57886F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-02-07] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {F3237095-B392-49C2-8B21-BF46532DC0AB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD898121-3284-41BC-B631-F4138301467B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {FE9641BC-F8AD-485A-98D2-84A94130AE60} - System32\Tasks\{947E77E2-1E7B-4D82-A918-40B8B4D7D3AA} => C:\adb\adb.exe [944128 2015-10-09] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.2 109.81.246.37 109.81.245.2
Tcpip\..\Interfaces\{493e43fa-5d60-4149-9be9-30be2c4d4979}: [DhcpNameServer] 192.168.254.2 109.81.246.37 109.81.245.2

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Edge: 
======
DownloadDir: C:\Users\jura\Downloads

FireFox:
========
FF DefaultProfile: paghz4e2.default-1579895581110
FF ProfilePath: C:\Users\jura\AppData\Roaming\Mozilla\Firefox\Profiles\paghz4e2.default-1579895581110 [2020-02-10]
FF Plugin: @videolan.org/vlc,version=3.0.0-git -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-12-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2020-01-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; d:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cmnxusbser; C:\WINDOWS\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (西安博汇电子科技有限公司 -> Wireless Data Device)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 ISCT; C:\WINDOWS\System32\DRIVERS\ISCTD64.sys [46016 2012-10-22] (Intel(R) Smart Connect software -> )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 10:45 - 2020-02-10 10:45 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-02-10 10:44 - 2020-02-10 10:44 - 000005732 _____ C:\Users\jura\Downloads\Fixlog.txt
2020-02-10 07:18 - 2020-02-10 07:18 - 000002329 _____ C:\Users\jura\Desktop\adw.txt
2020-02-10 07:14 - 2020-02-10 07:14 - 008356016 _____ (Malwarebytes) C:\Users\jura\Downloads\adwcleaner_8.0.2(1).exe
2020-02-10 05:41 - 2020-02-10 05:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-07 13:59 - 2020-02-07 14:06 - 000000000 ____D C:\Program Files\Common Files\AV
2020-02-07 13:59 - 2020-02-07 13:59 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2020-02-07 13:58 - 2020-02-07 14:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-02-07 13:53 - 2020-02-07 13:53 - 000858912 _____ (Malwarebytes) C:\Users\jura\Downloads\mb-clean-3.1.0.1035.exe
2020-02-07 13:39 - 2020-02-07 13:39 - 000000000 ____D C:\Users\jura\AppData\Local\D3DSCache
2020-02-07 13:31 - 2020-02-07 13:31 - 002917312 _____ (Kaspersky) C:\Users\jura\Downloads\kav20.0.14.1085abcdefgen_22591.exe
2020-02-07 07:47 - 2020-02-07 08:00 - 000027169 _____ C:\Users\jura\Downloads\Addition.txt
2020-02-07 07:46 - 2020-02-10 10:46 - 000018864 _____ C:\Users\jura\Downloads\FRST.txt
2020-02-07 07:46 - 2020-02-10 10:46 - 000000000 ____D C:\FRST
2020-02-07 07:45 - 2020-02-07 07:45 - 002279424 _____ (Farbar) C:\Users\jura\Downloads\FRST64.exe
2020-02-06 12:31 - 2020-02-06 12:32 - 000388608 _____ (Trend Micro Inc.) C:\Users\jura\Downloads\HijackThis(2).exe
2020-02-06 12:14 - 2020-02-06 12:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-02-04 13:30 - 2020-02-04 13:30 - 000000000 ____D C:\WINDOWS\Panther
2020-02-04 12:16 - 2020-02-04 12:17 - 024578944 _____ (Piriform Software Ltd) C:\Users\jura\Downloads\ccsetup563.exe
2020-02-04 10:59 - 2020-02-04 10:59 - 000001264 _____ C:\Users\jura\Desktop\Stažené soubory – zástupce.lnk
2020-02-04 10:57 - 2020-02-06 12:50 - 000000000 ____D C:\Users\jura\Downloads\backups
2020-02-04 10:56 - 2020-02-04 10:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\jura\Downloads\HijackThis(1).exe
2020-02-04 07:03 - 2020-02-04 07:03 - 000000000 ____D C:\Users\jura\AppData\Local\mbamtray
2020-02-04 07:03 - 2020-02-04 07:03 - 000000000 ____D C:\Users\jura\AppData\Local\mbam
2020-02-04 07:03 - 2020-02-04 07:03 - 000000000 ____D C:\Users\jura\AppData\Local\cache
2020-02-04 07:01 - 2020-02-04 07:01 - 001924728 _____ (Malwarebytes) C:\Users\jura\Downloads\MBSetup.exe
2020-02-04 06:26 - 2020-02-04 06:26 - 001790024 _____ (Malwarebytes) C:\Users\jura\Downloads\JRT.exe
2020-02-04 06:21 - 2020-02-04 06:22 - 000000000 ____D C:\AdwCleaner
2020-02-04 06:21 - 2020-02-04 06:21 - 008356016 _____ (Malwarebytes) C:\Users\jura\Downloads\adwcleaner_8.0.2.exe
2020-02-03 13:32 - 2020-02-10 10:45 - 000000000 __SHD C:\Users\jura\IntelGraphicsProfiles
2020-02-03 13:07 - 2020-02-07 07:50 - 000000000 ____D C:\Program Files\RogueKiller
2020-02-03 13:07 - 2020-02-04 10:43 - 000000000 ____D C:\ProgramData\RogueKiller
2020-02-03 13:07 - 2020-02-04 07:01 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2020-02-03 13:03 - 2020-02-03 13:04 - 003274480 _____ (Seznam.cz) C:\Users\jura\Downloads\Seznam.cz_30064_2.exe
2020-02-03 13:03 - 2020-02-03 13:03 - 031926992 _____ (Adlice Software ) C:\Users\jura\Downloads\setup.exe
2020-01-31 07:21 - 2020-02-03 14:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-01-31 07:21 - 2020-02-03 13:59 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-01-31 07:21 - 2020-01-31 07:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2020-01-31 07:20 - 2020-01-31 07:20 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\jura\Downloads\spybotsd-2.7.64.0.exe
2020-01-31 07:18 - 2020-01-31 11:42 - 000000000 ____D C:\Users\jura\AppData\Local\FSDART
2020-01-31 07:18 - 2020-01-31 07:20 - 000000000 ____D C:\ProgramData\F-Secure
2020-01-31 07:18 - 2020-01-31 07:18 - 000000000 ____D C:\Users\jura\AppData\Local\F-Secure
2020-01-31 07:12 - 2020-01-31 07:12 - 000388608 _____ (Trend Micro Inc.) C:\Users\jura\Downloads\hijackthis.exe
2020-01-31 07:10 - 2020-01-31 07:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-2586349893-4068352233-4137309774-1000
2020-01-25 20:02 - 2020-01-25 20:02 - 000000000 ____D C:\Users\jura\AppData\Local\PeerDistRepub
2020-01-25 19:55 - 2020-01-25 19:55 - 000000000 ____D C:\Users\jura\AppData\Local\Comms
2020-01-25 19:54 - 2020-02-04 05:43 - 000000000 ___RD C:\Users\jura\OneDrive
2020-01-25 19:54 - 2020-02-03 10:35 - 000000000 ____D C:\ProgramData\Packages
2020-01-25 19:54 - 2020-01-31 11:43 - 000000000 ____D C:\Users\jura\AppData\Local\PlaceholderTileLogoFolder
2020-01-25 19:52 - 2020-01-25 19:52 - 000001450 _____ C:\Users\jura\Desktop\Microsoft Edge.lnk
2020-01-25 19:52 - 2020-01-25 19:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-25 19:48 - 2019-03-18 15:20 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2020-01-25 19:48 - 2019-03-18 15:19 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2020-01-25 19:48 - 2019-03-18 15:07 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2020-01-25 19:48 - 2019-03-18 15:01 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2020-01-25 19:41 - 2020-02-10 07:24 - 001844064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-25 19:38 - 2020-02-03 14:02 - 000000000 ____D C:\Users\jura\AppData\Local\Packages
2020-01-25 19:38 - 2020-01-25 19:38 - 000000020 ___SH C:\Users\jura\ntuser.ini
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 ___RD C:\Users\jura\3D Objects
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 ___HD C:\Users\jura\MicrosoftEdgeBackups
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 ____D C:\Users\jura\AppData\Local\Publishers
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 ____D C:\Users\jura\AppData\Local\MicrosoftEdge
2020-01-25 19:38 - 2020-01-25 19:38 - 000000000 ____D C:\Users\jura\AppData\Local\ConnectedDevicesPlatform
2020-01-25 19:37 - 2020-02-10 10:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-25 19:37 - 2020-02-06 12:16 - 000002563 _____ C:\WINDOWS\diagwrn.xml
2020-01-25 19:37 - 2020-02-06 12:16 - 000001908 _____ C:\WINDOWS\diagerr.xml
2020-01-25 19:37 - 2020-02-04 05:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-25 19:37 - 2020-01-25 19:37 - 000003044 _____ C:\WINDOWS\system32\Tasks\{D5AE7165-B81C-4108-A833-5DFE3500605E}
2020-01-25 19:37 - 2020-01-25 19:37 - 000003044 _____ C:\WINDOWS\system32\Tasks\{947E77E2-1E7B-4D82-A918-40B8B4D7D3AA}
2020-01-25 19:37 - 2020-01-25 19:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2020-01-25 19:35 - 2020-02-03 13:32 - 000000000 ____D C:\Users\jura
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Šablony
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Soubory cookie
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Poslední
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Okolní tiskárny
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Okolní síť
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Nabídka Start
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Dokumenty
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Documents\Obrázky
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Documents\Hudba
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Documents\Filmy
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\Data aplikací
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-01-25 19:35 - 2020-01-25 19:35 - 000000000 _SHDL C:\Users\jura\AppData\Local\Data aplikací
2020-01-25 19:35 - 2020-01-09 22:24 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-25 19:33 - 2020-02-10 10:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-25 19:33 - 2020-01-25 19:36 - 000538520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-25 19:30 - 2020-01-25 19:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-25 19:30 - 2020-01-25 19:30 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2020-01-25 19:29 - 2020-01-25 19:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-25 19:28 - 2020-01-25 19:28 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-01-25 19:27 - 2020-01-25 19:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\WINDOWS\system32\msmq
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\Program Files\MSBuild
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-01-25 19:27 - 2020-01-25 19:27 - 000000000 ____D C:\inetpub
2020-01-25 19:27 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-25 19:27 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-25 19:27 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-25 19:27 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-25 19:27 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-25 19:27 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-25 19:26 - 2019-03-18 19:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2020-01-25 19:26 - 2019-03-18 19:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-01-25 19:26 - 2019-03-18 19:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2020-01-25 19:26 - 2019-03-18 18:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2020-01-25 19:26 - 2019-03-18 18:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2020-01-25 19:26 - 2019-03-01 17:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-01-25 19:26 - 2018-08-09 14:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-01-25 18:23 - 2020-01-25 18:50 - 000000000 ____D C:\ESD
2020-01-25 18:21 - 2020-01-25 18:21 - 000000000 ___HD C:\$Windows.~WS
2020-01-24 21:41 - 2019-12-17 02:18 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2020-01-24 21:41 - 2019-12-17 02:04 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2020-01-24 21:41 - 2019-12-17 01:52 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2020-01-24 21:41 - 2019-12-17 01:45 - 000969216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2020-01-24 21:41 - 2019-12-17 01:36 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2020-01-24 21:41 - 2019-12-17 01:14 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2020-01-24 21:41 - 2019-12-17 01:00 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2020-01-24 20:52 - 2020-01-24 20:52 - 000000000 ____D C:\ProgramData\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 10:45 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-10 10:45 - 2016-11-28 19:38 - 000000000 ____D C:\Users\jura\AppData\LocalLow\Mozilla
2020-02-10 10:44 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-10 07:24 - 2019-03-19 12:57 - 000751458 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-10 07:24 - 2019-03-19 12:57 - 000162934 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-10 07:24 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-10 05:45 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-07 14:25 - 2016-11-28 19:04 - 000000000 ____D C:\Users\jura\AppData\Local\CrashDumps
2020-02-07 14:24 - 2017-01-17 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrovision Corporation
2020-02-07 14:11 - 2009-07-14 03:34 - 000000424 _____ C:\WINDOWS\win.ini
2020-02-07 14:07 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-02-07 14:07 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-02-07 14:02 - 2018-01-28 18:20 - 000000000 ____D C:\AHT2
2020-01-31 07:33 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-01-31 06:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-28 16:38 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-28 16:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-28 16:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2020-01-25 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-25 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-25 19:48 - 2019-03-19 12:59 - 000000000 ____D C:\WINDOWS\OCR
2020-01-25 19:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-25 19:37 - 2019-03-19 05:52 - 000000000 __RSD C:\WINDOWS\Media
2020-01-25 19:37 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-25 19:37 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2020-01-25 19:36 - 2018-12-02 13:17 - 000000000 ____D C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2020-01-25 19:36 - 2018-01-28 18:27 - 000000000 ____D C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HUA TOOLS ALL-in-ONE SETUP
2020-01-25 19:36 - 2016-12-28 16:23 - 000000000 ____D C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-25 19:35 - 2017-04-20 19:30 - 000000000 ____D C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GsmBest Team
2020-01-25 19:35 - 2016-12-28 16:54 - 000000000 ____D C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2020-01-25 19:34 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-25 19:34 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-25 19:34 - 2016-11-28 18:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-01-25 19:34 - 2016-11-28 18:43 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-01-25 19:32 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-25 19:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-25 19:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-25 19:32 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-25 19:32 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-25 19:32 - 2017-12-19 22:31 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2020-01-25 19:32 - 2017-01-24 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingston SSD Manager
2020-01-25 19:32 - 2016-12-28 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot
2020-01-25 19:32 - 2016-12-28 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XiaoMiFlash
2020-01-25 19:32 - 2016-12-28 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-25 19:32 - 2016-11-30 22:37 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-01-25 19:32 - 2016-11-30 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-01-25 19:32 - 2016-11-29 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-25 19:32 - 2016-11-28 19:29 - 000000000 ____D C:\WINDOWS\system32\SPReview
2020-01-25 19:32 - 2016-11-28 19:29 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2020-01-25 19:32 - 2016-11-28 18:36 - 000000000 ____D C:\Program Files\Intel
2020-01-25 19:32 - 2009-07-14 16:37 - 000000000 ____D C:\WINDOWS\ShellNew
2020-01-25 19:32 - 2009-07-14 04:20 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-01-25 19:32 - 2009-07-14 04:20 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\IME
2020-01-25 19:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\schemas
2020-01-25 19:30 - 2017-01-17 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2020-01-25 19:30 - 2017-01-17 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmBest Team
2020-01-25 19:30 - 2016-12-01 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools Software
2020-01-25 19:30 - 2016-11-29 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2020-01-25 19:30 - 2016-11-28 18:43 - 000000000 ____D C:\Program Files\Realtek
2020-01-25 19:30 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2020-01-25 19:27 - 2020-01-09 22:25 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2020-01-25 19:27 - 2020-01-09 22:25 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2020-01-25 19:27 - 2020-01-09 22:25 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2020-01-25 19:27 - 2019-03-19 06:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2020-01-25 19:27 - 2019-03-19 06:00 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2020-01-25 19:27 - 2019-03-19 06:00 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2020-01-25 19:27 - 2019-03-19 06:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2020-01-25 19:27 - 2019-03-19 06:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2020-01-25 19:27 - 2019-03-19 06:00 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2020-01-25 19:27 - 2019-03-19 05:58 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-01-25 19:27 - 2019-03-19 05:58 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2020-01-25 19:27 - 2019-03-19 05:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2020-01-25 19:27 - 2019-03-19 05:58 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2020-01-25 19:27 - 2019-03-19 05:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2020-01-25 19:27 - 2019-03-19 05:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2020-01-25 19:27 - 2019-03-19 05:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2020-01-25 19:27 - 2019-03-19 05:58 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2020-01-25 19:27 - 2019-03-19 05:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2020-01-25 19:27 - 2019-03-19 05:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2020-01-25 19:27 - 2019-03-19 05:58 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2020-01-25 19:27 - 2019-03-19 05:57 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2020-01-25 19:27 - 2019-03-19 05:57 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2020-01-25 19:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-01-25 19:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-01-25 19:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-01-25 19:21 - 2009-07-14 16:36 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-01-25 19:10 - 2009-07-14 05:45 - 000014256 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-25 19:10 - 2009-07-14 05:45 - 000014256 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-24 21:46 - 2017-01-24 16:08 - 001670204 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-01-24 21:11 - 2016-11-28 18:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-24 21:05 - 2016-11-28 18:47 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-24 20:58 - 2016-11-29 17:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-24 20:58 - 2016-11-29 17:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-24 20:52 - 2016-11-28 19:38 - 000000000 ____D C:\Users\jura\AppData\Roaming\Mozilla

==================== Files in the root of some directories ========

2016-11-29 18:00 - 2016-11-29 18:00 - 000007605 _____ () C:\Users\jura\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================