Prosím o kontrolu

Zpráva

Eslop2 · #1 Příspěvek od **Eslop2** » 04 lis 2017 20:07

Zdravím, nejspíš jsem udělal chybu - stáhl a nainstaloval jsem si warez hru (vím, blbost, ale chtěl jsem zavzpomínat na starý časy).
Bezprostředně poté mi začal Chromě při spuštění hlásit chybu v manifest.json a deaktivoval mi AdBlock i uBlock (blokování reklam a sledovacích kódů), přičemž smazání a znova instalace AdBlocku nepomohla. Předpokládám, že jsem si stáhl asi malware. Prosím o kontrolu. Předem moc díky!

Log (v příloze navíc Addition):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by petrb (administrator) on LAPTOP-8D0AFTTH (04-11-2017 19:56:32)
Running from C:\Users\petrb\Desktop
Loaded Profiles: petrb (Available Profiles: petrb)
Platform: Windows 10 Home Version 1709 16299.19 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\System32\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.2.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Spotify Ltd) C:\Users\petrb\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\petrb\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16687112 2016-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1460232 2016-08-16] (Realtek Semiconductor)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [Spotify Web Helper] => C:\Users\petrb\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-29] (Spotify Ltd)
IFEO\utorrent.exe: [Debugger] C:\Program Files\CyberGhost 6\PeLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-11-12]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-11-12]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{3671088b-ca50-4ffd-a6b7-a29a15b18337}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{dbfa56f3-0548-4eeb-9754-ff458d8f2abe}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> DefaultScope {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-29] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-09] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-09] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pg24dyiq.default
FF ProfilePath: C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default [2017-11-04]
FF Extension: (HTTPS Everywhere) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\https-everywhere@eff.org.xpi [2017-03-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-10-08]
FF Extension: (Mozilla Partner Defaults) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\partnerdefaults@mozilla.com [2016-10-08]
FF Extension: (LastPass) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\support@lastpass.com [2017-03-03]
FF Extension: (uBlock Origin) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\uBlock0@raymondhill.net.xpi [2017-03-03]
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-11-12] (LastPass)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-09] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-11-12] (LastPass)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <==== ATTENTION
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default [2017-11-04]
CHR Extension: (Prezentace) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-08]
CHR Extension: (YouTube) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-08]
CHR Extension: (Tabulky) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-10-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-08]
CHR Extension: (Chrome Media Router) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-30]
CHR Extension: (Google Chrome Core) - C:\Users\petrb\AppData\Roaming\extensions\extensions_chrome [2017-11-04]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [480232 2017-01-05] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-29] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-10] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [341992 2017-01-05] (Intel Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26608 2016-07-12] (Intel Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-10] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-10] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-29] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-29] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-22] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-22] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-29] (Intel Corporation)
S3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-10-14] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-10] (Acer Incorporated)
R1 MpKslad0e9904; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E787D038-B1D5-4865-9066-2CC17F46254B}\MpKslad0e9904.sys [58120 2017-11-04] (Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-10] (Acer Incorporated)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337664 2016-07-05] (Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-04 19:56 - 2017-11-04 19:56 - 000017934 _____ C:\Users\petrb\Desktop\FRST.txt
2017-11-04 19:56 - 2017-11-04 19:56 - 000000000 ____D C:\FRST
2017-11-04 19:55 - 2017-11-04 19:55 - 000112640 _____ (forum.viry.cz) C:\Users\petrb\Desktop\FRSTLauncher.exe
2017-11-04 19:49 - 2017-11-04 19:49 - 002403328 _____ (Farbar) C:\Users\petrb\Desktop\FRST64.exe
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\Users\petrb\AppData\Roaming\extensions
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\Users\petrb\AppData\Local\SKIDROW
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\South Park - The Stick of Truth
2017-11-04 19:35 - 2017-11-04 19:37 - 000089682 _____ C:\Program Files (x86)\unins000.dat
2017-11-04 19:35 - 2017-11-04 19:35 - 000720224 _____ C:\Program Files (x86)\unins000.exe
2017-11-04 14:15 - 2017-11-04 14:15 - 000000000 ___HD C:\OneDriveTemp
2017-11-04 14:14 - 2017-11-04 14:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-04 14:13 - 2017-11-04 14:13 - 000000020 ___SH C:\Users\petrb\ntuser.ini
2017-11-04 14:13 - 2017-11-04 14:13 - 000000000 ___RD C:\Users\petrb\3D Objects
2017-11-04 14:13 - 2017-11-04 14:13 - 000000000 ___HD C:\Users\petrb\MicrosoftEdgeBackups
2017-11-04 11:49 - 2017-11-04 11:49 - 000000000 ____D C:\ProgramData\USOShared
2017-11-04 11:46 - 2017-11-04 11:46 - 001784238 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-04 11:41 - 2017-11-04 14:15 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3499997034-3352543508-2471689020-1001
2017-11-04 11:41 - 2017-11-04 11:42 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-04 11:41 - 2017-11-04 11:42 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-04 11:41 - 2017-11-04 11:41 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2017-11-04 11:41 - 2017-11-04 11:41 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2017-11-04 11:41 - 2017-11-04 11:41 - 000003692 _____ C:\WINDOWS\System32\Tasks\AcerCMUpdateTask2.1.16258
2017-11-04 11:41 - 2017-11-04 11:41 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-04 11:41 - 2017-11-04 11:41 - 000003318 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1476012187
2017-11-04 11:41 - 2017-11-04 11:41 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-04 11:41 - 2017-11-04 11:41 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
2017-11-04 11:41 - 2017-11-04 11:41 - 000002760 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2017-11-04 11:41 - 2017-11-04 11:41 - 000002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2017-11-04 11:41 - 2017-11-04 11:41 - 000002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2017-11-04 11:41 - 2017-11-04 11:41 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2017-11-04 11:41 - 2017-11-04 11:41 - 000002256 _____ C:\WINDOWS\System32\Tasks\Power Button
2017-11-04 11:41 - 2017-11-04 11:41 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2017-11-04 11:41 - 2017-11-04 11:41 - 000002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2017-11-04 11:41 - 2017-11-04 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-04 11:37 - 2017-11-04 14:29 - 000000000 ____D C:\Users\petrb\AppData\Local\Packages
2017-11-04 11:37 - 2017-11-04 14:13 - 000000000 ____D C:\Users\petrb
2017-11-04 11:37 - 2017-11-04 11:37 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Šablony
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Soubory cookie
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Poslední
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Okolní tiskárny
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Okolní síť
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Nabídka Start
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Dokumenty
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Obrázky
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Hudba
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Filmy
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Data aplikací
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\AppData\Local\Data aplikací
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\ProgramData\Dolby
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\Program Files\Dolby
2017-11-04 11:35 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-04 11:35 - 2017-01-05 03:11 - 000113680 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-11-04 11:35 - 2017-01-05 03:11 - 000104464 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-11-04 11:34 - 2017-11-04 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-04 11:34 - 2017-11-04 11:39 - 000389312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-04 11:33 - 2017-11-04 11:43 - 000000000 ____D C:\Windows.old
2017-11-04 11:31 - 2017-11-04 11:33 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-04 11:30 - 2017-11-04 11:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-04 11:29 - 2017-11-04 11:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-04 11:28 - 2017-11-04 11:28 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 023664128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 021752832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 019343360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 018913792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 017080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 008592280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 008097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 006032896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 004744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003681280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003312432 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002474080 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001633744 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001528912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 001165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000045976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-04 11:25 - 2017-11-04 11:27 - 000000000 ___SD C:\WINDOWS\system32\lxss
2017-11-04 11:25 - 2017-11-04 11:25 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-04 11:25 - 2017-11-04 11:25 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files\MSBuild
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-02 19:20 - 2017-11-02 19:32 - 000000000 ____D C:\Users\petrb\Downloads\South Park - The Stick of Truth
2017-11-02 17:25 - 2017-11-04 14:13 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-28 11:24 - 2017-10-28 11:24 - 000000000 ____D C:\Users\petrb\Downloads\_tmp
2017-10-27 18:33 - 2017-10-27 18:33 - 000000850 _____ C:\Users\petrb\Desktop\prace.txt
2017-10-27 18:22 - 2017-10-27 18:22 - 000049995 _____ C:\Users\petrb\Downloads\Lucifer.S02E12.720p.HDTV.X264-DIMENSION.srt
2017-10-27 18:21 - 2017-10-27 18:31 - 856547997 _____ C:\Users\petrb\Downloads\Lucifer.S02E12.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-10-27 18:20 - 2017-10-27 18:20 - 000054862 _____ C:\Users\petrb\Downloads\Lucifer.S02E11.720p.HDTV.X264-DIMENSION (+LOL).srt
2017-10-27 18:19 - 2017-10-27 18:32 - 794275683 _____ C:\Users\petrb\Downloads\Lucifer.S02E11.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-10-27 17:33 - 2017-10-27 18:18 - 000000000 ____D C:\Users\petrb\Downloads\Lucifer.S02E10.720p.HDTV.X264-DIMENSION[ettv]
2017-10-26 17:41 - 2017-10-26 17:41 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-26 17:41 - 2017-10-26 17:41 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Team 17 Digital ltd_
2017-10-26 17:40 - 2017-11-04 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Escapists 2
2017-10-26 17:28 - 2017-10-26 17:31 - 000000000 ____D C:\Users\petrb\Downloads\plaza-the.escapists.2
2017-10-25 19:39 - 2017-10-25 19:39 - 000426470 _____ C:\Users\petrb\Downloads\životopis.pdf
2017-10-25 19:35 - 2017-10-25 19:44 - 000426394 _____ C:\Users\petrb\Documents\životopis.pdf
2017-10-25 18:35 - 2017-10-25 18:35 - 000426641 _____ C:\Users\petrb\Downloads\subtle-creativity.pdf
2017-10-22 17:17 - 2017-10-22 17:17 - 000055218 _____ C:\Users\petrb\Downloads\Lucifer.S01E02.HDTV.x264-LOL (+720 DIMENSION).srt
2017-10-22 17:17 - 2017-10-22 17:17 - 000053203 _____ C:\Users\petrb\Downloads\Lucifer.S01E01.hdtv-lol (+720 DIMENSION).srt
2017-10-11 17:10 - 2017-10-11 17:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-07 10:30 - 2017-10-07 10:30 - 000000000 ____D C:\Program Files (x86)\Amazon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-04 19:45 - 2016-11-20 17:03 - 000000000 ____D C:\Hry
2017-11-04 19:45 - 2016-10-09 12:23 - 000001424 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2017-11-04 19:45 - 2016-10-08 11:51 - 000002544 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-04 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-04 19:38 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-04 19:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-04 19:37 - 2017-08-13 16:17 - 000000000 ____D C:\Users\petrb\Documents\My Games
2017-11-04 19:37 - 2016-10-08 12:12 - 000000000 ____D C:\Users\petrb\AppData\Local\Spotify
2017-11-04 19:08 - 2016-10-08 12:11 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Spotify
2017-11-04 18:29 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-04 18:29 - 2016-11-12 10:23 - 000000000 ____D C:\Users\petrb\AppData\Local\CyberGhost
2017-11-04 14:19 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-04 14:15 - 2016-10-08 11:46 - 000002395 _____ C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 14:15 - 2016-10-08 11:46 - 000000000 __RDL C:\Users\petrb\OneDrive
2017-11-04 14:13 - 2016-10-08 11:44 - 000000000 __SHD C:\Users\petrb\IntelGraphicsProfiles
2017-11-04 14:13 - 2016-10-08 11:44 - 000000000 ____D C:\Users\petrb\AppData\Local\TileDataLayer
2017-11-04 14:13 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-04 11:49 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-04 11:46 - 2017-09-30 15:31 - 000757380 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-04 11:46 - 2017-09-30 15:31 - 000152604 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-04 11:46 - 2016-10-09 12:22 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-04 11:43 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-11-04 11:42 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-04 11:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-11-04 11:41 - 2016-10-14 15:26 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-04 11:41 - 2016-10-08 11:51 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-04 11:39 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-11-04 11:39 - 2017-02-05 18:32 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.UK
2017-11-04 11:39 - 2016-11-12 10:57 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2017-11-04 11:38 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-04 11:36 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-04 11:36 - 2017-05-21 11:42 - 001785989 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\ProgramData\rtkSSTSetting
2017-11-04 11:35 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-04 11:35 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files\Elantech
2017-11-04 11:34 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-04 11:33 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-04 11:33 - 2017-09-22 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-11-04 11:33 - 2017-08-16 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-11-04 11:33 - 2017-08-16 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2017-11-04 11:33 - 2017-08-14 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-11-04 11:33 - 2017-08-14 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-11-04 11:33 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files\Intel
2017-11-04 11:33 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-04 11:33 - 2017-05-08 18:18 - 000000000 ____D C:\Program Files\UNP
2017-11-04 11:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-04 11:33 - 2017-02-11 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-11-04 11:33 - 2016-11-20 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyranny [GOG.com]
2017-11-04 11:33 - 2016-11-12 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2017-11-04 11:33 - 2016-11-12 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-11-04 11:33 - 2016-10-25 20:49 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2017-11-04 11:33 - 2016-10-14 21:48 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2017-11-04 11:33 - 2016-10-12 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-11-04 11:33 - 2016-10-09 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-04 11:33 - 2016-10-09 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-04 11:33 - 2016-10-08 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-04 11:33 - 2016-10-08 11:40 - 000000000 ____D C:\WINDOWS\oem
2017-11-04 11:33 - 2016-08-10 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-11-04 11:33 - 2016-04-01 20:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-11-04 11:33 - 2016-04-01 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-11-04 11:31 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\OCR
2017-11-04 11:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-04 11:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 11:31 - 2017-05-21 11:42 - 000000000 ____D C:\Program Files\Realtek
2017-11-04 11:31 - 2016-10-25 20:49 - 000000000 ___RD C:\WINDOWS\WebManagement
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-11-04 11:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-11-04 11:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2017-11-04 11:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-11-04 11:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-11-04 11:13 - 2016-11-12 12:26 - 000000000 ____D C:\Users\petrb\AppData\Roaming\qBittorrent
2017-10-29 18:25 - 2016-10-09 14:06 - 000000000 ____D C:\projekty
2017-10-29 08:42 - 2016-08-10 00:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-27 22:34 - 2016-10-09 18:45 - 000000000 ____D C:\Users\petrb\AppData\Roaming\vlc
2017-10-23 17:07 - 2017-01-01 00:10 - 000000000 ____D C:\Users\petrb\Downloads\Rocky (1976)
2017-10-22 15:46 - 2016-10-12 18:23 - 000000000 ____D C:\Users\petrb\Documents\tmp
2017-10-22 09:58 - 2017-02-03 16:08 - 731862656 _____ C:\WINDOWS\MEMORY.DMP
2017-10-13 19:08 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 19:08 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 17:12 - 2016-10-08 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 17:10 - 2016-10-08 12:34 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-07 10:30 - 2017-03-03 17:04 - 000002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk

==================== Files in the root of some directories =======

2017-11-04 19:35 - 2017-11-04 19:37 - 000089682 _____ () C:\Program Files (x86)\unins000.dat
2017-11-04 19:35 - 2017-11-04 19:35 - 000720224 _____ () C:\Program Files (x86)\unins000.exe
2016-11-12 10:58 - 2016-11-12 10:58 - 021874200 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-10-09 12:00 - 2017-08-08 12:26 - 000000600 _____ () C:\Users\petrb\AppData\Roaming\winscp.rnd
2017-04-21 16:15 - 2017-04-21 16:15 - 000003348 _____ () C:\Users\petrb\AppData\Local\recently-used.xbel
2016-10-09 12:05 - 2016-10-09 12:05 - 000000017 _____ () C:\Users\petrb\AppData\Local\resmon.resmoncfg
2017-05-21 11:42 - 2017-05-21 11:42 - 000000000 _____ () C:\ProgramData\DP45977C.lfl
2017-05-21 11:42 - 2017-05-21 11:42 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-04 11:34

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:237.87 GB) (Free:73.66 GB) NTFS

Available physical RAM: 4982.25 MB
Total physical RAM: 8072.91 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 238.5 GB) (Disk ID: CCC0DF99)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\petrb\Desktop" je 2 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 04 lis 2017 20:12

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Eslop2 · #3 Příspěvek od **Eslop2** » 04 lis 2017 20:28

Provedeno. Přikládám log:
# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 04 19:25:19 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\DriverSetupUtility
Deleted: C:\Program Files\DriverSetupUtility
Deleted: C:\Users\All Users\DriverSetupUtility
Deleted: C:\Users\Public\Pokki
Deleted: C:\Program Files\Booking.com

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted: [Key] - HKCU\SOFTWARE\Classes\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3601 B] - [2017/11/4 19:24:36]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#4 Příspěvek od **Rudy** » 04 lis 2017 20:59

Dejte nový log FRST.

Eslop2 · #5 Příspěvek od **Eslop2** » 04 lis 2017 21:27

Přikládám log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by petrb (administrator) on LAPTOP-8D0AFTTH (04-11-2017 21:26:36)
Running from C:\Users\petrb\Desktop
Loaded Profiles: petrb (Available Profiles: petrb)
Platform: Windows 10 Home Version 1709 16299.19 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Spotify Ltd) C:\Users\petrb\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.2.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\petrb\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16687112 2016-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1460232 2016-08-16] (Realtek Semiconductor)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\...\Run: [Spotify Web Helper] => C:\Users\petrb\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-29] (Spotify Ltd)
IFEO\utorrent.exe: [Debugger] C:\Program Files\CyberGhost 6\PeLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-11-12]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-11-12]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{3671088b-ca50-4ffd-a6b7-a29a15b18337}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{dbfa56f3-0548-4eeb-9754-ff458d8f2abe}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> DefaultScope {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-29] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-09] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-09] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pg24dyiq.default
FF ProfilePath: C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default [2017-11-04]
FF Extension: (HTTPS Everywhere) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\https-everywhere@eff.org.xpi [2017-03-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-10-08]
FF Extension: (Mozilla Partner Defaults) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\partnerdefaults@mozilla.com [2016-10-08]
FF Extension: (LastPass) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\support@lastpass.com [2017-03-03]
FF Extension: (uBlock Origin) - C:\Users\petrb\AppData\Roaming\Mozilla\Firefox\Profiles\pg24dyiq.default\Extensions\uBlock0@raymondhill.net.xpi [2017-03-03]
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-11-12] (LastPass)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-09] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-11-12] (LastPass)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <==== ATTENTION
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default [2017-11-04]
CHR Extension: (Prezentace) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-08]
CHR Extension: (YouTube) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-08]
CHR Extension: (Tabulky) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-10-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-08]
CHR Extension: (Chrome Media Router) - C:\Users\petrb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-30]
CHR Extension: (Google Chrome Core) - C:\Users\petrb\AppData\Roaming\extensions\extensions_chrome [2017-11-04]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [480232 2017-01-05] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-29] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-10] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [341992 2017-01-05] (Intel Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26608 2016-07-12] (Intel Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-10] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-10] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-29] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-29] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-22] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-22] (Disc Soft Ltd)
S1 edkessto; C:\WINDOWS\system32\drivers\edkessto.sys [72816 2017-11-04] (Microsoft Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-29] (Intel Corporation)
S3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-10-14] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-10] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-10] (Acer Incorporated)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337664 2016-07-05] (Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-04 21:26 - 2017-11-04 21:26 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\edkessto.sys
2017-11-04 21:26 - 2017-11-04 21:26 - 000029696 _____ C:\Users\petrb\AppData\Local\MSGBOX.EXE
2017-11-04 21:26 - 2017-11-04 21:26 - 000015327 _____ C:\Users\petrb\Desktop\LM.bat
2017-11-04 20:25 - 2017-11-04 20:25 - 000003601 _____ C:\Users\petrb\Desktop\AdwCleaner[S0].txt
2017-11-04 20:23 - 2017-11-04 20:24 - 000000000 ____D C:\AdwCleaner
2017-11-04 20:23 - 2017-11-04 20:23 - 008261584 _____ (Malwarebytes) C:\Users\petrb\Desktop\adwcleaner_7.0.4.0.exe
2017-11-04 20:07 - 2017-11-04 20:07 - 000010251 _____ C:\Users\petrb\Desktop\Addition.zip
2017-11-04 19:56 - 2017-11-04 21:26 - 000018124 _____ C:\Users\petrb\Desktop\FRST.txt
2017-11-04 19:56 - 2017-11-04 21:26 - 000000000 ____D C:\FRST
2017-11-04 19:55 - 2017-11-04 19:55 - 000112640 _____ (forum.viry.cz) C:\Users\petrb\Desktop\FRSTLauncher.exe
2017-11-04 19:49 - 2017-11-04 19:49 - 002403328 _____ (Farbar) C:\Users\petrb\Desktop\FRST64.exe
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\Users\petrb\AppData\Roaming\extensions
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\Users\petrb\AppData\Local\SKIDROW
2017-11-04 19:37 - 2017-11-04 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\South Park - The Stick of Truth
2017-11-04 19:35 - 2017-11-04 19:37 - 000089682 _____ C:\Program Files (x86)\unins000.dat
2017-11-04 19:35 - 2017-11-04 19:35 - 000720224 _____ C:\Program Files (x86)\unins000.exe
2017-11-04 14:15 - 2017-11-04 14:15 - 000000000 ___HD C:\OneDriveTemp
2017-11-04 14:14 - 2017-11-04 14:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-04 14:13 - 2017-11-04 14:13 - 000000020 ___SH C:\Users\petrb\ntuser.ini
2017-11-04 14:13 - 2017-11-04 14:13 - 000000000 ___RD C:\Users\petrb\3D Objects
2017-11-04 14:13 - 2017-11-04 14:13 - 000000000 ___HD C:\Users\petrb\MicrosoftEdgeBackups
2017-11-04 11:49 - 2017-11-04 11:49 - 000000000 ____D C:\ProgramData\USOShared
2017-11-04 11:46 - 2017-11-04 20:30 - 001816024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-04 11:41 - 2017-11-04 20:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-04 11:41 - 2017-11-04 14:15 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3499997034-3352543508-2471689020-1001
2017-11-04 11:41 - 2017-11-04 11:42 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-04 11:41 - 2017-11-04 11:42 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-04 11:41 - 2017-11-04 11:41 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2017-11-04 11:41 - 2017-11-04 11:41 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2017-11-04 11:41 - 2017-11-04 11:41 - 000003692 _____ C:\WINDOWS\System32\Tasks\AcerCMUpdateTask2.1.16258
2017-11-04 11:41 - 2017-11-04 11:41 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-04 11:41 - 2017-11-04 11:41 - 000003318 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1476012187
2017-11-04 11:41 - 2017-11-04 11:41 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-04 11:41 - 2017-11-04 11:41 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
2017-11-04 11:41 - 2017-11-04 11:41 - 000002760 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2017-11-04 11:41 - 2017-11-04 11:41 - 000002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2017-11-04 11:41 - 2017-11-04 11:41 - 000002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2017-11-04 11:41 - 2017-11-04 11:41 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2017-11-04 11:41 - 2017-11-04 11:41 - 000002256 _____ C:\WINDOWS\System32\Tasks\Power Button
2017-11-04 11:41 - 2017-11-04 11:41 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2017-11-04 11:41 - 2017-11-04 11:41 - 000002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2017-11-04 11:37 - 2017-11-04 14:29 - 000000000 ____D C:\Users\petrb\AppData\Local\Packages
2017-11-04 11:37 - 2017-11-04 14:13 - 000000000 ____D C:\Users\petrb
2017-11-04 11:37 - 2017-11-04 11:37 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Šablony
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Soubory cookie
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Poslední
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Okolní tiskárny
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Okolní síť
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Nabídka Start
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Dokumenty
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Obrázky
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Hudba
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Documents\Filmy
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\Data aplikací
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-11-04 11:37 - 2017-11-04 11:37 - 000000000 _SHDL C:\Users\petrb\AppData\Local\Data aplikací
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\ProgramData\Dolby
2017-11-04 11:36 - 2017-11-04 11:36 - 000000000 ____D C:\Program Files\Dolby
2017-11-04 11:35 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-04 11:35 - 2017-01-05 03:11 - 000113680 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-11-04 11:35 - 2017-01-05 03:11 - 000104464 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-11-04 11:34 - 2017-11-04 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-04 11:34 - 2017-11-04 11:39 - 000389312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-04 11:33 - 2017-11-04 11:43 - 000000000 ____D C:\Windows.old
2017-11-04 11:31 - 2017-11-04 11:33 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-04 11:30 - 2017-11-04 11:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-04 11:29 - 2017-11-04 11:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-04 11:28 - 2017-11-04 11:28 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 023664128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 021752832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 019343360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 018913792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 017080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 008592280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 008097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 006032896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 004744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003681280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 003312432 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002474080 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001633744 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001528912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 001165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-04 11:28 - 2017-11-04 11:28 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000045976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-04 11:28 - 2017-11-04 11:28 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-04 11:28 - 2017-11-04 11:28 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-04 11:25 - 2017-11-04 11:27 - 000000000 ___SD C:\WINDOWS\system32\lxss
2017-11-04 11:25 - 2017-11-04 11:25 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-04 11:25 - 2017-11-04 11:25 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-04 11:25 - 2017-11-04 11:25 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files\MSBuild
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-04 11:25 - 2017-11-04 11:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-02 19:20 - 2017-11-02 19:32 - 000000000 ____D C:\Users\petrb\Downloads\South Park - The Stick of Truth
2017-11-02 17:25 - 2017-11-04 14:13 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-28 11:24 - 2017-10-28 11:24 - 000000000 ____D C:\Users\petrb\Downloads\_tmp
2017-10-27 18:33 - 2017-10-27 18:33 - 000000850 _____ C:\Users\petrb\Desktop\prace.txt
2017-10-27 18:22 - 2017-10-27 18:22 - 000049995 _____ C:\Users\petrb\Downloads\Lucifer.S02E12.720p.HDTV.X264-DIMENSION.srt
2017-10-27 18:21 - 2017-10-27 18:31 - 856547997 _____ C:\Users\petrb\Downloads\Lucifer.S02E12.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-10-27 18:20 - 2017-10-27 18:20 - 000054862 _____ C:\Users\petrb\Downloads\Lucifer.S02E11.720p.HDTV.X264-DIMENSION (+LOL).srt
2017-10-27 18:19 - 2017-10-27 18:32 - 794275683 _____ C:\Users\petrb\Downloads\Lucifer.S02E11.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-10-27 17:33 - 2017-10-27 18:18 - 000000000 ____D C:\Users\petrb\Downloads\Lucifer.S02E10.720p.HDTV.X264-DIMENSION[ettv]
2017-10-26 17:41 - 2017-10-26 17:41 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-26 17:41 - 2017-10-26 17:41 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Team 17 Digital ltd_
2017-10-26 17:40 - 2017-11-04 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Escapists 2
2017-10-26 17:28 - 2017-10-26 17:31 - 000000000 ____D C:\Users\petrb\Downloads\plaza-the.escapists.2
2017-10-25 19:39 - 2017-10-25 19:39 - 000426470 _____ C:\Users\petrb\Downloads\životopis.pdf
2017-10-25 19:35 - 2017-10-25 19:44 - 000426394 _____ C:\Users\petrb\Documents\životopis.pdf
2017-10-25 18:35 - 2017-10-25 18:35 - 000426641 _____ C:\Users\petrb\Downloads\subtle-creativity.pdf
2017-10-22 17:17 - 2017-10-22 17:17 - 000055218 _____ C:\Users\petrb\Downloads\Lucifer.S01E02.HDTV.x264-LOL (+720 DIMENSION).srt
2017-10-22 17:17 - 2017-10-22 17:17 - 000053203 _____ C:\Users\petrb\Downloads\Lucifer.S01E01.hdtv-lol (+720 DIMENSION).srt
2017-10-11 17:10 - 2017-10-11 17:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-07 10:30 - 2017-10-07 10:30 - 000000000 ____D C:\Program Files (x86)\Amazon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-04 20:30 - 2017-09-30 15:31 - 000773434 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-04 20:30 - 2017-09-30 15:31 - 000157244 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-04 20:27 - 2016-10-08 11:46 - 000000000 __RDL C:\Users\petrb\OneDrive
2017-11-04 20:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-04 20:25 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-11-04 20:25 - 2016-10-08 11:44 - 000000000 __SHD C:\Users\petrb\IntelGraphicsProfiles
2017-11-04 19:45 - 2016-11-20 17:03 - 000000000 ____D C:\Hry
2017-11-04 19:45 - 2016-10-09 12:23 - 000001424 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2017-11-04 19:45 - 2016-10-08 11:51 - 000002544 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-04 19:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-04 19:38 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-04 19:37 - 2017-08-13 16:17 - 000000000 ____D C:\Users\petrb\Documents\My Games
2017-11-04 19:37 - 2016-10-08 12:12 - 000000000 ____D C:\Users\petrb\AppData\Local\Spotify
2017-11-04 19:08 - 2016-10-08 12:11 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Spotify
2017-11-04 18:29 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-04 18:29 - 2016-11-12 10:23 - 000000000 ____D C:\Users\petrb\AppData\Local\CyberGhost
2017-11-04 14:19 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-04 14:15 - 2016-10-08 11:46 - 000002395 _____ C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 14:13 - 2016-10-08 11:44 - 000000000 ____D C:\Users\petrb\AppData\Local\TileDataLayer
2017-11-04 14:13 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-04 11:49 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-04 11:46 - 2016-10-09 12:22 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-04 11:43 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-11-04 11:42 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-04 11:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-11-04 11:41 - 2016-10-14 15:26 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-04 11:41 - 2016-10-08 11:51 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-04 11:39 - 2017-02-05 18:32 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.UK
2017-11-04 11:39 - 2016-11-12 10:57 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2017-11-04 11:38 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-04 11:36 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-04 11:36 - 2017-05-21 11:42 - 001785989 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-11-04 11:36 - 2017-05-21 11:42 - 000000000 ____D C:\ProgramData\rtkSSTSetting
2017-11-04 11:35 - 2017-05-21 11:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-04 11:35 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files\Elantech
2017-11-04 11:34 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-04 11:33 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-04 11:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-04 11:33 - 2017-09-22 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-11-04 11:33 - 2017-08-16 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-11-04 11:33 - 2017-08-16 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2017-11-04 11:33 - 2017-08-14 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-11-04 11:33 - 2017-08-14 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-11-04 11:33 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files\Intel
2017-11-04 11:33 - 2017-05-21 11:41 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-04 11:33 - 2017-05-08 18:18 - 000000000 ____D C:\Program Files\UNP
2017-11-04 11:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-04 11:33 - 2017-02-11 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-11-04 11:33 - 2016-11-20 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyranny [GOG.com]
2017-11-04 11:33 - 2016-11-12 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2017-11-04 11:33 - 2016-11-12 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-11-04 11:33 - 2016-10-25 20:49 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2017-11-04 11:33 - 2016-10-14 21:48 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2017-11-04 11:33 - 2016-10-12 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-11-04 11:33 - 2016-10-09 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-04 11:33 - 2016-10-09 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-04 11:33 - 2016-10-08 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-04 11:33 - 2016-10-08 11:40 - 000000000 ____D C:\WINDOWS\oem
2017-11-04 11:33 - 2016-08-10 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-11-04 11:33 - 2016-04-01 20:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-11-04 11:33 - 2016-04-01 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-11-04 11:31 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\OCR
2017-11-04 11:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-04 11:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 11:31 - 2017-05-21 11:42 - 000000000 ____D C:\Program Files\Realtek
2017-11-04 11:31 - 2016-10-25 20:49 - 000000000 ___RD C:\WINDOWS\WebManagement
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-11-04 11:29 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-11-04 11:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-11-04 11:27 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-04 11:27 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-11-04 11:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2017-11-04 11:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-11-04 11:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-11-04 11:13 - 2016-11-12 12:26 - 000000000 ____D C:\Users\petrb\AppData\Roaming\qBittorrent
2017-10-29 18:25 - 2016-10-09 14:06 - 000000000 ____D C:\projekty
2017-10-29 08:42 - 2016-08-10 00:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-27 22:34 - 2016-10-09 18:45 - 000000000 ____D C:\Users\petrb\AppData\Roaming\vlc
2017-10-23 17:07 - 2017-01-01 00:10 - 000000000 ____D C:\Users\petrb\Downloads\Rocky (1976)
2017-10-22 15:46 - 2016-10-12 18:23 - 000000000 ____D C:\Users\petrb\Documents\tmp
2017-10-22 09:58 - 2017-02-03 16:08 - 731862656 _____ C:\WINDOWS\MEMORY.DMP
2017-10-13 19:08 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 19:08 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 17:12 - 2016-10-08 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 17:10 - 2016-10-08 12:34 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-07 10:30 - 2017-03-03 17:04 - 000002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk

==================== Files in the root of some directories =======

2017-11-04 19:35 - 2017-11-04 19:37 - 000089682 _____ () C:\Program Files (x86)\unins000.dat
2017-11-04 19:35 - 2017-11-04 19:35 - 000720224 _____ () C:\Program Files (x86)\unins000.exe
2016-11-12 10:58 - 2016-11-12 10:58 - 021874200 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-10-09 12:00 - 2017-08-08 12:26 - 000000600 _____ () C:\Users\petrb\AppData\Roaming\winscp.rnd
2017-11-04 21:26 - 2017-11-04 21:26 - 000029696 _____ () C:\Users\petrb\AppData\Local\MSGBOX.EXE
2017-04-21 16:15 - 2017-04-21 16:15 - 000003348 _____ () C:\Users\petrb\AppData\Local\recently-used.xbel
2016-10-09 12:05 - 2016-10-09 12:05 - 000000017 _____ () C:\Users\petrb\AppData\Local\resmon.resmoncfg
2017-05-21 11:42 - 2017-05-21 11:42 - 000000000 _____ () C:\ProgramData\DP45977C.lfl
2017-05-21 11:42 - 2017-05-21 11:42 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-04 11:34

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 04 lis 2017 21:59

Otevřte poznámkový blok a zkopírujte do něj:

Start
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> DefaultScope {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
CHR dev: Chrome dev build detected! <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Eslop2 · #7 Příspěvek od **Eslop2** » 05 lis 2017 08:14

Přikládám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by petrb (05-11-2017 08:11:23) Run:1
Running from C:\Users\petrb\Desktop
Loaded Profiles: petrb (Available Profiles: petrb)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> DefaultScope {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
SearchScopes: HKU\S-1-5-21-3499997034-3352543508-2471689020-1001 -> {4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} URL =
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-11-12] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-11-12] (LastPass)
CHR dev: Chrome dev build detected! <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3499997034-3352543508-2471689020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} => key removed successfully
HKLM\Software\Classes\CLSID\{4B1C418C-E8E6-4B4B-89CA-C33F05750AEE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E} => key removed successfully
HKLM\Software\Classes\CLSID\{95D9ECF5-2A4D-4550-BE49-70D42F71296E} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95D9ECF5-2A4D-4550-BE49-70D42F71296E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value removed successfully
HKLM\Software\Classes\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => key removed successfully
CHR dev: Chrome dev build detected! <==== ATTENTION => Error: No automatic fix found for this entry.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16997840 B
Java, Flash, Steam htmlcache => 510963135 B
Windows/system/drivers => 5058036 B
Edge => 13284716 B
Chrome => 773698990 B
Firefox => 19002139 B
Opera => 35548421 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 9176 B
petrb => 6979577 B

RecycleBin => 14752499377 B
EmptyTemp: => 15 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:11:49 ====

#8 Příspěvek od **Rudy** » 05 lis 2017 11:16

Smazáno. Log by již měl být OK.

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu